Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

windows update error, can't search, sfc scannow issue, constant po

Started by portillos , Oct 28 2022 08:21 AM

  • Please log in to reply

#1
portillos
Posted 28 October 2022 - 08:21 AM

portillos

    Member

  • Member
  • PipPip
  • 37 posts

Hi Geeks to go,

 

Working on my daughter's laptop and seeing the following symptoms:

- single click on start button then typing, does not recognize (I typically search this way on my pc)

- bring up file explorer, search bar does not allow cursor or typing within the field. 

- Windows update has two pending updates but fails on install with error 0x80070026

- popups appear in right margin somewhat randomly.  PC has Avast installed

- sfc /scannow finished with a message that said some corrupt files could not be fixed. 

- windows troubleshoot option appears to be missing.  I could reach the troubleshoot window but saw no button to press.

 

I ran CCleaner, it deleted some stuff but that's about it.  My efforts have been focused on trying to get the windows updates completed.

 

Any help you could provide would be greatly appreciated and I'd be happy to donate some $$ if I get this thing cleaned up.  FRST and Addition logs pasted below.

 

FRST:

______________________________

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2022
Ran by kgwal (administrator) on LAPTOP-IC9ME3DV (HP HP Laptop 15t-dy100) (28-10-2022 08:11:20)
Running from C:\Users\kgwal\OneDrive\Desktop
Loaded Profiles: kgwal
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: English (United States)
Default browser not detected!
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIServiceN.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxEMN.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\BridgeCommunication.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3ef70b9d5cc0699f\LMS.exe
(services.exe ->) (Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_dc7a0fe3ada1cbf5\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIServiceN.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ada2367baaae74c0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kgwal\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-07] (Valve Corp. -> Valve Corporation)
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\WINDOWS\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00363246-B848-4D2A-8A9F-22BBAA75A159} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1B592313-99B2-4818-AA0F-059A7B498B26} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {1B657F4A-CD60-47B0-8BB0-2D91F1B405CA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [432128 2022-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {3263B49A-661E-485F-98C3-0B9B54999A26} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {32DEBA87-47CF-46ED-80E9-EACF548DD83E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {3C6332A6-C4AD-4A69-8DC5-D825292AD995} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {4B17CCAE-E97B-471E-A67B-0EEFC68B7516} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {4BC57174-ABDE-4022-9D58-504D5CF56073} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {558D1641-F070-49DD-927D-0738C02F930F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {5FEEE856-A8B7-409F-B627-896FDA15C453} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {602CCC8F-6434-4E62-BD8A-094F0AEB2C1A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {66FB8E86-9DE3-4838-8867-B82BE3B6E26D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {677DC127-4C02-421F-B607-428B9DB4E671} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {6BFC7E93-4447-44ED-92B5-2C67A25BF7DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-08-17] (HP Inc. -> HP Inc.)
Task: {6C3F1E6E-AB2F-4BE8-95DE-98D26133ADBC} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {705EE3A2-CC78-4B5F-AE4D-F4444177E764} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [221328 2022-08-17] (HP Inc. -> )
Task: {88AAA980-CACC-4778-9332-584BB8A4C6C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH61M2R0Y2 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {8BBF1844-EFC6-4E1C-83C3-C7DD2FEB1D15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E817364-C4A6-400E-A113-499097C9ADED} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {9A913D65-912D-41E2-B07D-EC47C1CB21C7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7AF0A96-782A-4527-91DF-5B97F6AEA148} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B4EF8A5D-40BB-46A0-8AC1-CFA933D42EE9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {B8C25D93-7C34-4AD2-9A41-A18361AB6845} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {B96FA9FF-4B15-47B8-A63B-896D1A289584} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2021-04-02] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {C53463A5-6379-4380-A1FF-7BA3CD9B768B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C81CCE0B-5B04-47FE-9E45-ECE8774878A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-29] (Google LLC -> Google LLC)
Task: {CABD8EBA-E11C-428C-BFF9-BBC4ECB3091B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {CCA8D1E1-B24A-4C82-B031-449451EA5082} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-08-17] (HP Inc. -> HP Inc.)
Task: {D2945AF5-2D23-457E-B840-8D6667B6E488} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {D32CCD7E-9280-4B49-8421-78CB10309F54} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {D9999316-08B7-4146-BC35-13458B6322B9} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
Task: {DA694A39-A1DD-4D90-8399-8681B23BA9BE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5C6D7E0-1D0A-4122-B1A5-93F48AD6BB82} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ECE4D2CC-C095-42A6-AD78-8A83842011E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-29] (Google LLC -> Google LLC)
Task: {F7287EEB-AB00-4FC7-8F0F-0E8103E2FC0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7714060-49AF-48FB-8B4E-5E173AC4BC1B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC54F41E-EFBA-412B-9319-7A166EBE6BBE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {FD3EE8D5-DA0E-481B-9C2D-EE36F6F77FF1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [432128 2022-03-08] (Microsoft Windows -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{e244c7d2-d1b5-4a75-a2c0-4db499b2115f}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kgwal\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-27]
 
FireFox:
========
FF DefaultProfile: 1ix7idxp.default
FF ProfilePath: C:\Users\kgwal\AppData\Roaming\Mozilla\Firefox\Profiles\1ix7idxp.default [2020-08-26]
FF ProfilePath: C:\Users\kgwal\AppData\Roaming\Mozilla\Firefox\Profiles\jfxn6zxt.default-release [2022-10-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default [2022-10-27]
CHR Notifications: Default -> hxxps://chat.google.com; hxxps://meet.google.com; hxxps://pushwelcome.com; hxxps://www.netflix.com; hxxps://www.pinterest.com
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-28]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (Extension Toggle for Chrome™) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\igfgceofdhhgnpbnokpgnmgejaddnjla [2022-06-15]
CHR Extension: (Fire Shield Overview) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndajnaaobjaganokllcgbapngenfbgkc [2022-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-01]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-10-28]
CHR Notifications: Profile 2 -> hxxps://www.netflix.com
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-12]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-10-27]
CHR Extension: (OneNote Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2022-07-09]
CHR Extension: (Word Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2022-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-04]
CHR Extension: (Zoom) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-07-09]
CHR Extension: (Excel Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2022-07-09]
CHR Extension: (PowerPoint Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2022-07-09]
CHR Extension: (Office) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2022-07-09]
CHR Extension: (OneDrive) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2022-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-09]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-14]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-10-27]
CHR Extension: (Proctorio) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fpmapakogndmenjcfoajifaaonnkpkei [2022-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-05]
CHR Extension: (Loom – Free Screen Recorder & Screen Capture) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-27]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-28]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018528 2022-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe [786888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe [785896 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe [782296 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe [786392 2022-09-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe [493680 2022-09-28] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1689984 2022-03-29] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-07-02] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-28 08:11 - 2022-10-28 08:11 - 000000000 ____D C:\FRST
2022-10-28 07:49 - 2022-10-28 07:49 - 000000000 ___HD C:\$WinREAgent
2022-10-27 22:27 - 2022-10-27 22:27 - 000000000 ____D C:\Users\kgwal\AppData\Local\ElevatedDiagnostics
2022-10-27 22:23 - 2022-10-27 22:23 - 000000000 ___HD C:\$WINDOWS.~BT
2022-10-27 21:32 - 2022-10-27 21:32 - 000000000 ____D C:\Users\kgwal\AppData\Roaming\WildTangent
2022-10-27 21:31 - 2022-10-27 21:31 - 000000000 ____D C:\ProgramData\WildTangent
2022-10-27 19:02 - 2022-10-27 19:02 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-10-27 19:02 - 2022-10-27 19:02 - 000002083 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2022-10-27 19:01 - 2022-10-05 22:42 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-26 17:18 - 2022-10-26 17:18 - 006213120 _____ C:\Users\kgwal\Downloads\Urea Cycle.ppt
2022-10-26 10:20 - 2022-10-26 10:20 - 004389343 _____ C:\Users\kgwal\Downloads\CH13 Diagnosing infections Week 8.pptx
2022-10-25 21:40 - 2022-10-25 21:41 - 004343808 _____ C:\Users\kgwal\Downloads\Chpt07-QuantTheoryElectrStuctAtoms.ppt
2022-10-23 21:55 - 2022-10-23 21:55 - 004381961 _____ C:\Users\kgwal\Downloads\2022-10-23 20-28.pdf
2022-10-21 17:15 - 2022-10-21 17:15 - 007762432 _____ C:\Users\kgwal\Downloads\Glycogen Metabolism.ppt
2022-10-21 11:33 - 2022-10-21 11:33 - 000975117 _____ C:\Users\kgwal\Downloads\Chapter 7 Worksheet.pdf
2022-10-21 11:31 - 2022-10-21 11:31 - 000975117 _____ C:\Users\kgwal\Downloads\2022-10-21 11-28.pdf
2022-10-21 11:13 - 2022-10-21 11:13 - 001113719 _____ C:\Users\kgwal\Downloads\Week 7 Calculations Extra Practice PPT Only.pptx
2022-10-19 09:31 - 2022-10-19 09:31 - 005383241 _____ C:\Users\kgwal\Downloads\CH03 (1).pptx
2022-10-19 09:30 - 2022-10-19 09:30 - 013753512 _____ C:\Users\kgwal\Downloads\CH07 (1).pptx
2022-10-19 09:30 - 2022-10-19 09:30 - 006596056 _____ C:\Users\kgwal\Downloads\CH08 (1).pptx
2022-10-19 09:29 - 2022-10-19 09:29 - 014285588 _____ C:\Users\kgwal\Downloads\Prokaryotes (2).pptx
2022-10-19 09:29 - 2022-10-19 09:29 - 014285588 _____ C:\Users\kgwal\Downloads\Prokaryotes (1).pptx
2022-10-19 09:28 - 2022-10-19 09:28 - 022145806 _____ C:\Users\kgwal\Downloads\Eukaryotes (1).pptx
2022-10-16 23:25 - 2022-10-16 23:25 - 005228381 _____ C:\Users\kgwal\Downloads\2022-10-16 23-24.pdf
2022-10-13 13:57 - 2022-10-13 13:57 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-09 19:59 - 2022-10-09 19:59 - 005258696 _____ C:\Users\kgwal\Downloads\2022-10-09 19-58.pdf
2022-10-09 16:24 - 2022-10-09 16:24 - 000909824 _____ C:\Users\kgwal\Downloads\Week 5 Written Assignment.pdf
2022-10-09 16:23 - 2022-10-09 16:23 - 000909824 _____ C:\Users\kgwal\Downloads\2022-10-09 16-22.pdf
2022-10-07 16:08 - 2022-10-07 21:58 - 007422976 _____ C:\Users\kgwal\Downloads\The Electron Transport Chain  Oxidative Phosphorylation.ppt
2022-10-05 22:42 - 2022-10-05 22:42 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-05 20:21 - 2022-10-05 20:21 - 000000165 ____H C:\Users\kgwal\Downloads\~$CH13 complete.pptx
2022-10-05 14:42 - 2022-10-05 14:42 - 010422265 _____ C:\Users\kgwal\Downloads\CH13 complete.pptx
2022-10-02 14:42 - 2022-10-02 14:42 - 004273202 _____ C:\Users\kgwal\Downloads\2022-10-02 14-41.pdf
2022-10-02 14:14 - 2022-10-02 14:14 - 018599424 _____ C:\Users\kgwal\Downloads\fremgen_ch03_dl_wcrs.ppt
2022-10-02 14:14 - 2022-10-02 14:14 - 015406592 _____ C:\Users\kgwal\Downloads\fremgen_ch04_dl_wcrs 2.ppt
2022-10-02 09:41 - 2022-10-02 09:41 - 000048640 _____ C:\Users\kgwal\Downloads\Food Log Excel (2) (1).xls
2022-09-30 16:20 - 2022-09-30 16:20 - 003377664 _____ C:\Users\kgwal\Downloads\The Citric Acid Cycle.ppt
2022-09-28 18:56 - 2022-09-28 18:57 - 003283245 _____ C:\Users\kgwal\Downloads\CH13.3 Microscopic methods Biol 231 Summer 2022 Week 4.pptx
2022-09-28 16:26 - 2022-09-28 16:26 - 000646906 _____ C:\Users\kgwal\Downloads\2022-09-27 22-00.pdf
2022-09-28 10:21 - 2022-09-28 10:21 - 005383241 _____ C:\Users\kgwal\Downloads\CH03.pptx
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-28 08:07 - 2021-03-15 01:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-28 08:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-28 07:57 - 2021-09-06 12:53 - 000000000 ____D C:\Users\kgwal\AppData\Local\D3DSCache
2022-10-28 07:57 - 2020-06-29 10:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-28 07:54 - 2021-03-15 01:09 - 000849772 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-28 07:54 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-28 07:53 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-28 07:48 - 2022-04-18 18:58 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-28 07:46 - 2021-03-15 01:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-28 07:46 - 2021-03-15 01:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-28 07:46 - 2020-09-17 16:15 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-28 07:46 - 2020-06-29 10:14 - 000000000 __SHD C:\Users\kgwal\IntelGraphicsProfiles
2022-10-28 07:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-28 07:46 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-27 23:03 - 2019-12-07 04:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-27 22:49 - 2021-02-26 10:23 - 000000000 ___DC C:\WINDOWS\Panther
2022-10-27 22:45 - 2020-06-30 00:08 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-27 22:44 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-27 22:43 - 2021-04-10 20:46 - 000000000 ____D C:\Program Files\CCleaner
2022-10-27 21:54 - 2021-10-27 22:23 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-27 21:54 - 2020-09-22 17:25 - 000000000 ____D C:\Users\kgwal\AppData\Local\CrashDumps
2022-10-27 21:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-27 21:06 - 2020-06-29 10:11 - 000000000 ____D C:\Users\kgwal\AppData\Local\Packages
2022-10-27 21:05 - 2021-10-20 14:38 - 000000000 ____D C:\Users\kgwal\AppData\Local\Bluestacks
2022-10-27 21:05 - 2020-06-20 22:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2022-10-27 21:05 - 2020-06-20 22:35 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2022-10-27 21:04 - 2021-04-26 14:00 - 000000000 ____D C:\Users\kgwal\AppData\Roaming\Slack
2022-10-27 21:04 - 2021-04-26 13:59 - 000000000 ____D C:\Users\kgwal\AppData\Local\slack
2022-10-27 21:04 - 2021-03-15 01:04 - 000000000 ____D C:\Users\kgwal
2022-10-27 21:01 - 2021-06-26 23:52 - 000000000 ____D C:\Users\kgwal\AppData\Local\Avast Software
2022-10-27 19:01 - 2021-03-15 01:08 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-27 19:01 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-26 22:33 - 2022-09-09 15:56 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Biochemistry
2022-10-26 22:31 - 2021-03-15 01:08 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-26 22:31 - 2021-03-15 01:08 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-26 22:31 - 2021-03-15 01:08 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-26 22:31 - 2021-03-15 01:08 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-26 22:31 - 2021-03-15 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-26 10:38 - 2022-09-06 19:59 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Microbiology
2022-10-23 21:55 - 2022-09-09 12:59 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Medical Terminology
2022-10-21 21:07 - 2020-07-18 00:18 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-21 21:07 - 2020-07-18 00:18 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-21 11:32 - 2022-09-07 11:50 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Basic Nutrition
2022-10-15 11:02 - 2020-08-09 12:45 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\My Kindle Content
2022-10-14 21:36 - 2019-11-28 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 20:21 - 2020-06-30 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 14:13 - 2020-06-30 00:06 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-11 20:34 - 2020-06-29 10:56 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 20:34 - 2020-06-29 10:56 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-07 09:29 - 2021-03-15 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-10-05 22:42 - 2021-08-25 08:00 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-05 22:42 - 2020-10-27 11:27 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-05 22:39 - 2021-08-25 16:12 - 000000000 ____D C:\Program Files (x86)\SafeConnect
2022-09-28 16:27 - 2022-09-07 08:56 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\National
 
==================== Files in the root of some directories ========
 
2022-02-07 16:39 - 2022-10-20 22:41 - 000037828 _____ () C:\Users\kgwal\AppData\Local\CDXLExtendedShim.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
Addition:
_____________________
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2022
Ran by kgwal (28-10-2022 08:16:35)
Running from C:\Users\kgwal\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2021-03-15 06:08:50)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-691941065-2667957141-2909907241-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-691941065-2667957141-2909907241-503 - Limited - Disabled)
Guest (S-1-5-21-691941065-2667957141-2909907241-501 - Limited - Disabled)
kgwal (S-1-5-21-691941065-2667957141-2909907241-1001 - Administrator - Enabled) => C:\Users\kgwal
WDAGUtilityAccount (S-1-5-21-691941065-2667957141-2909907241-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Amazon Kindle) (Version: 1.38.0.65290 - Amazon)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.9.6034 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Teams) (Version: 1.5.00.17656 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.1 (x64 en-US)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0 - Mozilla)
Notion 2.0.15 (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.15 - Notion Labs, Incorporated)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PerkinElmer ChemOffice 64-bit Support 20.1.1 (HKLM\...\{A69909C4-C2E9-4B43-9DEB-190A682A6082}) (Version: 20.1.1 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemOffice Suite 2020 20.1.1 (HKLM-x32\...\{9CF299C0-AC30-43EC-A5AE-1498AFCF0292}) (Version: 20.1.1 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 20.1.1 x64 (HKLM\...\{9A44EC94-4060-4C2E-A393-900536D22B2C}) (Version: 20.1.1 - PerkinElmer Informatics, Inc.)
Python 3.2.2 (64-bit) (HKLM\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}) (Version: 3.2.2150 - Python Software Foundation)
Snood 4 (HKLM-x32\...\Snood 4_is1) (Version:  - Word of Mouse Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
 
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2022-08-07] (Amazon.com)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_22.4.18.0_x64__xbfy0k16fey96 [2022-09-09] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.7.197.0_x64__v10z8vjag6ke6 [2020-10-10] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-08-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.3.0_x64__v10z8vjag6ke6 [2022-10-07] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.1.54.0_x64__v10z8vjag6ke6 [2022-10-21] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-07] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.20.22.0_x64__v10z8vjag6ke6 [2022-08-28] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6 [2022-08-15] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-08-07] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2022-10-16] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-07] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.4002.0_x64__8wekyb3d8bbwe [2022-10-26] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-25] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-21] (Random Salad Games LLC)
Smart Tools: Study Timetable -> C:\Program Files\WindowsApps\20152IcyS.SmartToolsStudyTimetable_2016.8.26.0_x64__r1j7p77eahf2y [2020-07-19] (PresentC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2022-10-27] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-691941065-2667957141-2909907241-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\kgwal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-691941065-2667957141-2909907241-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\kgwal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\kgwal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 5" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\kgwal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Kaley (student.nuhs.edu) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\kgwal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\KALEY (aquinas.edu) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2020-06-29 23:59 - 2020-06-29 23:59 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKLM -> {4E6A9EDE-FBDF-4B97-B3A2-6FE3DE6474E2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {4E6A9EDE-FBDF-4B97-B3A2-6FE3DE6474E2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-691941065-2667957141-2909907241-1001 -> {4E6A9EDE-FBDF-4B97-B3A2-6FE3DE6474E2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-08-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-08-17] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\sharepoint.com -> hxxps://aquinasedu-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PerkinElmerInformatics\ChemOffice2020\ChemScript\Lib;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kgwal\OneDrive\Pictures\College Pics 2021\IMG-6015 - Copy.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "SafeConnect.lnk"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher"
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{07CE6F76-707B-45E3-8E28-8737CEFC6878}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77F10E1E-538B-41AC-B92C-2C5D6477BBCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62BCB978-C7A1-4541-8DF8-225BA243562D}] => (Allow) C:\Users\kgwal\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0CF47512-4B30-4FD5-9898-DD09FF55B5D6}] => (Allow) C:\Users\kgwal\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{048EE7C0-3718-4FB8-925A-294D882D2014}] => (Allow) C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4536649B-1CCB-4D01-81AD-27271E2F37AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A37CD32-EE43-4198-82F9-443A8F9AF218}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCC07BA0-498C-411F-AFEB-16D200850664}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8FDF9FBA-AE6E-4B69-891D-A91717CD7F9A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AB0A6E6F-06D4-41BA-8260-F1EE05A12A6D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{618479F3-7E1E-4E7F-9B28-A31EDFD55585}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{75676D8F-BC99-4A27-80CE-A361804776AC}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{96708B59-1EB5-4709-8854-2F81072D44EC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B5F5C852-623B-4F54-941F-A5B4D2D0297C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{30F754AD-92FF-4F4B-8856-06A4F41E7681}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{824942F9-6C89-4174-B524-DE82AE6C1E00}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3AADB9F4-059B-4C58-A23F-E5DFCA0752FB}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{024CF771-BE20-4778-B220-16D85A0C0665}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{75276329-8B35-471D-869D-E0BAAC25ED46}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{609CA912-3AA0-4146-9486-312FA1883CDB}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D0D9ABB5-E9EC-45C1-B280-3C692E995E54}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CECA628-5D9A-4AA5-8502-EB062DC3E01E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{573ED151-F531-491F-BD14-263EDCCE3FA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95FD3C4C-2968-4BE2-A795-070ACDF81DCD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{51BAF7B0-7AB9-4FEC-B4A0-4B9BBC482F7D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1E330740-7918-47B6-9B86-268DD09D4B0A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E32444CE-E0C7-46D0-832C-363F202AF89A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4F8177FC-4839-481C-9D39-B4B715B34790}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CC853593-1A59-4641-8C35-D8E5569A344B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4C264612-B1AD-4CF5-89C8-0666426FFA5A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{20D5017B-6FE5-43B8-8080-EA0A35E36D3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FB451389-B164-40D3-93AE-3DCD2415620F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5B47B06E-1704-40D6-8EA2-8F144D7CCA77}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1CB79987-6446-4BC1-B8B0-3425E7E7AC5A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B953A894-3743-4842-884B-978BBE61DFDF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{2B1ABDD3-FF4E-4103-98B1-03B222D887DC}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Block) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [UDP Query User{06AF8A8E-7427-48B9-85FB-D571DDC8C61A}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Block) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [TCP Query User{8E65785E-932B-4485-A7E3-2A22E5543597}C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3118D8E-09E7-452C-BF3B-1B567ADF2201}C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B59D8C0-F4A8-484C-9090-94C43C498F74}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A9FB997B-B19D-4862-B781-795E8038DD4C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E42B30CC-8B53-4931-83D5-844CF45B8828}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A18EEEA-F45D-4FC2-8C78-FAF367DE8C65}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{01522DEE-8D1A-4FBB-BE6B-7CD5678CB7B8}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Allow) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [UDP Query User{81FE70F8-8813-4048-BEFD-8CEF6C5BEEA1}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Allow) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [{2EE52675-3F28-4A8D-9859-75D60B54CC54}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA2A96A3-FB9E-43B5-A4FF-5B323A78C420}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BD9CC5A5-1653-474D-93EC-6906E47A7A9E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F66607B5-0DDE-40C1-9EB3-2706C656DA15}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DF23D1F0-2EE7-40C9-82F2-A19586E225E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7E0D826A-1A52-480F-AB5F-D972F91715F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47825049-C1FC-4E96-B4A7-EF6F1FB96493}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE59C172-15A8-4506-AECF-19BAEB314A13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BACB90F0-342E-44E1-89A7-AEB5C3F55548}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97DE7EF2-FBBD-447E-B245-D98F139EED33}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AE8FCB4-61C7-4DB6-972F-A0A887A360CE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8141FE6F-A020-4578-AFB5-81B6CE13E189}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{101EFE8A-5750-4573-AA45-F79270C5513D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9047C05A-7B14-4679-B6C2-9C151D571609}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE8C7089-AE98-4220-94F8-6CF7A1A6ABAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AC63298-D5AB-4CC8-9659-755FF2852B21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D2D1199-4503-42C9-8817-EE0769E3EB3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690F7C0F-299D-4C54-818C-566632FC2B18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DB713CA6-A171-4D02-8347-C778A5E39F62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF149076-B95A-4363-8C50-3930F8ACA4CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
27-10-2022 21:59:41 Windows Modules Installer
27-10-2022 22:00:30 Windows Modules Installer
27-10-2022 22:45:43 Windows Modules Installer
28-10-2022 07:49:40 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/27/2022 11:03:45 PM) (Source: igccservice) (EventID: 0) (User: )
Description: Service cannot be started. A system shutdown is in progress
 
Error: (10/27/2022 10:59:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/27/2022 10:59:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/27/2022 10:59:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/27/2022 10:59:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/27/2022 10:44:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Error: (10/27/2022 09:32:06 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID: 4304, ProfSvc PID: 2808.
 
Error: (10/27/2022 09:18:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wuauclt.exe, version: 10.0.19041.1503, time stamp: 0x17884906
Faulting module name: ntdll.dll, version: 10.0.19041.1566, time stamp: 0x1be73aa8
Exception code: 0xc0000005
Fault offset: 0x0000000000063416
Faulting process id: 0x3d8c
Faulting application start time: 0x01d8ea7246533034
Faulting application path: C:\WINDOWS\system32\wuauclt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e8fcf6f8-e895-4957-b814-7e45333123b6
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/28/2022 07:53:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070026: 2022-10 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5018410).
 
Error: (10/27/2022 11:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ClickToRunSvc service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AppXSvc service depends on the StateRepository service which failed to start because of the following error: 
The operation completed successfully.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WildTangentHelper service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The igccservice service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SECOMNService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RstMwService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
CodeIntegrity:
===============
Date: 2022-10-28 07:48:39
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2022-10-28 07:47:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: AMI F.26 06/17/2022
Motherboard: HP 86C9
Processor: Intel® Core™ i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 34%
Total physical RAM: 16072.83 MB
Available physical RAM: 10557.42 MB
Total Virtual: 18504.83 MB
Available Virtual: 13302.28 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:476.16 GB) (Free:371.66 GB) (Model: INTEL SSDPEKNW512G8H) NTFS
 
\\?\Volume{c6211cad-dd5e-4fd6-ba1b-c0a9fa408499}\ () (Fixed) (Total:0.5 GB) (Free:0.03 GB) NTFS
\\?\Volume{5b0b409f-1bf2-4369-acb1-61cd37163e39}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: DE3B1A5A)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements

#2
RKinner
Posted 28 October 2022 - 10:01 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Let's see what SFC is unhappy about:

 

You will probably need to pause Avast while running FRST.  Avast tends to eat FRST and also FRST will run faster if Avast isn't looking over its shoulder.
 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   414bytes   120 downloads
 
Run FRST and press Fix.  This should take about 30 minutes to complete and it will reboot when done.
 
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 
Sometimes you can force the Windows update process:
 
 
Click on Update Now.  This will download a file.  Go to your download folder then right click on the file and Run As Admin.  Then follow the instructions.
 
Let's get some more info on you PC:
 
Get the free version of Speccy:
 
 
(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 
 
 
 

  • 0

#3
portillos
Posted 28 October 2022 - 01:26 PM

portillos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

Great thank you! 

 

Ran everything you listed.  Windows update worked.  updated FRST and Addition logs below, and the speccy text file is attached.  Hopefully we're close to clean.  I can already tell things are better (search works, haven't seen popups as well).

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2022
Ran by kgwal (administrator) on LAPTOP-IC9ME3DV (HP HP Laptop 15t-dy100) (28-10-2022 08:11:20)
Running from C:\Users\kgwal\OneDrive\Desktop
Loaded Profiles: kgwal
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: English (United States)
Default browser not detected!
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIServiceN.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxEMN.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\BridgeCommunication.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3ef70b9d5cc0699f\LMS.exe
(services.exe ->) (Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_dc7a0fe3ada1cbf5\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIServiceN.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ada2367baaae74c0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kgwal\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-07] (Valve Corp. -> Valve Corporation)
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\WINDOWS\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00363246-B848-4D2A-8A9F-22BBAA75A159} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1B592313-99B2-4818-AA0F-059A7B498B26} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {1B657F4A-CD60-47B0-8BB0-2D91F1B405CA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [432128 2022-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {3263B49A-661E-485F-98C3-0B9B54999A26} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {32DEBA87-47CF-46ED-80E9-EACF548DD83E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {3C6332A6-C4AD-4A69-8DC5-D825292AD995} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {4B17CCAE-E97B-471E-A67B-0EEFC68B7516} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {4BC57174-ABDE-4022-9D58-504D5CF56073} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {558D1641-F070-49DD-927D-0738C02F930F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {5FEEE856-A8B7-409F-B627-896FDA15C453} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {602CCC8F-6434-4E62-BD8A-094F0AEB2C1A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {66FB8E86-9DE3-4838-8867-B82BE3B6E26D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {677DC127-4C02-421F-B607-428B9DB4E671} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {6BFC7E93-4447-44ED-92B5-2C67A25BF7DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-08-17] (HP Inc. -> HP Inc.)
Task: {6C3F1E6E-AB2F-4BE8-95DE-98D26133ADBC} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {705EE3A2-CC78-4B5F-AE4D-F4444177E764} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [221328 2022-08-17] (HP Inc. -> )
Task: {88AAA980-CACC-4778-9332-584BB8A4C6C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH61M2R0Y2 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {8BBF1844-EFC6-4E1C-83C3-C7DD2FEB1D15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E817364-C4A6-400E-A113-499097C9ADED} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {9A913D65-912D-41E2-B07D-EC47C1CB21C7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7AF0A96-782A-4527-91DF-5B97F6AEA148} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B4EF8A5D-40BB-46A0-8AC1-CFA933D42EE9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {B8C25D93-7C34-4AD2-9A41-A18361AB6845} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {B96FA9FF-4B15-47B8-A63B-896D1A289584} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2021-04-02] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {C53463A5-6379-4380-A1FF-7BA3CD9B768B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C81CCE0B-5B04-47FE-9E45-ECE8774878A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-29] (Google LLC -> Google LLC)
Task: {CABD8EBA-E11C-428C-BFF9-BBC4ECB3091B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {CCA8D1E1-B24A-4C82-B031-449451EA5082} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-08-17] (HP Inc. -> HP Inc.)
Task: {D2945AF5-2D23-457E-B840-8D6667B6E488} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {D32CCD7E-9280-4B49-8421-78CB10309F54} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {D9999316-08B7-4146-BC35-13458B6322B9} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
Task: {DA694A39-A1DD-4D90-8399-8681B23BA9BE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5C6D7E0-1D0A-4122-B1A5-93F48AD6BB82} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ECE4D2CC-C095-42A6-AD78-8A83842011E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-29] (Google LLC -> Google LLC)
Task: {F7287EEB-AB00-4FC7-8F0F-0E8103E2FC0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7714060-49AF-48FB-8B4E-5E173AC4BC1B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC54F41E-EFBA-412B-9319-7A166EBE6BBE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
Task: {FD3EE8D5-DA0E-481B-9C2D-EE36F6F77FF1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\480AB3E9-B775-4A63-887C-4EFBD04B7CB9\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [432128 2022-03-08] (Microsoft Windows -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{e244c7d2-d1b5-4a75-a2c0-4db499b2115f}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kgwal\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-27]
 
FireFox:
========
FF DefaultProfile: 1ix7idxp.default
FF ProfilePath: C:\Users\kgwal\AppData\Roaming\Mozilla\Firefox\Profiles\1ix7idxp.default [2020-08-26]
FF ProfilePath: C:\Users\kgwal\AppData\Roaming\Mozilla\Firefox\Profiles\jfxn6zxt.default-release [2022-10-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default [2022-10-27]
CHR Notifications: Default -> hxxps://chat.google.com; hxxps://meet.google.com; hxxps://pushwelcome.com; hxxps://www.netflix.com; hxxps://www.pinterest.com
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-28]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (Extension Toggle for Chrome™) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\igfgceofdhhgnpbnokpgnmgejaddnjla [2022-06-15]
CHR Extension: (Fire Shield Overview) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndajnaaobjaganokllcgbapngenfbgkc [2022-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-01]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-10-28]
CHR Notifications: Profile 2 -> hxxps://www.netflix.com
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-12]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-10-27]
CHR Extension: (OneNote Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2022-07-09]
CHR Extension: (Word Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2022-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-04]
CHR Extension: (Zoom) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-07-09]
CHR Extension: (Excel Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2022-07-09]
CHR Extension: (PowerPoint Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2022-07-09]
CHR Extension: (Office) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2022-07-09]
CHR Extension: (OneDrive) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2022-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-09]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-14]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-10-27]
CHR Extension: (Proctorio) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fpmapakogndmenjcfoajifaaonnkpkei [2022-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-05]
CHR Extension: (Loom – Free Screen Recorder & Screen Capture) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-27]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-28]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018528 2022-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe [786888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe [785896 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe [782296 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe [786392 2022-09-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe [493680 2022-09-28] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1689984 2022-03-29] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-07-02] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-28 08:11 - 2022-10-28 08:11 - 000000000 ____D C:\FRST
2022-10-28 07:49 - 2022-10-28 07:49 - 000000000 ___HD C:\$WinREAgent
2022-10-27 22:27 - 2022-10-27 22:27 - 000000000 ____D C:\Users\kgwal\AppData\Local\ElevatedDiagnostics
2022-10-27 22:23 - 2022-10-27 22:23 - 000000000 ___HD C:\$WINDOWS.~BT
2022-10-27 21:32 - 2022-10-27 21:32 - 000000000 ____D C:\Users\kgwal\AppData\Roaming\WildTangent
2022-10-27 21:31 - 2022-10-27 21:31 - 000000000 ____D C:\ProgramData\WildTangent
2022-10-27 19:02 - 2022-10-27 19:02 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-10-27 19:02 - 2022-10-27 19:02 - 000002083 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2022-10-27 19:01 - 2022-10-05 22:42 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-26 17:18 - 2022-10-26 17:18 - 006213120 _____ C:\Users\kgwal\Downloads\Urea Cycle.ppt
2022-10-26 10:20 - 2022-10-26 10:20 - 004389343 _____ C:\Users\kgwal\Downloads\CH13 Diagnosing infections Week 8.pptx
2022-10-25 21:40 - 2022-10-25 21:41 - 004343808 _____ C:\Users\kgwal\Downloads\Chpt07-QuantTheoryElectrStuctAtoms.ppt
2022-10-23 21:55 - 2022-10-23 21:55 - 004381961 _____ C:\Users\kgwal\Downloads\2022-10-23 20-28.pdf
2022-10-21 17:15 - 2022-10-21 17:15 - 007762432 _____ C:\Users\kgwal\Downloads\Glycogen Metabolism.ppt
2022-10-21 11:33 - 2022-10-21 11:33 - 000975117 _____ C:\Users\kgwal\Downloads\Chapter 7 Worksheet.pdf
2022-10-21 11:31 - 2022-10-21 11:31 - 000975117 _____ C:\Users\kgwal\Downloads\2022-10-21 11-28.pdf
2022-10-21 11:13 - 2022-10-21 11:13 - 001113719 _____ C:\Users\kgwal\Downloads\Week 7 Calculations Extra Practice PPT Only.pptx
2022-10-19 09:31 - 2022-10-19 09:31 - 005383241 _____ C:\Users\kgwal\Downloads\CH03 (1).pptx
2022-10-19 09:30 - 2022-10-19 09:30 - 013753512 _____ C:\Users\kgwal\Downloads\CH07 (1).pptx
2022-10-19 09:30 - 2022-10-19 09:30 - 006596056 _____ C:\Users\kgwal\Downloads\CH08 (1).pptx
2022-10-19 09:29 - 2022-10-19 09:29 - 014285588 _____ C:\Users\kgwal\Downloads\Prokaryotes (2).pptx
2022-10-19 09:29 - 2022-10-19 09:29 - 014285588 _____ C:\Users\kgwal\Downloads\Prokaryotes (1).pptx
2022-10-19 09:28 - 2022-10-19 09:28 - 022145806 _____ C:\Users\kgwal\Downloads\Eukaryotes (1).pptx
2022-10-16 23:25 - 2022-10-16 23:25 - 005228381 _____ C:\Users\kgwal\Downloads\2022-10-16 23-24.pdf
2022-10-13 13:57 - 2022-10-13 13:57 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-09 19:59 - 2022-10-09 19:59 - 005258696 _____ C:\Users\kgwal\Downloads\2022-10-09 19-58.pdf
2022-10-09 16:24 - 2022-10-09 16:24 - 000909824 _____ C:\Users\kgwal\Downloads\Week 5 Written Assignment.pdf
2022-10-09 16:23 - 2022-10-09 16:23 - 000909824 _____ C:\Users\kgwal\Downloads\2022-10-09 16-22.pdf
2022-10-07 16:08 - 2022-10-07 21:58 - 007422976 _____ C:\Users\kgwal\Downloads\The Electron Transport Chain  Oxidative Phosphorylation.ppt
2022-10-05 22:42 - 2022-10-05 22:42 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-05 20:21 - 2022-10-05 20:21 - 000000165 ____H C:\Users\kgwal\Downloads\~$CH13 complete.pptx
2022-10-05 14:42 - 2022-10-05 14:42 - 010422265 _____ C:\Users\kgwal\Downloads\CH13 complete.pptx
2022-10-02 14:42 - 2022-10-02 14:42 - 004273202 _____ C:\Users\kgwal\Downloads\2022-10-02 14-41.pdf
2022-10-02 14:14 - 2022-10-02 14:14 - 018599424 _____ C:\Users\kgwal\Downloads\fremgen_ch03_dl_wcrs.ppt
2022-10-02 14:14 - 2022-10-02 14:14 - 015406592 _____ C:\Users\kgwal\Downloads\fremgen_ch04_dl_wcrs 2.ppt
2022-10-02 09:41 - 2022-10-02 09:41 - 000048640 _____ C:\Users\kgwal\Downloads\Food Log Excel (2) (1).xls
2022-09-30 16:20 - 2022-09-30 16:20 - 003377664 _____ C:\Users\kgwal\Downloads\The Citric Acid Cycle.ppt
2022-09-28 18:56 - 2022-09-28 18:57 - 003283245 _____ C:\Users\kgwal\Downloads\CH13.3 Microscopic methods Biol 231 Summer 2022 Week 4.pptx
2022-09-28 16:26 - 2022-09-28 16:26 - 000646906 _____ C:\Users\kgwal\Downloads\2022-09-27 22-00.pdf
2022-09-28 10:21 - 2022-09-28 10:21 - 005383241 _____ C:\Users\kgwal\Downloads\CH03.pptx
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-28 08:07 - 2021-03-15 01:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-28 08:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-28 07:57 - 2021-09-06 12:53 - 000000000 ____D C:\Users\kgwal\AppData\Local\D3DSCache
2022-10-28 07:57 - 2020-06-29 10:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-28 07:54 - 2021-03-15 01:09 - 000849772 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-28 07:54 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-28 07:53 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-28 07:48 - 2022-04-18 18:58 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-28 07:46 - 2021-03-15 01:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-28 07:46 - 2021-03-15 01:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-28 07:46 - 2020-09-17 16:15 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-28 07:46 - 2020-06-29 10:14 - 000000000 __SHD C:\Users\kgwal\IntelGraphicsProfiles
2022-10-28 07:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-28 07:46 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-27 23:03 - 2019-12-07 04:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-27 22:49 - 2021-02-26 10:23 - 000000000 ___DC C:\WINDOWS\Panther
2022-10-27 22:45 - 2020-06-30 00:08 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-27 22:44 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-27 22:43 - 2021-04-10 20:46 - 000000000 ____D C:\Program Files\CCleaner
2022-10-27 21:54 - 2021-10-27 22:23 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-27 21:54 - 2020-09-22 17:25 - 000000000 ____D C:\Users\kgwal\AppData\Local\CrashDumps
2022-10-27 21:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-27 21:06 - 2020-06-29 10:11 - 000000000 ____D C:\Users\kgwal\AppData\Local\Packages
2022-10-27 21:05 - 2021-10-20 14:38 - 000000000 ____D C:\Users\kgwal\AppData\Local\Bluestacks
2022-10-27 21:05 - 2020-06-20 22:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2022-10-27 21:05 - 2020-06-20 22:35 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2022-10-27 21:04 - 2021-04-26 14:00 - 000000000 ____D C:\Users\kgwal\AppData\Roaming\Slack
2022-10-27 21:04 - 2021-04-26 13:59 - 000000000 ____D C:\Users\kgwal\AppData\Local\slack
2022-10-27 21:04 - 2021-03-15 01:04 - 000000000 ____D C:\Users\kgwal
2022-10-27 21:01 - 2021-06-26 23:52 - 000000000 ____D C:\Users\kgwal\AppData\Local\Avast Software
2022-10-27 19:01 - 2021-03-15 01:08 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-27 19:01 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-26 22:33 - 2022-09-09 15:56 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Biochemistry
2022-10-26 22:31 - 2021-03-15 01:08 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-26 22:31 - 2021-03-15 01:08 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-26 22:31 - 2021-03-15 01:08 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-26 22:31 - 2021-03-15 01:08 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-26 22:31 - 2021-03-15 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-26 10:38 - 2022-09-06 19:59 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Microbiology
2022-10-23 21:55 - 2022-09-09 12:59 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Medical Terminology
2022-10-21 21:07 - 2020-07-18 00:18 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-21 21:07 - 2020-07-18 00:18 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-21 11:32 - 2022-09-07 11:50 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Basic Nutrition
2022-10-15 11:02 - 2020-08-09 12:45 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\My Kindle Content
2022-10-14 21:36 - 2019-11-28 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 20:21 - 2020-06-30 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 14:13 - 2020-06-30 00:06 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-11 20:34 - 2020-06-29 10:56 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 20:34 - 2020-06-29 10:56 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-07 09:29 - 2021-03-15 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-10-05 22:42 - 2021-08-25 08:00 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-05 22:42 - 2020-10-27 11:27 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-05 22:39 - 2021-08-25 16:12 - 000000000 ____D C:\Program Files (x86)\SafeConnect
2022-09-28 16:27 - 2022-09-07 08:56 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\National
 
==================== Files in the root of some directories ========
 
2022-02-07 16:39 - 2022-10-20 22:41 - 000037828 _____ () C:\Users\kgwal\AppData\Local\CDXLExtendedShim.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
FireFox:
========
FF DefaultProfile: 1ix7idxp.default
FF ProfilePath: C:\Users\kgwal\AppData\Roaming\Mozilla\Firefox\Profiles\1ix7idxp.default [2020-08-26]
FF ProfilePath: C:\Users\kgwal\AppData\Roaming\Mozilla\Firefox\Profiles\jfxn6zxt.default-release [2022-10-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default [2022-10-27]
CHR Notifications: Default -> hxxps://chat.google.com; hxxps://meet.google.com; hxxps://pushwelcome.com; hxxps://www.netflix.com; hxxps://www.pinterest.com
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-28]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (Extension Toggle for Chrome™) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\igfgceofdhhgnpbnokpgnmgejaddnjla [2022-06-15]
CHR Extension: (Fire Shield Overview) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndajnaaobjaganokllcgbapngenfbgkc [2022-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-01]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-10-28]
CHR Notifications: Profile 2 -> hxxps://www.netflix.com
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-12]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-10-27]
CHR Extension: (OneNote Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2022-07-09]
CHR Extension: (Word Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2022-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-04]
CHR Extension: (Zoom) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-07-09]
CHR Extension: (Excel Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2022-07-09]
CHR Extension: (PowerPoint Online) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2022-07-09]
CHR Extension: (Office) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2022-07-09]
CHR Extension: (OneDrive) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2022-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-09]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-14]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-10-27]
CHR Extension: (Proctorio) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fpmapakogndmenjcfoajifaaonnkpkei [2022-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-05]
CHR Extension: (Loom – Free Screen Recorder & Screen Capture) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-27]
CHR Profile: C:\Users\kgwal\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-28]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018528 2022-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe [786888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe [785896 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe [782296 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe [786392 2022-09-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe [493680 2022-09-28] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1689984 2022-03-29] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-07-02] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-28 08:11 - 2022-10-28 13:10 - 000000000 ____D C:\FRST
2022-10-28 07:49 - 2022-10-28 07:49 - 000000000 ___HD C:\$WinREAgent
2022-10-27 22:27 - 2022-10-27 22:27 - 000000000 ____D C:\Users\kgwal\AppData\Local\ElevatedDiagnostics
2022-10-27 22:23 - 2022-10-27 22:23 - 000000000 ___HD C:\$WINDOWS.~BT
2022-10-27 21:32 - 2022-10-27 21:32 - 000000000 ____D C:\Users\kgwal\AppData\Roaming\WildTangent
2022-10-27 21:31 - 2022-10-27 21:31 - 000000000 ____D C:\ProgramData\WildTangent
2022-10-27 19:02 - 2022-10-27 19:02 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-10-27 19:02 - 2022-10-27 19:02 - 000002083 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2022-10-27 19:01 - 2022-10-05 22:42 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-26 17:18 - 2022-10-26 17:18 - 006213120 _____ C:\Users\kgwal\Downloads\Urea Cycle.ppt
2022-10-26 10:20 - 2022-10-26 10:20 - 004389343 _____ C:\Users\kgwal\Downloads\CH13 Diagnosing infections Week 8.pptx
2022-10-25 21:40 - 2022-10-25 21:41 - 004343808 _____ C:\Users\kgwal\Downloads\Chpt07-QuantTheoryElectrStuctAtoms.ppt
2022-10-23 21:55 - 2022-10-23 21:55 - 004381961 _____ C:\Users\kgwal\Downloads\2022-10-23 20-28.pdf
2022-10-21 17:15 - 2022-10-21 17:15 - 007762432 _____ C:\Users\kgwal\Downloads\Glycogen Metabolism.ppt
2022-10-21 11:33 - 2022-10-21 11:33 - 000975117 _____ C:\Users\kgwal\Downloads\Chapter 7 Worksheet.pdf
2022-10-21 11:31 - 2022-10-21 11:31 - 000975117 _____ C:\Users\kgwal\Downloads\2022-10-21 11-28.pdf
2022-10-21 11:13 - 2022-10-21 11:13 - 001113719 _____ C:\Users\kgwal\Downloads\Week 7 Calculations Extra Practice PPT Only.pptx
2022-10-19 09:31 - 2022-10-19 09:31 - 005383241 _____ C:\Users\kgwal\Downloads\CH03 (1).pptx
2022-10-19 09:30 - 2022-10-19 09:30 - 013753512 _____ C:\Users\kgwal\Downloads\CH07 (1).pptx
2022-10-19 09:30 - 2022-10-19 09:30 - 006596056 _____ C:\Users\kgwal\Downloads\CH08 (1).pptx
2022-10-19 09:29 - 2022-10-19 09:29 - 014285588 _____ C:\Users\kgwal\Downloads\Prokaryotes (2).pptx
2022-10-19 09:29 - 2022-10-19 09:29 - 014285588 _____ C:\Users\kgwal\Downloads\Prokaryotes (1).pptx
2022-10-19 09:28 - 2022-10-19 09:28 - 022145806 _____ C:\Users\kgwal\Downloads\Eukaryotes (1).pptx
2022-10-16 23:25 - 2022-10-16 23:25 - 005228381 _____ C:\Users\kgwal\Downloads\2022-10-16 23-24.pdf
2022-10-13 13:57 - 2022-10-13 13:57 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-09 19:59 - 2022-10-09 19:59 - 005258696 _____ C:\Users\kgwal\Downloads\2022-10-09 19-58.pdf
2022-10-09 16:24 - 2022-10-09 16:24 - 000909824 _____ C:\Users\kgwal\Downloads\Week 5 Written Assignment.pdf
2022-10-09 16:23 - 2022-10-09 16:23 - 000909824 _____ C:\Users\kgwal\Downloads\2022-10-09 16-22.pdf
2022-10-07 16:08 - 2022-10-07 21:58 - 007422976 _____ C:\Users\kgwal\Downloads\The Electron Transport Chain  Oxidative Phosphorylation.ppt
2022-10-05 22:42 - 2022-10-05 22:42 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-05 20:21 - 2022-10-05 20:21 - 000000165 ____H C:\Users\kgwal\Downloads\~$CH13 complete.pptx
2022-10-05 14:42 - 2022-10-05 14:42 - 010422265 _____ C:\Users\kgwal\Downloads\CH13 complete.pptx
2022-10-02 14:42 - 2022-10-02 14:42 - 004273202 _____ C:\Users\kgwal\Downloads\2022-10-02 14-41.pdf
2022-10-02 14:14 - 2022-10-02 14:14 - 018599424 _____ C:\Users\kgwal\Downloads\fremgen_ch03_dl_wcrs.ppt
2022-10-02 14:14 - 2022-10-02 14:14 - 015406592 _____ C:\Users\kgwal\Downloads\fremgen_ch04_dl_wcrs 2.ppt
2022-10-02 09:41 - 2022-10-02 09:41 - 000048640 _____ C:\Users\kgwal\Downloads\Food Log Excel (2) (1).xls
2022-09-30 16:20 - 2022-09-30 16:20 - 003377664 _____ C:\Users\kgwal\Downloads\The Citric Acid Cycle.ppt
2022-09-28 18:56 - 2022-09-28 18:57 - 003283245 _____ C:\Users\kgwal\Downloads\CH13.3 Microscopic methods Biol 231 Summer 2022 Week 4.pptx
2022-09-28 16:26 - 2022-09-28 16:26 - 000646906 _____ C:\Users\kgwal\Downloads\2022-09-27 22-00.pdf
2022-09-28 10:21 - 2022-09-28 10:21 - 005383241 _____ C:\Users\kgwal\Downloads\CH03.pptx
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-28 12:58 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-28 12:57 - 2020-06-29 10:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-28 12:55 - 2021-03-15 01:09 - 000849772 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-28 12:55 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-28 12:51 - 2022-04-18 18:58 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-28 12:50 - 2021-03-15 01:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-28 12:50 - 2021-03-15 01:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-28 12:50 - 2020-09-17 16:15 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-28 12:50 - 2020-06-29 10:14 - 000000000 __SHD C:\Users\kgwal\IntelGraphicsProfiles
2022-10-28 12:50 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-28 12:50 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-28 12:50 - 2019-12-07 04:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-28 12:49 - 2021-03-15 01:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-28 11:41 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-28 07:57 - 2021-09-06 12:53 - 000000000 ____D C:\Users\kgwal\AppData\Local\D3DSCache
2022-10-27 22:49 - 2021-02-26 10:23 - 000000000 ___DC C:\WINDOWS\Panther
2022-10-27 22:45 - 2020-06-30 00:08 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-27 22:44 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-27 22:43 - 2021-04-10 20:46 - 000000000 ____D C:\Program Files\CCleaner
2022-10-27 21:54 - 2021-10-27 22:23 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-27 21:54 - 2020-09-22 17:25 - 000000000 ____D C:\Users\kgwal\AppData\Local\CrashDumps
2022-10-27 21:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-27 21:06 - 2020-06-29 10:11 - 000000000 ____D C:\Users\kgwal\AppData\Local\Packages
2022-10-27 21:05 - 2021-10-20 14:38 - 000000000 ____D C:\Users\kgwal\AppData\Local\Bluestacks
2022-10-27 21:05 - 2020-06-20 22:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2022-10-27 21:05 - 2020-06-20 22:35 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2022-10-27 21:04 - 2021-04-26 14:00 - 000000000 ____D C:\Users\kgwal\AppData\Roaming\Slack
2022-10-27 21:04 - 2021-04-26 13:59 - 000000000 ____D C:\Users\kgwal\AppData\Local\slack
2022-10-27 21:04 - 2021-03-15 01:04 - 000000000 ____D C:\Users\kgwal
2022-10-27 21:01 - 2021-06-26 23:52 - 000000000 ____D C:\Users\kgwal\AppData\Local\Avast Software
2022-10-27 19:01 - 2021-03-15 01:08 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-27 19:01 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-26 22:33 - 2022-09-09 15:56 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Biochemistry
2022-10-26 22:31 - 2021-03-15 01:08 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-26 22:31 - 2021-03-15 01:08 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-26 22:31 - 2021-03-15 01:08 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-26 22:31 - 2021-03-15 01:08 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-26 22:31 - 2021-03-15 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-26 10:38 - 2022-09-06 19:59 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Microbiology
2022-10-23 21:55 - 2022-09-09 12:59 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Medical Terminology
2022-10-21 21:07 - 2020-07-18 00:18 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-21 21:07 - 2020-07-18 00:18 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-21 11:32 - 2022-09-07 11:50 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\Basic Nutrition
2022-10-15 11:02 - 2020-08-09 12:45 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\My Kindle Content
2022-10-14 21:36 - 2019-11-28 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-13 20:21 - 2020-06-30 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-13 14:13 - 2020-06-30 00:06 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-11 20:34 - 2020-06-29 10:56 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 20:34 - 2020-06-29 10:56 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-07 09:29 - 2021-03-15 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-10-05 22:42 - 2021-08-25 08:00 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-05 22:42 - 2020-10-27 11:27 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-05 22:42 - 2020-09-17 16:17 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-05 22:39 - 2021-08-25 16:12 - 000000000 ____D C:\Program Files (x86)\SafeConnect
2022-09-28 16:27 - 2022-09-07 08:56 - 000000000 ____D C:\Users\kgwal\OneDrive\Documents\National
 
==================== Files in the root of some directories ========
 
2022-02-07 16:39 - 2022-10-20 22:41 - 000037828 _____ () C:\Users\kgwal\AppData\Local\CDXLExtendedShim.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2022
Ran by kgwal (28-10-2022 13:11:24)
Running from C:\Users\kgwal\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2021-03-15 06:08:50)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-691941065-2667957141-2909907241-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-691941065-2667957141-2909907241-503 - Limited - Disabled)
Guest (S-1-5-21-691941065-2667957141-2909907241-501 - Limited - Disabled)
kgwal (S-1-5-21-691941065-2667957141-2909907241-1001 - Administrator - Enabled) => C:\Users\kgwal
WDAGUtilityAccount (S-1-5-21-691941065-2667957141-2909907241-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Amazon Kindle) (Version: 1.38.0.65290 - Amazon)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.9.6034 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\Teams) (Version: 1.5.00.17656 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.1 (x64 en-US)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0 - Mozilla)
Notion 2.0.15 (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.15 - Notion Labs, Incorporated)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PerkinElmer ChemOffice 64-bit Support 20.1.1 (HKLM\...\{A69909C4-C2E9-4B43-9DEB-190A682A6082}) (Version: 20.1.1 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemOffice Suite 2020 20.1.1 (HKLM-x32\...\{9CF299C0-AC30-43EC-A5AE-1498AFCF0292}) (Version: 20.1.1 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 20.1.1 x64 (HKLM\...\{9A44EC94-4060-4C2E-A393-900536D22B2C}) (Version: 20.1.1 - PerkinElmer Informatics, Inc.)
Python 3.2.2 (64-bit) (HKLM\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}) (Version: 3.2.2150 - Python Software Foundation)
Snood 4 (HKLM-x32\...\Snood 4_is1) (Version:  - Word of Mouse Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
 
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2022-08-07] (Amazon.com)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_22.4.18.0_x64__xbfy0k16fey96 [2022-09-09] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.7.197.0_x64__v10z8vjag6ke6 [2020-10-10] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-08-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.3.0_x64__v10z8vjag6ke6 [2022-10-07] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.1.54.0_x64__v10z8vjag6ke6 [2022-10-21] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-10-07] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.20.22.0_x64__v10z8vjag6ke6 [2022-08-28] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6 [2022-08-15] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-08-07] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2022-10-16] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-07] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.4002.0_x64__8wekyb3d8bbwe [2022-10-26] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-25] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-21] (Random Salad Games LLC)
Smart Tools: Study Timetable -> C:\Program Files\WindowsApps\20152IcyS.SmartToolsStudyTimetable_2016.8.26.0_x64__r1j7p77eahf2y [2020-07-19] (PresentC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2022-10-27] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-691941065-2667957141-2909907241-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\kgwal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-691941065-2667957141-2909907241-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\kgwal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-05] (Avast Software s.r.o. -> AVAST Software)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\kgwal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 5" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\kgwal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Kaley (student.nuhs.edu) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\kgwal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\KALEY (aquinas.edu) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2020-06-29 23:59 - 2020-06-29 23:59 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKLM -> {4E6A9EDE-FBDF-4B97-B3A2-6FE3DE6474E2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {4E6A9EDE-FBDF-4B97-B3A2-6FE3DE6474E2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-691941065-2667957141-2909907241-1001 -> {4E6A9EDE-FBDF-4B97-B3A2-6FE3DE6474E2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-08-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-08-17] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\sharepoint.com -> hxxps://aquinasedu-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PerkinElmerInformatics\ChemOffice2020\ChemScript\Lib;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kgwal\OneDrive\Pictures\College Pics 2021\IMG-6015 - Copy.jpg
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "SafeConnect.lnk"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher"
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-691941065-2667957141-2909907241-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{07CE6F76-707B-45E3-8E28-8737CEFC6878}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77F10E1E-538B-41AC-B92C-2C5D6477BBCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62BCB978-C7A1-4541-8DF8-225BA243562D}] => (Allow) C:\Users\kgwal\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0CF47512-4B30-4FD5-9898-DD09FF55B5D6}] => (Allow) C:\Users\kgwal\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{048EE7C0-3718-4FB8-925A-294D882D2014}] => (Allow) C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4536649B-1CCB-4D01-81AD-27271E2F37AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A37CD32-EE43-4198-82F9-443A8F9AF218}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCC07BA0-498C-411F-AFEB-16D200850664}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8FDF9FBA-AE6E-4B69-891D-A91717CD7F9A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AB0A6E6F-06D4-41BA-8260-F1EE05A12A6D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{618479F3-7E1E-4E7F-9B28-A31EDFD55585}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{75676D8F-BC99-4A27-80CE-A361804776AC}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{96708B59-1EB5-4709-8854-2F81072D44EC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B5F5C852-623B-4F54-941F-A5B4D2D0297C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{30F754AD-92FF-4F4B-8856-06A4F41E7681}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{824942F9-6C89-4174-B524-DE82AE6C1E00}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3AADB9F4-059B-4C58-A23F-E5DFCA0752FB}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{024CF771-BE20-4778-B220-16D85A0C0665}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{75276329-8B35-471D-869D-E0BAAC25ED46}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{609CA912-3AA0-4146-9486-312FA1883CDB}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D0D9ABB5-E9EC-45C1-B280-3C692E995E54}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CECA628-5D9A-4AA5-8502-EB062DC3E01E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{573ED151-F531-491F-BD14-263EDCCE3FA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95FD3C4C-2968-4BE2-A795-070ACDF81DCD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{51BAF7B0-7AB9-4FEC-B4A0-4B9BBC482F7D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1E330740-7918-47B6-9B86-268DD09D4B0A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E32444CE-E0C7-46D0-832C-363F202AF89A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4F8177FC-4839-481C-9D39-B4B715B34790}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CC853593-1A59-4641-8C35-D8E5569A344B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4C264612-B1AD-4CF5-89C8-0666426FFA5A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{20D5017B-6FE5-43B8-8080-EA0A35E36D3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FB451389-B164-40D3-93AE-3DCD2415620F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5B47B06E-1704-40D6-8EA2-8F144D7CCA77}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1CB79987-6446-4BC1-B8B0-3425E7E7AC5A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B953A894-3743-4842-884B-978BBE61DFDF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{2B1ABDD3-FF4E-4103-98B1-03B222D887DC}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Block) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [UDP Query User{06AF8A8E-7427-48B9-85FB-D571DDC8C61A}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Block) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [TCP Query User{8E65785E-932B-4485-A7E3-2A22E5543597}C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3118D8E-09E7-452C-BF3B-1B567ADF2201}C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kgwal\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B59D8C0-F4A8-484C-9090-94C43C498F74}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A9FB997B-B19D-4862-B781-795E8038DD4C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E42B30CC-8B53-4931-83D5-844CF45B8828}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A18EEEA-F45D-4FC2-8C78-FAF367DE8C65}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{01522DEE-8D1A-4FBB-BE6B-7CD5678CB7B8}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Allow) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [UDP Query User{81FE70F8-8813-4048-BEFD-8CEF6C5BEEA1}C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe] => (Allow) C:\users\kgwal\wavesor software\wavebrowser\wavebrowser.exe => No File
FirewallRules: [{2EE52675-3F28-4A8D-9859-75D60B54CC54}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA2A96A3-FB9E-43B5-A4FF-5B323A78C420}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BD9CC5A5-1653-474D-93EC-6906E47A7A9E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F66607B5-0DDE-40C1-9EB3-2706C656DA15}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DF23D1F0-2EE7-40C9-82F2-A19586E225E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7E0D826A-1A52-480F-AB5F-D972F91715F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47825049-C1FC-4E96-B4A7-EF6F1FB96493}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE59C172-15A8-4506-AECF-19BAEB314A13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BACB90F0-342E-44E1-89A7-AEB5C3F55548}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97DE7EF2-FBBD-447E-B245-D98F139EED33}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AE8FCB4-61C7-4DB6-972F-A0A887A360CE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8141FE6F-A020-4578-AFB5-81B6CE13E189}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{101EFE8A-5750-4573-AA45-F79270C5513D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9047C05A-7B14-4679-B6C2-9C151D571609}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE8C7089-AE98-4220-94F8-6CF7A1A6ABAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AC63298-D5AB-4CC8-9659-755FF2852B21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D2D1199-4503-42C9-8817-EE0769E3EB3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{690F7C0F-299D-4C54-818C-566632FC2B18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DB713CA6-A171-4D02-8347-C778A5E39F62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF149076-B95A-4363-8C50-3930F8ACA4CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
27-10-2022 21:59:41 Windows Modules Installer
27-10-2022 22:00:30 Windows Modules Installer
27-10-2022 22:45:43 Windows Modules Installer
28-10-2022 07:49:40 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/28/2022 12:52:57 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0x12548
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x0000000000002CC8
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:57 PM
57573@12:52:55 PM
 
Error: (10/28/2022 12:52:54 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0x11aec
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x0000000000002CC8
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:54 PM
57573@12:52:52 PM
 
Error: (10/28/2022 12:52:51 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0x11094
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x0000000000002CC8
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:51 PM
57573@12:52:49 PM
 
Error: (10/28/2022 12:52:48 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0x1063c
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x0000000000002CC8
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:48 PM
57573@12:52:46 PM
 
Error: (10/28/2022 12:52:45 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0xfb98
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x0000000000002CC8
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:45 PM
57573@12:52:43 PM
 
Error: (10/28/2022 12:52:42 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0xf128
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x000000000000367C
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:42 PM
57573@12:52:40 PM
 
Error: (10/28/2022 12:52:39 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0xe6a0
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x000000000000367C
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:39 PM
57573@12:52:37 PM
 
Error: (10/28/2022 12:52:36 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 
Possible long-running transaction:
 
SessionId: 0x00000118332710C0:0xdbac
 
Session-context: 0x00000000
 
Session-context ThreadId: 0x000000000000367C
 
Cleanup: 1
 
Session-trace:
 
45861@12:52:36 PM
57573@12:52:34 PM
 
 
System errors:
=============
Error: (10/28/2022 07:53:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070026: 2022-10 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5018410).
 
Error: (10/27/2022 11:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ClickToRunSvc service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AppXSvc service depends on the StateRepository service which failed to start because of the following error: 
The operation completed successfully.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WildTangentHelper service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The igccservice service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SECOMNService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/27/2022 11:03:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RstMwService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
CodeIntegrity:
===============
Date: 2022-10-28 13:10:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-10-28 12:52:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2022-10-28 12:51:40
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: AMI F.26 06/17/2022
Motherboard: HP 86C9
Processor: Intel® Core™ i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 24%
Total physical RAM: 16072.83 MB
Available physical RAM: 12182.04 MB
Total Virtual: 18504.83 MB
Available Virtual: 14750.39 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:476.16 GB) (Free:382.33 GB) (Model: INTEL SSDPEKNW512G8H) NTFS
Drive e: () (Removable) (Total:3.74 GB) (Free:2.39 GB) FAT32
 
\\?\Volume{c6211cad-dd5e-4fd6-ba1b-c0a9fa408499}\ () (Fixed) (Total:0.5 GB) (Free:0.03 GB) NTFS
\\?\Volume{5b0b409f-1bf2-4369-acb1-61cd37163e39}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: DE3B1A5A)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 3.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 

Attached Files


  • 0

#4
RKinner
Posted 28 October 2022 - 02:59 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

I should have had you run the FRST after the update since major updates make so many changes to the operating system that it is like a completely new system.  Also I really need the fixlog to see what SFC's problem was.

 

The Addition log shows McAfee still has some remnants.  McAfee is like a virus.  Very hard to remove.  You need to run their McAfee Consumer Product Removal Tool:

 

https://download.mca...s/MCPR/MCPR.exe

 

Download, save, go to the download folder and right click on the file and Run As Admin.

 

You were getting this error:

 

 
Error: (10/28/2022 12:52:36 PM) (Source: ESENT) (EventID: 623) (User: )
Description: SearchIndexer (10280,D,23) Windows: The version store for this instance (0) has reached its maximum size of 128Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.
 

 

 

It's probably gone after the update but just in case you may want to rebuild your Search Index.  The answer to this question provides instructions on how to do that:

https://answers.micr...ac-342f8c49e6b1

 

Speccy shows your laptop is slightly overheated.  You might try using Speedfan to monitor the temperatures in realtime:

 

 
 
 
Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).
 
It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  
Win 10 hides icons by default so: Settings, Personalization,  Taskbar, Select which Icons appear on Taskbar,  then turn Speedfan ON.
With no other programs running what is the highest temp you see?  Run an anti-virus scan, play one of your games or watch a video for at least 5 minutes.  What is the highest temp now?
 
 
We don't really want it to go over about 65 under load.  If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink.  However on some PCs this is major surgery.  Sometimes you can blow air backwards through the exhaust vent while vacuuming at the input vent and if you are lucky it may clear the heatsink.  Don't do it too long as the fan may overrev.
 
Let's check your errors with VEW. 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
 
* Application
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button and wait.
Notepad will open with the output log.
 
 
Please copy and paste the Output log into your next reply 

  • 0

#5
portillos
Posted 29 October 2022 - 10:14 AM

portillos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

1) Ran McAfee Removal tool, then rebooted

2) Rebuilt the search index

3) Installed speedfan.  with only chrome running, temp was 40.  after 5 minutes of watching youtube, with youtube still running, temp at 52.  I will blow out the fan, thanks for the tip.

4) Ran VEW

 

Sorry I forgot to post the fixlog.  First one below is the fixlog from yesterday, then the VEW output file from today.

 

Thanks!

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-10-2022
Ran by kgwal (28-10-2022 11:28:46) Run:1
Running from C:\Users\kgwal\OneDrive\Desktop
Loaded Profiles: kgwal
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.19041.844
 
Image Version: 10.0.19043.1586
 
 
[==                         3.8%                           ] 
 
[==                         4.8%                           ] 
 
[===                        5.7%                           ] 
 
[===                        6.7%                           ] 
 
[====                       7.2%                           ] 
 
[====                       8.2%                           ] 
 
[=====                      9.2%                           ] 
 
[=====                      10.2%                          ] 
 
[======                     11.2%                          ] 
 
[=======                    12.2%                          ] 
 
[=======                    13.1%                          ] 
 
[=======                    13.2%                          ] 
 
[========                   14.2%                          ] 
 
[========                   15.2%                          ] 
 
[=========                  16.2%                          ] 
 
[=========                  17.1%                          ] 
 
[==========                 18.1%                          ] 
 
[===========                19.1%                          ] 
 
[===========                20.1%                          ] 
 
[============               21.1%                          ] 
 
[============               22.0%                          ] 
 
[=============              23.0%                          ] 
 
[=============              24.0%                          ] 
 
[==============             25.0%                          ] 
 
[==============             25.4%                          ] 
 
[===============            26.3%                          ] 
 
[===============            26.7%                          ] 
 
[===============            26.8%                          ] 
 
[================           27.8%                          ] 
 
[================           28.8%                          ] 
 
[=================          29.7%                          ] 
 
[=================          30.7%                          ] 
 
[==================         31.7%                          ] 
 
[==================         32.7%                          ] 
 
[===================        33.7%                          ] 
 
[====================       34.6%                          ] 
 
[====================       35.6%                          ] 
 
[=====================      36.6%                          ] 
 
[=====================      37.6%                          ] 
 
[======================     38.3%                          ] 
 
[======================     38.8%                          ] 
 
[======================     39.0%                          ] 
 
[======================     39.5%                          ] 
 
[=======================    39.8%                          ] 
 
[=======================    40.2%                          ] 
 
[=======================    41.2%                          ] 
 
[========================   42.2%                          ] 
 
[=========================  43.2%                          ] 
 
[=========================  43.9%                          ] 
 
[=========================  44.6%                          ] 
 
[========================== 45.6%                          ] 
 
[===========================46.6%                          ] 
 
[===========================47.5%                          ] 
 
[===========================48.5%                          ] 
 
[===========================49.5%                          ] 
 
[===========================50.5%                          ] 
 
[===========================51.5%                          ] 
 
[===========================52.5%                          ] 
 
[===========================53.4%                          ] 
 
[===========================54.4%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.6%                          ] 
 
[===========================55.7%                          ] 
 
[===========================55.8%                          ] 
 
[===========================55.8%                          ] 
 
[===========================56.0%                          ] 
 
[===========================56.0%                          ] 
 
[===========================56.1%                          ] 
 
[===========================56.2%                          ] 
 
[===========================56.2%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.4%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.6%                          ] 
 
[===========================56.9%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.3%=                         ] 
 
[===========================57.4%=                         ] 
 
[===========================57.5%=                         ] 
 
[===========================58.0%=                         ] 
 
[===========================58.9%==                        ] 
 
[===========================59.9%==                        ] 
 
[===========================62.3%====                      ] 
 
[===========================77.4%============              ] 
 
[===========================84.9%=================         ] 
 
[===========================85.4%=================         ] 
 
[===========================86.6%==================        ] 
 
[===========================87.8%==================        ] 
 
[===========================88.8%===================       ] 
 
[===========================90.0%====================      ] 
 
[===========================91.2%====================      ] 
 
[===========================92.5%=====================     ] 
 
[==========================100.0%==========================] 
 
Error: 0x800f081f
 
The source files could not be found. 
Use the "Source" option to specify the location of the files that are required to restore the feature. For more information on specifying a source location, see https://go.microsoft.../?LinkId=243077.
 
The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
Fixing is terminated due to reaching maximum fixing time of 60 minutes. <==== ATTENTION
 
 
 
 
 
 
 
 
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 29/10/2022 11:08:06 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/10/2022 3:38:41 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 29/10/2022 3:38:41 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 29/10/2022 3:34:18 AM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 29/10/2022 3:34:18 AM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:19:00 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:19:00 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:15:57 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:15:57 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:15:34 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:14:27 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:14:27 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:13:11 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:12:50 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:12:50 PM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:33 PM
Type: Error Category: 0
Event: 257 Source: Microsoft-Windows-CAPI2
The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1409.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/10/2022 3:42:28 PM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: User Requested}. 
 
 
Log: 'Application' Date/Time: 28/10/2022 7:16:16 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe' (pid 9736) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:07 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ProfileAssociationProviderInterop, has been registered in the Windows Management Instrumentation namespace ROOT\Interop to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ProfileAssociationProviderInterop, has been registered in the Windows Management Instrumentation namespace ROOT\Interop to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ProfileAssociationProviderInterop, has been registered in the Windows Management Instrumentation namespace ROOT\Interop to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ProfileAssociationProviderInterop, has been registered in the Windows Management Instrumentation namespace ROOT\Interop to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace ROOT\StandardCimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 28/10/2022 7:07:06 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace ROOT\StandardCimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/10/2022 7:07:37 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Intel® Dynamic Application Loader Host Interface Service service depends on the IP Helper service which failed to start because of the following error:  The operation completed successfully.
 
Log: 'System' Date/Time: 28/10/2022 7:07:37 PM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The Printer Extensions and Notifications service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Log: 'System' Date/Time: 28/10/2022 7:07:36 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Intel® Dynamic Application Loader Host Interface Service service depends on the IP Helper service which failed to start because of the following error:  The operation completed successfully.
 
Log: 'System' Date/Time: 28/10/2022 7:07:27 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Network List Service service terminated with the following error:  The device is not ready.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/10/2022 4:05:26 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 4:00:34 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 4:00:32 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:59:22 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:54:32 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:40:05 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 29/10/2022 3:39:30 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:39:13 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:39:13 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:38:56 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&16e92655&0&01.
 
Log: 'System' Date/Time: 29/10/2022 3:38:53 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\DRIVERENUM\{cfabacad-7939-467c-96a7-93781d90d2d8}#WirelessButtonDriver_usersvc&3&9489f59&0.
 
Log: 'System' Date/Time: 29/10/2022 3:38:52 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device PCI\VEN_8086&DEV_8A03&SUBSYS_86C9103C&REV_03\3&11583659&2&20.
 
Log: 'System' Date/Time: 29/10/2022 3:38:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll 
 
Log: 'System' Date/Time: 29/10/2022 4:23:48 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 4:23:35 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:33:48 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:33:39 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 3:24:35 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 29/10/2022 2:58:00 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 28/10/2022 9:04:15 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2411254112-2168254029-2168783894-4051666917-4034460960-3324050413-3943252900). This security permission can be modified using the Component Services administrative tool.
 

  • 0

#6
RKinner
Posted 29 October 2022 - 02:26 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Fixlog says DISM failed to complete so it never got to SFC.  Expect it's a bad Internet connection.  Your Speccy report said WiFi strength was only 40 and there was another competing signal on the same channel.  Can you move the laptop closer to the router and try the fix again?

 

Attached File  fixlist.txt   414bytes   107 downloads

 

Also VEW says Zoom did not install correctly.  Try uninstalling it then download a new fresh copy (while the laptop is closer to the router.)

 

 

 

 


  • 0

#7
portillos
Posted 29 October 2022 - 07:57 PM

portillos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

looks like it worked this time.  I got a popup after 25 minutes that it was finished and needed to reboot, which I did not get last time.  Thanks for the info on zoom as well, I've fixed that.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2022
Ran by kgwal (29-10-2022 20:32:04) Run:2
Running from C:\Users\kgwal\OneDrive\Desktop
Loaded Profiles: kgwal
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.19041.844
 
Image Version: 10.0.19045.2130
 
 
[==                         3.8%                           ] 
 
[==                         4.4%                           ] 
 
[===                        5.3%                           ] 
 
[===                        6.3%                           ] 
 
[====                       7.2%                           ] 
 
[====                       8.2%                           ] 
 
[====                       8.4%                           ] 
 
[=====                      9.4%                           ] 
 
[=====                      10.3%                          ] 
 
[======                     11.3%                          ] 
 
[=======                    12.3%                          ] 
 
[=======                    13.3%                          ] 
 
[========                   14.3%                          ] 
 
[========                   15.2%                          ] 
 
[=========                  16.2%                          ] 
 
[=========                  17.2%                          ] 
 
[==========                 18.2%                          ] 
 
[===========                19.2%                          ] 
 
[===========                20.2%                          ] 
 
[============               21.1%                          ] 
 
[============               21.9%                          ] 
 
[=============              22.7%                          ] 
 
[=============              23.4%                          ] 
 
[=============              23.5%                          ] 
 
[==============             24.5%                          ] 
 
[==============             25.5%                          ] 
 
[===============            26.5%                          ] 
 
[===============            27.5%                          ] 
 
[================           28.5%                          ] 
 
[=================          29.4%                          ] 
 
[=================          30.4%                          ] 
 
[==================         31.4%                          ] 
 
[==================         32.3%                          ] 
 
[===================        33.3%                          ] 
 
[===================        34.3%                          ] 
 
[====================       35.2%                          ] 
 
[====================       35.8%                          ] 
 
[=====================      36.7%                          ] 
 
[=====================      37.1%                          ] 
 
[=====================      37.7%                          ] 
 
[======================     38.6%                          ] 
 
[======================     38.9%                          ] 
 
[======================     39.3%                          ] 
 
[=======================    39.8%                          ] 
 
[=======================    40.0%                          ] 
 
[=======================    40.2%                          ] 
 
[=======================    40.2%                          ] 
 
[=======================    40.8%                          ] 
 
[=======================    41.1%                          ] 
 
[========================   42.0%                          ] 
 
[========================   43.0%                          ] 
 
[=========================  43.5%                          ] 
 
[=========================  44.5%                          ] 
 
[========================== 45.5%                          ] 
 
[========================== 46.5%                          ] 
 
[===========================47.5%                          ] 
 
[===========================48.5%                          ] 
 
[===========================49.4%                          ] 
 
[===========================50.4%                          ] 
 
[===========================51.4%                          ] 
 
[===========================52.4%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.5%                          ] 
 
[===========================53.6%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.9%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.5%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.8%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.6%                          ] 
 
[===========================55.8%                          ] 
 
[===========================56.1%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.7%                          ] 
 
[===========================56.8%                          ] 
 
[===========================56.8%                          ] 
 
[===========================57.3%=                         ] 
 
[===========================58.1%=                         ] 
 
[===========================59.1%==                        ] 
 
[===========================60.1%==                        ] 
 
[===========================62.3%====                      ] 
 
[===========================84.9%=================         ] 
 
[==========================100.0%==========================] 
The restore operation completed successfully.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
 
Verification 0% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.
 
 
Windows Resource Protection found corrupt files and successfully repaired them.
 
For online repairs, details are included in the CBS log file located at
 
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
 
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2022-10-29 20:33:50, Info                  CSI    00000011 [SR] Verifying 100 components
2022-10-29 20:33:50, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:50, Info                  CSI    00000013 [SR] Verify complete
2022-10-29 20:33:50, Info                  CSI    00000014 [SR] Verifying 100 components
2022-10-29 20:33:50, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:51, Info                  CSI    00000016 [SR] Verify complete
2022-10-29 20:33:51, Info                  CSI    00000017 [SR] Verifying 100 components
2022-10-29 20:33:51, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:51, Info                  CSI    00000019 [SR] Verify complete
2022-10-29 20:33:51, Info                  CSI    0000001a [SR] Verifying 100 components
2022-10-29 20:33:51, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:52, Info                  CSI    0000001c [SR] Verify complete
2022-10-29 20:33:52, Info                  CSI    0000001d [SR] Verifying 100 components
2022-10-29 20:33:52, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:53, Info                  CSI    0000001f [SR] Verify complete
2022-10-29 20:33:53, Info                  CSI    00000020 [SR] Verifying 100 components
2022-10-29 20:33:53, Info                  CSI    00000021 [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:54, Info                  CSI    00000022 [SR] Verify complete
2022-10-29 20:33:55, Info                  CSI    00000023 [SR] Verifying 100 components
2022-10-29 20:33:55, Info                  CSI    00000024 [SR] Beginning Verify and Repair transaction
2022-10-29 20:33:56, Info                  CSI    00000025 [SR] Verify complete
2022-10-29 20:33:56, Info                  CSI    00000026 [SR] Verifying 100 components
2022-10-29 20:33:56, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:01, Info                  CSI    00000028 [SR] Verify complete
2022-10-29 20:34:01, Info                  CSI    00000029 [SR] Verifying 100 components
2022-10-29 20:34:01, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:05, Info                  CSI    0000002b [SR] Verify complete
2022-10-29 20:34:05, Info                  CSI    0000002c [SR] Verifying 100 components
2022-10-29 20:34:05, Info                  CSI    0000002d [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:11, Info                  CSI    00000030 [SR] Verify complete
2022-10-29 20:34:11, Info                  CSI    00000031 [SR] Verifying 100 components
2022-10-29 20:34:11, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:11, Info                  CSI    00000033 [SR] Verify complete
2022-10-29 20:34:12, Info                  CSI    00000034 [SR] Verifying 100 components
2022-10-29 20:34:12, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:13, Info                  CSI    00000037 [SR] Verify complete
2022-10-29 20:34:13, Info                  CSI    00000038 [SR] Verifying 100 components
2022-10-29 20:34:13, Info                  CSI    00000039 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:13, Info                  CSI    0000003a [SR] Verify complete
2022-10-29 20:34:13, Info                  CSI    0000003b [SR] Verifying 100 components
2022-10-29 20:34:13, Info                  CSI    0000003c [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:14, Info                  CSI    0000003d [SR] Verify complete
2022-10-29 20:34:14, Info                  CSI    0000003e [SR] Verifying 100 components
2022-10-29 20:34:14, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:14, Info                  CSI    00000040 [SR] Verify complete
2022-10-29 20:34:14, Info                  CSI    00000041 [SR] Verifying 100 components
2022-10-29 20:34:14, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:15, Info                  CSI    00000043 [SR] Verify complete
2022-10-29 20:34:15, Info                  CSI    00000044 [SR] Verifying 100 components
2022-10-29 20:34:15, Info                  CSI    00000045 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:18, Info                  CSI    00000048 [SR] Verify complete
2022-10-29 20:34:18, Info                  CSI    00000049 [SR] Verifying 100 components
2022-10-29 20:34:18, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:19, Info                  CSI    0000004b [SR] Verify complete
2022-10-29 20:34:19, Info                  CSI    0000004c [SR] Verifying 100 components
2022-10-29 20:34:19, Info                  CSI    0000004d [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:20, Info                  CSI    0000004e [SR] Verify complete
2022-10-29 20:34:20, Info                  CSI    0000004f [SR] Verifying 100 components
2022-10-29 20:34:20, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:20, Info                  CSI    00000051 [SR] Verify complete
2022-10-29 20:34:20, Info                  CSI    00000052 [SR] Verifying 100 components
2022-10-29 20:34:20, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:21, Info                  CSI    00000054 [SR] Verify complete
2022-10-29 20:34:21, Info                  CSI    00000055 [SR] Verifying 100 components
2022-10-29 20:34:21, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:22, Info                  CSI    00000057 [SR] Verify complete
2022-10-29 20:34:22, Info                  CSI    00000058 [SR] Verifying 100 components
2022-10-29 20:34:22, Info                  CSI    00000059 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:23, Info                  CSI    0000005b [SR] Verify complete
2022-10-29 20:34:23, Info                  CSI    0000005c [SR] Verifying 100 components
2022-10-29 20:34:23, Info                  CSI    0000005d [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:23, Info                  CSI    0000005e [SR] Verify complete
2022-10-29 20:34:23, Info                  CSI    0000005f [SR] Verifying 100 components
2022-10-29 20:34:23, Info                  CSI    00000060 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:24, Info                  CSI    00000061 [SR] Verify complete
2022-10-29 20:34:24, Info                  CSI    00000062 [SR] Verifying 100 components
2022-10-29 20:34:24, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:24, Info                  CSI    00000064 [SR] Verify complete
2022-10-29 20:34:24, Info                  CSI    00000065 [SR] Verifying 100 components
2022-10-29 20:34:24, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:25, Info                  CSI    00000067 [SR] Verify complete
2022-10-29 20:34:25, Info                  CSI    00000068 [SR] Verifying 100 components
2022-10-29 20:34:25, Info                  CSI    00000069 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:25, Info                  CSI    0000006a [SR] Verify complete
2022-10-29 20:34:25, Info                  CSI    0000006b [SR] Verifying 100 components
2022-10-29 20:34:25, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:26, Info                  CSI    0000006d [SR] Verify complete
2022-10-29 20:34:26, Info                  CSI    0000006e [SR] Verifying 100 components
2022-10-29 20:34:26, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:26, Info                  CSI    00000070 [SR] Verify complete
2022-10-29 20:34:26, Info                  CSI    00000071 [SR] Verifying 100 components
2022-10-29 20:34:26, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:27, Info                  CSI    00000073 [SR] Verify complete
2022-10-29 20:34:27, Info                  CSI    00000074 [SR] Verifying 100 components
2022-10-29 20:34:27, Info                  CSI    00000075 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:27, Info                  CSI    00000076 [SR] Verify complete
2022-10-29 20:34:27, Info                  CSI    00000077 [SR] Verifying 100 components
2022-10-29 20:34:27, Info                  CSI    00000078 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:28, Info                  CSI    00000079 [SR] Verify complete
2022-10-29 20:34:28, Info                  CSI    0000007a [SR] Verifying 100 components
2022-10-29 20:34:28, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:28, Info                  CSI    0000007c [SR] Verify complete
2022-10-29 20:34:28, Info                  CSI    0000007d [SR] Verifying 100 components
2022-10-29 20:34:28, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:29, Info                  CSI    0000007f [SR] Verify complete
2022-10-29 20:34:29, Info                  CSI    00000080 [SR] Verifying 100 components
2022-10-29 20:34:29, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:30, Info                  CSI    00000082 [SR] Verify complete
2022-10-29 20:34:30, Info                  CSI    00000083 [SR] Verifying 100 components
2022-10-29 20:34:30, Info                  CSI    00000084 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:30, Info                  CSI    00000085 [SR] Verify complete
2022-10-29 20:34:30, Info                  CSI    00000086 [SR] Verifying 100 components
2022-10-29 20:34:30, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:31, Info                  CSI    0000008b [SR] Verify complete
2022-10-29 20:34:31, Info                  CSI    0000008c [SR] Verifying 100 components
2022-10-29 20:34:31, Info                  CSI    0000008d [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:32, Info                  CSI    0000008e [SR] Verify complete
2022-10-29 20:34:32, Info                  CSI    0000008f [SR] Verifying 100 components
2022-10-29 20:34:32, Info                  CSI    00000090 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:33, Info                  CSI    00000091 [SR] Verify complete
2022-10-29 20:34:33, Info                  CSI    00000092 [SR] Verifying 100 components
2022-10-29 20:34:33, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:35, Info                  CSI    00000095 [SR] Verify complete
2022-10-29 20:34:35, Info                  CSI    00000096 [SR] Verifying 100 components
2022-10-29 20:34:35, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:36, Info                  CSI    00000098 [SR] Verify complete
2022-10-29 20:34:36, Info                  CSI    00000099 [SR] Verifying 100 components
2022-10-29 20:34:36, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:36, Info                  CSI    0000009b [SR] Verify complete
2022-10-29 20:34:36, Info                  CSI    0000009c [SR] Verifying 100 components
2022-10-29 20:34:36, Info                  CSI    0000009d [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:36, Info                  CSI    0000009e [SR] Verify complete
2022-10-29 20:34:37, Info                  CSI    0000009f [SR] Verifying 100 components
2022-10-29 20:34:37, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:37, Info                  CSI    000000a1 [SR] Verify complete
2022-10-29 20:34:37, Info                  CSI    000000a2 [SR] Verifying 100 components
2022-10-29 20:34:37, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:38, Info                  CSI    000000a4 [SR] Verify complete
2022-10-29 20:34:38, Info                  CSI    000000a5 [SR] Verifying 100 components
2022-10-29 20:34:38, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:39, Info                  CSI    000000a7 [SR] Verify complete
2022-10-29 20:34:39, Info                  CSI    000000a8 [SR] Verifying 100 components
2022-10-29 20:34:39, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:40, Info                  CSI    000000aa [SR] Verify complete
2022-10-29 20:34:40, Info                  CSI    000000ab [SR] Verifying 100 components
2022-10-29 20:34:40, Info                  CSI    000000ac [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:40, Info                  CSI    000000ad [SR] Verify complete
2022-10-29 20:34:40, Info                  CSI    000000ae [SR] Verifying 100 components
2022-10-29 20:34:40, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:41, Info                  CSI    000000b0 [SR] Verify complete
2022-10-29 20:34:41, Info                  CSI    000000b1 [SR] Verifying 100 components
2022-10-29 20:34:41, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:41, Info                  CSI    000000b3 [SR] Verify complete
2022-10-29 20:34:42, Info                  CSI    000000b4 [SR] Verifying 100 components
2022-10-29 20:34:42, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:42, Info                  CSI    000000b7 [SR] Verify complete
2022-10-29 20:34:42, Info                  CSI    000000b8 [SR] Verifying 100 components
2022-10-29 20:34:42, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:43, Info                  CSI    000000ba [SR] Verify complete
2022-10-29 20:34:43, Info                  CSI    000000bb [SR] Verifying 100 components
2022-10-29 20:34:43, Info                  CSI    000000bc [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:44, Info                  CSI    000000bd [SR] Verify complete
2022-10-29 20:34:44, Info                  CSI    000000be [SR] Verifying 100 components
2022-10-29 20:34:44, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:44, Info                  CSI    000000c0 [SR] Verify complete
2022-10-29 20:34:44, Info                  CSI    000000c1 [SR] Verifying 100 components
2022-10-29 20:34:44, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:45, Info                  CSI    000000c3 [SR] Verify complete
2022-10-29 20:34:45, Info                  CSI    000000c4 [SR] Verifying 100 components
2022-10-29 20:34:45, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:45, Info                  CSI    000000c6 [SR] Verify complete
2022-10-29 20:34:45, Info                  CSI    000000c7 [SR] Verifying 100 components
2022-10-29 20:34:45, Info                  CSI    000000c8 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:46, Info                  CSI    000000c9 [SR] Verify complete
2022-10-29 20:34:46, Info                  CSI    000000ca [SR] Verifying 100 components
2022-10-29 20:34:46, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:47, Info                  CSI    000000cc [SR] Verify complete
2022-10-29 20:34:47, Info                  CSI    000000cd [SR] Verifying 100 components
2022-10-29 20:34:47, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:47, Info                  CSI    000000cf [SR] Verify complete
2022-10-29 20:34:48, Info                  CSI    000000d0 [SR] Verifying 100 components
2022-10-29 20:34:48, Info                  CSI    000000d1 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:48, Info                  CSI    000000d2 [SR] Verify complete
2022-10-29 20:34:48, Info                  CSI    000000d3 [SR] Verifying 100 components
2022-10-29 20:34:48, Info                  CSI    000000d4 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:49, Info                  CSI    000000d5 [SR] Verify complete
2022-10-29 20:34:49, Info                  CSI    000000d6 [SR] Verifying 100 components
2022-10-29 20:34:49, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:49, Info                  CSI    000000d8 [SR] Verify complete
2022-10-29 20:34:49, Info                  CSI    000000d9 [SR] Verifying 100 components
2022-10-29 20:34:49, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:50, Info                  CSI    000000db [SR] Verify complete
2022-10-29 20:34:50, Info                  CSI    000000dc [SR] Verifying 100 components
2022-10-29 20:34:50, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:50, Info                  CSI    000000de [SR] Verify complete
2022-10-29 20:34:50, Info                  CSI    000000df [SR] Verifying 100 components
2022-10-29 20:34:50, Info                  CSI    000000e0 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:51, Info                  CSI    000000e1 [SR] Verify complete
2022-10-29 20:34:51, Info                  CSI    000000e2 [SR] Verifying 100 components
2022-10-29 20:34:51, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:51, Info                  CSI    000000e4 [SR] Verify complete
2022-10-29 20:34:51, Info                  CSI    000000e5 [SR] Verifying 100 components
2022-10-29 20:34:51, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:52, Info                  CSI    000000e7 [SR] Verify complete
2022-10-29 20:34:52, Info                  CSI    000000e8 [SR] Verifying 100 components
2022-10-29 20:34:52, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:52, Info                  CSI    000000ea [SR] Verify complete
2022-10-29 20:34:52, Info                  CSI    000000eb [SR] Verifying 100 components
2022-10-29 20:34:52, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:53, Info                  CSI    000000ed [SR] Verify complete
2022-10-29 20:34:53, Info                  CSI    000000ee [SR] Verifying 100 components
2022-10-29 20:34:53, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:53, Info                  CSI    000000f0 [SR] Verify complete
2022-10-29 20:34:53, Info                  CSI    000000f1 [SR] Verifying 100 components
2022-10-29 20:34:53, Info                  CSI    000000f2 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:54, Info                  CSI    000000f3 [SR] Verify complete
2022-10-29 20:34:54, Info                  CSI    000000f4 [SR] Verifying 100 components
2022-10-29 20:34:54, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:55, Info                  CSI    000000f6 [SR] Verify complete
2022-10-29 20:34:55, Info                  CSI    000000f7 [SR] Verifying 100 components
2022-10-29 20:34:55, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:55, Info                  CSI    000000f9 [SR] Verify complete
2022-10-29 20:34:55, Info                  CSI    000000fa [SR] Verifying 100 components
2022-10-29 20:34:55, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:56, Info                  CSI    000000ff [SR] Verify complete
2022-10-29 20:34:56, Info                  CSI    00000100 [SR] Verifying 100 components
2022-10-29 20:34:56, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:57, Info                  CSI    00000103 [SR] Verify complete
2022-10-29 20:34:57, Info                  CSI    00000104 [SR] Verifying 100 components
2022-10-29 20:34:57, Info                  CSI    00000105 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:58, Info                  CSI    00000106 [SR] Verify complete
2022-10-29 20:34:58, Info                  CSI    00000107 [SR] Verifying 100 components
2022-10-29 20:34:58, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:59, Info                  CSI    00000109 [SR] Verify complete
2022-10-29 20:34:59, Info                  CSI    0000010a [SR] Verifying 100 components
2022-10-29 20:34:59, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2022-10-29 20:34:59, Info                  CSI    0000010d [SR] Verify complete
2022-10-29 20:34:59, Info                  CSI    0000010e [SR] Verifying 100 components
2022-10-29 20:34:59, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:00, Info                  CSI    00000110 [SR] Verify complete
2022-10-29 20:35:00, Info                  CSI    00000111 [SR] Verifying 100 components
2022-10-29 20:35:00, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:01, Info                  CSI    00000113 [SR] Verify complete
2022-10-29 20:35:01, Info                  CSI    00000114 [SR] Verifying 100 components
2022-10-29 20:35:01, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:01, Info                  CSI    00000116 [SR] Verify complete
2022-10-29 20:35:02, Info                  CSI    00000117 [SR] Verifying 100 components
2022-10-29 20:35:02, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:02, Info                  CSI    00000119 [SR] Verify complete
2022-10-29 20:35:02, Info                  CSI    0000011a [SR] Verifying 100 components
2022-10-29 20:35:02, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:03, Info                  CSI    0000011c [SR] Verify complete
2022-10-29 20:35:03, Info                  CSI    0000011d [SR] Verifying 100 components
2022-10-29 20:35:03, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:03, Info                  CSI    0000011f [SR] Verify complete
2022-10-29 20:35:03, Info                  CSI    00000120 [SR] Verifying 100 components
2022-10-29 20:35:03, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:04, Info                  CSI    00000122 [SR] Verify complete
2022-10-29 20:35:04, Info                  CSI    00000123 [SR] Verifying 100 components
2022-10-29 20:35:04, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:04, Info                  CSI    00000125 [SR] Verify complete
2022-10-29 20:35:04, Info                  CSI    00000126 [SR] Verifying 100 components
2022-10-29 20:35:04, Info                  CSI    00000127 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:05, Info                  CSI    00000128 [SR] Verify complete
2022-10-29 20:35:05, Info                  CSI    00000129 [SR] Verifying 100 components
2022-10-29 20:35:05, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:06, Info                  CSI    0000012b [SR] Verify complete
2022-10-29 20:35:06, Info                  CSI    0000012c [SR] Verifying 100 components
2022-10-29 20:35:06, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:06, Info                  CSI    0000012e [SR] Verify complete
2022-10-29 20:35:06, Info                  CSI    0000012f [SR] Verifying 100 components
2022-10-29 20:35:06, Info                  CSI    00000130 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:07, Info                  CSI    00000131 [SR] Verify complete
2022-10-29 20:35:07, Info                  CSI    00000132 [SR] Verifying 100 components
2022-10-29 20:35:07, Info                  CSI    00000133 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:07, Info                  CSI    00000134 [SR] Verify complete
2022-10-29 20:35:07, Info                  CSI    00000135 [SR] Verifying 100 components
2022-10-29 20:35:07, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:08, Info                  CSI    00000137 [SR] Verify complete
2022-10-29 20:35:08, Info                  CSI    00000138 [SR] Verifying 100 components
2022-10-29 20:35:08, Info                  CSI    00000139 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:08, Info                  CSI    0000013a [SR] Verify complete
2022-10-29 20:35:08, Info                  CSI    0000013b [SR] Verifying 100 components
2022-10-29 20:35:08, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:09, Info                  CSI    0000013e [SR] Verify complete
2022-10-29 20:35:09, Info                  CSI    0000013f [SR] Verifying 100 components
2022-10-29 20:35:09, Info                  CSI    00000140 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:10, Info                  CSI    00000141 [SR] Verify complete
2022-10-29 20:35:10, Info                  CSI    00000142 [SR] Verifying 100 components
2022-10-29 20:35:10, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:10, Info                  CSI    00000144 [SR] Verify complete
2022-10-29 20:35:10, Info                  CSI    00000145 [SR] Verifying 100 components
2022-10-29 20:35:10, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:11, Info                  CSI    00000147 [SR] Verify complete
2022-10-29 20:35:11, Info                  CSI    00000148 [SR] Verifying 100 components
2022-10-29 20:35:11, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:11, Info                  CSI    0000014a [SR] Verify complete
2022-10-29 20:35:11, Info                  CSI    0000014b [SR] Verifying 100 components
2022-10-29 20:35:11, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:12, Info                  CSI    0000014d [SR] Verify complete
2022-10-29 20:35:12, Info                  CSI    0000014e [SR] Verifying 100 components
2022-10-29 20:35:12, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:12, Info                  CSI    00000150 [SR] Verify complete
2022-10-29 20:35:12, Info                  CSI    00000151 [SR] Verifying 100 components
2022-10-29 20:35:12, Info                  CSI    00000152 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:13, Info                  CSI    00000153 [SR] Verify complete
2022-10-29 20:35:13, Info                  CSI    00000154 [SR] Verifying 100 components
2022-10-29 20:35:13, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:14, Info                  CSI    00000156 [SR] Verify complete
2022-10-29 20:35:14, Info                  CSI    00000157 [SR] Verifying 100 components
2022-10-29 20:35:14, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:14, Info                  CSI    00000159 [SR] Verify complete
2022-10-29 20:35:14, Info                  CSI    0000015a [SR] Verifying 100 components
2022-10-29 20:35:14, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:15, Info                  CSI    0000015c [SR] Verify complete
2022-10-29 20:35:15, Info                  CSI    0000015d [SR] Verifying 100 components
2022-10-29 20:35:15, Info                  CSI    0000015e [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:15, Info                  CSI    0000015f [SR] Verify complete
2022-10-29 20:35:15, Info                  CSI    00000160 [SR] Verifying 100 components
2022-10-29 20:35:15, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:16, Info                  CSI    00000162 [SR] Verify complete
2022-10-29 20:35:16, Info                  CSI    00000163 [SR] Verifying 100 components
2022-10-29 20:35:16, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:17, Info                  CSI    00000165 [SR] Verify complete
2022-10-29 20:35:17, Info                  CSI    00000166 [SR] Verifying 100 components
2022-10-29 20:35:17, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:17, Info                  CSI    00000168 [SR] Verify complete
2022-10-29 20:35:17, Info                  CSI    00000169 [SR] Verifying 100 components
2022-10-29 20:35:17, Info                  CSI    0000016a [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:18, Info                  CSI    0000016b [SR] Verify complete
2022-10-29 20:35:18, Info                  CSI    0000016c [SR] Verifying 100 components
2022-10-29 20:35:18, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:18, Info                  CSI    0000016e [SR] Verify complete
2022-10-29 20:35:18, Info                  CSI    0000016f [SR] Verifying 100 components
2022-10-29 20:35:18, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:19, Info                  CSI    00000171 [SR] Verify complete
2022-10-29 20:35:19, Info                  CSI    00000172 [SR] Verifying 100 components
2022-10-29 20:35:19, Info                  CSI    00000173 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:19, Info                  CSI    00000174 [SR] Verify complete
2022-10-29 20:35:20, Info                  CSI    00000175 [SR] Verifying 100 components
2022-10-29 20:35:20, Info                  CSI    00000176 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:20, Info                  CSI    00000177 [SR] Verify complete
2022-10-29 20:35:20, Info                  CSI    00000178 [SR] Verifying 100 components
2022-10-29 20:35:20, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:21, Info                  CSI    0000017d [SR] Verify complete
2022-10-29 20:35:21, Info                  CSI    0000017e [SR] Verifying 100 components
2022-10-29 20:35:21, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:21, Info                  CSI    00000180 [SR] Verify complete
2022-10-29 20:35:21, Info                  CSI    00000181 [SR] Verifying 100 components
2022-10-29 20:35:21, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:22, Info                  CSI    00000183 [SR] Verify complete
2022-10-29 20:35:22, Info                  CSI    00000184 [SR] Verifying 100 components
2022-10-29 20:35:22, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:22, Info                  CSI    00000186 [SR] Verify complete
2022-10-29 20:35:22, Info                  CSI    00000187 [SR] Verifying 100 components
2022-10-29 20:35:22, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:22, Info                  CSI    00000189 [SR] Verify complete
2022-10-29 20:35:22, Info                  CSI    0000018a [SR] Verifying 100 components
2022-10-29 20:35:22, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:23, Info                  CSI    0000018c [SR] Verify complete
2022-10-29 20:35:23, Info                  CSI    0000018d [SR] Verifying 100 components
2022-10-29 20:35:23, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:24, Info                  CSI    0000018f [SR] Verify complete
2022-10-29 20:35:24, Info                  CSI    00000190 [SR] Verifying 100 components
2022-10-29 20:35:24, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:24, Info                  CSI    00000192 [SR] Verify complete
2022-10-29 20:35:24, Info                  CSI    00000193 [SR] Verifying 100 components
2022-10-29 20:35:24, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:25, Info                  CSI    00000195 [SR] Verify complete
2022-10-29 20:35:25, Info                  CSI    00000196 [SR] Verifying 100 components
2022-10-29 20:35:25, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:25, Info                  CSI    00000198 [SR] Verify complete
2022-10-29 20:35:26, Info                  CSI    00000199 [SR] Verifying 100 components
2022-10-29 20:35:26, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:26, Info                  CSI    0000019b [SR] Verify complete
2022-10-29 20:35:26, Info                  CSI    0000019c [SR] Verifying 100 components
2022-10-29 20:35:26, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:27, Info                  CSI    0000019e [SR] Verify complete
2022-10-29 20:35:27, Info                  CSI    0000019f [SR] Verifying 100 components
2022-10-29 20:35:27, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:28, Info                  CSI    000001a1 [SR] Verify complete
2022-10-29 20:35:28, Info                  CSI    000001a2 [SR] Verifying 100 components
2022-10-29 20:35:28, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:28, Info                  CSI    000001a4 [SR] Verify complete
2022-10-29 20:35:28, Info                  CSI    000001a5 [SR] Verifying 100 components
2022-10-29 20:35:28, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:29, Info                  CSI    000001a7 [SR] Verify complete
2022-10-29 20:35:29, Info                  CSI    000001a8 [SR] Verifying 100 components
2022-10-29 20:35:29, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:29, Info                  CSI    000001aa [SR] Verify complete
2022-10-29 20:35:30, Info                  CSI    000001ab [SR] Verifying 100 components
2022-10-29 20:35:30, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:30, Info                  CSI    000001b1 [SR] Verify complete
2022-10-29 20:35:30, Info                  CSI    000001b2 [SR] Verifying 100 components
2022-10-29 20:35:30, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:31, Info                  CSI    000001b4 [SR] Verify complete
2022-10-29 20:35:31, Info                  CSI    000001b5 [SR] Verifying 100 components
2022-10-29 20:35:31, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:31, Info                  CSI    000001b7 [SR] Verify complete
2022-10-29 20:35:31, Info                  CSI    000001b8 [SR] Verifying 100 components
2022-10-29 20:35:31, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:32, Info                  CSI    000001ba [SR] Verify complete
2022-10-29 20:35:32, Info                  CSI    000001bb [SR] Verifying 100 components
2022-10-29 20:35:32, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:32, Info                  CSI    000001bd [SR] Verify complete
2022-10-29 20:35:33, Info                  CSI    000001be [SR] Verifying 100 components
2022-10-29 20:35:33, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:33, Info                  CSI    000001c0 [SR] Verify complete
2022-10-29 20:35:33, Info                  CSI    000001c1 [SR] Verifying 100 components
2022-10-29 20:35:33, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:34, Info                  CSI    000001c3 [SR] Verify complete
2022-10-29 20:35:34, Info                  CSI    000001c4 [SR] Verifying 100 components
2022-10-29 20:35:34, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:34, Info                  CSI    000001c6 [SR] Verify complete
2022-10-29 20:35:34, Info                  CSI    000001c7 [SR] Verifying 100 components
2022-10-29 20:35:34, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:35, Info                  CSI    000001c9 [SR] Verify complete
2022-10-29 20:35:35, Info                  CSI    000001ca [SR] Verifying 100 components
2022-10-29 20:35:35, Info                  CSI    000001cb [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:36, Info                  CSI    000001cc [SR] Verify complete
2022-10-29 20:35:36, Info                  CSI    000001cd [SR] Verifying 100 components
2022-10-29 20:35:36, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:36, Info                  CSI    000001cf [SR] Verify complete
2022-10-29 20:35:37, Info                  CSI    000001d0 [SR] Verifying 100 components
2022-10-29 20:35:37, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:37, Info                  CSI    000001d2 [SR] Verify complete
2022-10-29 20:35:37, Info                  CSI    000001d3 [SR] Verifying 100 components
2022-10-29 20:35:37, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:38, Info                  CSI    000001d5 [SR] Verify complete
2022-10-29 20:35:38, Info                  CSI    000001d6 [SR] Verifying 100 components
2022-10-29 20:35:38, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:38, Info                  CSI    000001d8 [SR] Verify complete
2022-10-29 20:35:38, Info                  CSI    000001d9 [SR] Verifying 100 components
2022-10-29 20:35:38, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:39, Info                  CSI    000001db [SR] Verify complete
2022-10-29 20:35:39, Info                  CSI    000001dc [SR] Verifying 100 components
2022-10-29 20:35:39, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:39, Info                  CSI    000001de [SR] Verify complete
2022-10-29 20:35:39, Info                  CSI    000001df [SR] Verifying 100 components
2022-10-29 20:35:39, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:40, Info                  CSI    000001e1 [SR] Verify complete
2022-10-29 20:35:40, Info                  CSI    000001e2 [SR] Verifying 62 components
2022-10-29 20:35:40, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:40, Info                  CSI    000001e4 [SR] Verify complete
2022-10-29 20:35:40, Info                  CSI    000001e5 [SR] Repairing 0 components
2022-10-29 20:35:40, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2022-10-29 20:35:40, Info                  CSI    000001e7 [SR] Repair complete
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "AMSI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "AirSpaceChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Application" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "DirectShowFilterGraph" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "DirectShowPluginControl" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Els_Hyphenation/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "EndpointMapper" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "FirstUXPerf-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "ForwardedEvents" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "General Logging" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "HP Analytics" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "HardwareEvents" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "IHM_DebugChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/Application" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-GFX-Info/System" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-GPIO/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS-I2C/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-GPIO2/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-I2C/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-SPI/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Intel-iaLPSS2-UART2/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Internet Explorer" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Key Management Service" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceMFT" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationDeviceProxy" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MF_MediaFoundationFrameServer" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProc" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MedaFoundationVideoProcD3D" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationAsyncWrapper" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationContentProtection" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationDS" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationDeviceProxy" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationMP4" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationMediaEngine" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationPerformanceCore" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationPipeline" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationPlatform" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "MediaFoundationSrcPrefetch" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Client-Licensing-Platform/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-IE/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-IEFRAME/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-JSDumpHeap/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-OneCore-Setup/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-IEFRAME/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-PerfTrack-MSHTML/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AAD/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ADSI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ASN1/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/General" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ATAPort/SATA-LPM" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ActionQueue/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-All-User-Install-Agent/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AllJoyn/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/ApplicationTracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppHost/Internal" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppID/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/EXE and DLL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/MSI and Script" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Deployment" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppLocker/Packaged app-Execution" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-Runtime/Diagnostics" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppModel-State/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppReadiness/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppSruProv" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeployment/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppXDeploymentServer/Restricted" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ApplicabilityEngine/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application Server-Applications/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Compatibility-Infrastructure-Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Assistant/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Compatibility-Troubleshooter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Inventory" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Program-Telemetry" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Application-Experience/Steps-Recorder" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AppxPackaging/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AsynchronousCausality/Causality" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/CaptureMonitor" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/GlitchDetection" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Informational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audio/PlaybackManager" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Audit/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication User Interface/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/AuthenticationPolicyFailures-DomainController" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUser-Client" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserFailures-DomainController" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Authentication/ProtectedUserSuccesses-DomainController" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-AxInstallService/Log" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/HCI" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHPORT/L2CAP" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BTH-BTHUSB/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTaskInfrastructure/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BackgroundTransfer-ContentPrefetcher/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Backup" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Connections/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Base-Filtering-Engine-Resource-Flows/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Battery/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Biometrics/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker-Driver-Performance/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Management" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/BitLocker Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-BitLocker/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bits-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-BthLEPrepairing/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Bthmini/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-MTPEnum/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Bluetooth-Policy/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Catalog Database Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CAPI2/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CDROM/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentInitialize" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ApartmentUninitialize" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/Call" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/CreateInstance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/ExtensionCatalog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/FreeUnusedLibrary" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COM/RundownInstrumentation" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Activations" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/MessageProcessing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-COMRuntime/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertPoleEng/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-CredentialRoaming/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-System/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CertificateServicesClient-Lifecycle-User/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Cleanmgr/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ClearTypeTextTuner/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CloudStore/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CmiSetup/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CodeIntegrity/Verbose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ComDlg32/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Compat-Appraiser/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-BindFlt/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcifs/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Containers-Wcnfs/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreApplication/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreSystem-SmsRouter-Events/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CoreWindow/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CorruptedFileRecovery-Server/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crashdump/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-CredUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-BCRYPT/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-CNG/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/BackUpKeySvc" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DPAPI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-DSSEnh/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-NCrypt/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RNG/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Crypto-RSAEnh/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-D3D10Level9/PerfTiming" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAL-Provider/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DAMM/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DCLocator/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DDisplay/Logging" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DLNA-Namespace/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DNS-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DSC/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DUSER/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXGI/Logging" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DXP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Data-Pdf/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DataIntegrityScan/CrashRecovery" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DateTimeControlPanel/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Defrag-Core/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Deplorch/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopActivityModerator/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DesktopWindowManager-Diag/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceAssociationService/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceConfidence/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceGuard/Verbose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSetupManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceSync/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUpdateAgent/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Informational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DeviceUx/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Devices-Background/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcp-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dhcpv6-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiagCpl/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-AdvancedTaskManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-DPS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-MSDE/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PCW/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-PLA/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Perfhost/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scheduled/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-Scripted/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDC/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnosis-WDI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Networking/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack-Counters/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-PerfTrack/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Diagnostic/Loopback" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Diagnostics-Performance/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D10_1/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/Logging" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D11/PerfTiming" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/Logging" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D12/PerfTiming" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3D9/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Direct3DShaderCache/Default" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectComposition/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectManipulation/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectShow-KernelSupport/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DirectSound/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Disk/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnostic/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticDataCollector/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DiskDiagnosticResolver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/ExternalAnalytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Api/InternalAnalytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dism-Cli/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplayColorCalibration/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DisplaySwitch/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Documents/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dot3MM/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DriverFrameworks-UserMode/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-API/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Core/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Dwm/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Redir/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Dwm-Udwm/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl-Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Contention" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxgKrnl/Power" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-DxpTaskSyncProvider/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Application-Learning/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-Regular/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EDP-Audit-TCB/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EFS/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/IODiagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ESE/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapHost/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasChap/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-RasTls/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Sim/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EapMethods-Ttls/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EaseOfAccess/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/EventLog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Energy-Estimation-Engine/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EnhancedStorage-EhStorTcgDrv/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventCollector/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog-WMIProvider/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-EventLog/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FMS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FailoverClustering-Client/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Fault-Tolerant-Heap/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FeatureConfiguration/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Catalog/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-ConfigManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Core/WHC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/BackupLog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Engine/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-EventListener/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-Service/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileHistory-UI-Events/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-FileInfoMinifilter/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Firewall-CPL/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Folder Redirection/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Forwarding/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GPIO-ClassExtension/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GenericRoaming/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-GroupPolicy/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HAL/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenter/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HealthCenterCPL/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HelloForBusiness/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Help/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel Performance/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Control Panel/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Listener Service/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service Performance/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup Provider Service/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HomeGroup-ListenerService" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HotspotAuth/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Log" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-HttpService/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Diagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Guest-Drivers/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-Hypervisor-Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-NETVSC/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Hyper-V-VID-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IE-SmartScreen" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKE/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IKEDBG/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-Broker/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CandidateUI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-CustomerFeedbackManagerUI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPAPI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPLMP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPPRED/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPSetting/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-JPTIP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRAPI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-KRTIP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-OEDCompiler/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCCORE/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TCTIP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IME-TIP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPNAT/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPSEC-SRV/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IPxlatCfg/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IdCtrls/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-IndirectDisplays-ClassExtension-Events/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Input-HIDCLASS-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-InputSwitch/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International-RegionalOptionsControlPanel/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-International/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Iphlpsvc/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-KdsSvc/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kerberos/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Acpi/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/General" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-AppCompat/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ApphelpCache/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Boot/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-BootDiagnostics/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Disk/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-EventTracing/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-File/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IO/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Interrupt-Steering/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-IoTrace/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-LiveDump/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Memory/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Network/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pdc/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Pep/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Boot Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Configuration Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Device Enumeration Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-PnP/Driver Watchdog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Power/Thermal-Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Prefetch/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Process/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Processor-Power/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-Registry/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-ShimEngine/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-StoreMgr/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WDI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Errors" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-WHEA/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Kernel-XDV/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Known Folders API Service" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-L2NA/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LDAP-Client/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LSA/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LUA-ConsentUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LanguagePackSetup/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LimitsManagement/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LinkLayerDiscoveryProtocol/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-LiveId/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPEG2-Video-Encoder-MFT_Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-CLNT/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-DRV/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MPS-SRV/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSFTEDIT/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MSPaint/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MUI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/DMR" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Media-Streaming/MDE" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFCaptureEngine/MFCaptureEngine" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SinkWriter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/SourceReader" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-MFReadWrite/Transform" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-Performance/SARStreamResource" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MediaFoundation-PlayAPI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MemoryDiagnostics-Results/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Minstore/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api-Internal/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Api/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mobile-Broadband-Experience-SmsApi/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-MobilityCenter/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Autopilot" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/Diagnostics" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Mprddm/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NCSI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDF-HelperClassDiscovery/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS-PacketCapture/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NDIS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NFC-Class-Extension/Analytical" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NTLM/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NWiFi/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Narrator/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ncasvc/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NcdAutoSetup/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NdisImPlatform/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ndu/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetShell/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Connection-Broker" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-DataUsage/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-Setup/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Network-and-Sharing-Center/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkBridge/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkLocationWizard/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProfile/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvider/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkProvisioning/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkSecurity/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NetworkStatus/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-Correlation/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Networking-RealTimeCommunication/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-NlaSvc/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ntfs/WHC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLE/Clipboard-Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OLEACC/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-FirstLogonAnim/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Core/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-DUI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OOBE-Machine-Plugins-Wireless/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneBackup/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OneX/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OobeLdr/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-OtpCredentialProvider/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PCI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PackageStateRoaming/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ParentalControls/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Partition/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PeerToPeerDrtEventProvider/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionRuntime/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PerceptionSensorDataService/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-Nvdimm/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-PmemDisk/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Certification" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Diagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PersistentMemory-ScmBus/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PhotoAcq/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PlayToManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Policy/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceStatusProvider/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PortableDeviceSyncProvider/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Power-Meter-Polling/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCfg/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerCpl/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerEfficiencyDiagnostics/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PowerShell/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrimaryNetworkIcon/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService-USBMon/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PrintService/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Privacy-Auditing/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ProcessStateManager/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Program-Compatibility-Assistant/CompatAfterUpgrade" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/AutoPilot" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Provisioning-Diagnostics-Provider/ManagementService" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Informational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Proximity-Common/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Developer/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-InProc/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-PushNotification-Platform/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-Pacer/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-QoS-qWAVE/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC-Proxy/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RPC/EEInfo" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RRAS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RadioManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Ras-NdisWanPacketCapture/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RasAgileVpn/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReFS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoost/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ReadyBoostDriver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Regsvr32/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteApp and Desktop Connections/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteAssistance/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-RemoteFX-VM-Kernel-Mode-Transport/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RemoteDesktopServices-SessionServices/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Remotefs-Rdbss/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResetEng-Trace/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Detector/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Resource-Exhaustion-Resolver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ResourcePublication/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RestartManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-RetailDemo/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Graphics/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking-BackgroundTransfer/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Networking/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Web-Http/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-WebAPI/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTAdaptiveMediaSource" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTCaptureEngine" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTMediaStreamSource" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime-Windows-Media/WinRTTranscode" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/CreateInstance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Runtime/Error" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/HelperClassDiagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/ObjectStateDiagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBClient/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Audit" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Connectivity" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBServer/Security" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SMBWitnessClient/Informational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-ClassExtension/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SPB-HIDI2C/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Schannel-Events/Perf" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdbus/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sdstor/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-Core/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Search-ProtocolHandlers/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SearchUI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Adminless/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Audit-Configuration-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-EnterpriseData-FileRevocationManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-ExchangeActiveSyncProvisioning/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityListener/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-IdentityStore/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-LessPrivilegedAppContainer/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/KernelMode" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Mitigations/UserMode" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Netlogon/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GC/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX-Notifications/ActionCenter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP-UX/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-SPP/Perf" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-UserConsentVerifier/Audit" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Security-Vault/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SecurityMitigationsBroker/Perf" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SendTo/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sens/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sensors/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension-V2/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Serial-ClassExtension/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ServiceReportingApi/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services-Svchost/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Services/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Servicing/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-Azure/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync-OneDrive/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SettingSync/VerboseDebug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Setup/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupCl/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupPlatform/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupQueue/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SetupUGC/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShareMedia-ControlPanel/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AppWizCpl/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-BootAnim/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Common/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-CredentialProviderUser/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Logon/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-LogonUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-AuthUI-Shutdown/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ConnectedAccountState/ActionCenter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/ActionCenter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/AppDefaults" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/LogonTasksChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Core/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-DefaultPrograms/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-LockScreenContent/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-OpenWith/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Search-UriHandler" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-Shwebsvc" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shell-ZipFolder/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ShellCommon-StartLayoutPopulation/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Shsvcs/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SleepStudy/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-Audit/Authentication" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-DeviceEnum/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartCard-TPM-VCard-Module/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmartScreen/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Audit" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Connectivity" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SmbClient/Security" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Speech-UserExperience/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spell-Checking/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SpellChecker/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Spellchecking-Host/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SruMon/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SrumTelemetry" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StateRepository/Restricted" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorDiag/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorPort/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Diagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ATAPort/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Diagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-ClassPnP/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Diagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Disk/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Diagnose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Health" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Storport/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering-IoHeat/Heat" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storage-Tiering/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageManagement/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSettings/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-Driver/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-ManagementAgent/WHC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-StorageSpaces-SpaceManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Store/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Storsvc/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-Csr/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Subsys-SMSS/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/Main" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/PfApLog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Superfetch/StoreLog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Sysprep/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-System-Profile-HardwareId/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsHandlers/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-SystemSettingsThreshold/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TCPIP/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msctf/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TSF-msutb/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TTS/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinAPI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TWinUI/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZSync/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TZUtil/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Maintenance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskScheduler/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TaskbarCPL/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-ClientUSBDevices/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-LocalSessionManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-MediaRedirection/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-PnPDevices/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-Printers/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RDPClient/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Capture" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RdpSoundDriver/Playback" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Manager/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Tethering-Station/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeCPL/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ThemeUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Threat-Intelligence/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service-PTP-Provider/PTP-Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Time-Service/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Troubleshooting-Recommended/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-TunnelDriver" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC-FileVirtualization/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UAC/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UI-Shell/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAnimation/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIAutomationCore/Perf" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UIRibbon/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-MAUSBHOST-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-UCX-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBHUB3-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBPORT/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USB-USBXHCI-Trustlet-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-USBVideo/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UniversalTelemetryClient/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Performance/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel Usage/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Control Panel/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Device Registration/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User Profile Service/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-User-Loader/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserAccountControl/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserModePowerService/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/ActionCenter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceInstall" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/DeviceMetadata/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UserPnp/SchedulerOperations" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxInit/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-UxTheme/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VAN/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VDRVROOT/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VHDMP-Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VIRTDISK-Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN-Client/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VPN/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VWiFi/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VerifyHardwareSecurity/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Volume/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeControl/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-VolumeSnapshot-Driver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WABSyncProvider/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCN-Config-Registrar/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WCNWiz/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WEPHOSTSVC/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WER-PayloadHealth/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WFP/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-AutoConfig/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Autoconfig/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-Driver/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLAN-MediaManager/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WLANConnectionFlow/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMI-Activity/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPDMCUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-PublicAPI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSS-Service/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WMPNSSUI/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-API/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-ClassInstaller/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-CompositeClassDriver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPBT/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPClassDriver/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPIP/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WPD-MTPUS/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WSC-SRV/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WUSA/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-CFE/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MM-Events/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-MediaManager/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-NDISUIO-EVENTS/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WWAN-SVC-Events/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wcmsvc/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuth/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebAuthN/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO-NDF/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebIO/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebPlatStorage-Server" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebServices/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WebcamProvider/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Websocket-Protocol-Component/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WiFiDisplay/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Concurrency" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Contention" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Messages" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Power" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Render" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Win32k/UIPI" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHTTP-NDF/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp-Pca" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinHttp/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Capture/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet-Config/ProxyConfigChanged" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/Pca" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/UsageLog" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinINet/WebSocket" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinMDE/MDE" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinML/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Oper" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinNat/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinRM/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WinURLMon/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windeploy/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Defender/WHC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurity" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/ConnectionSecurityVerbose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallDiagnostics" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Windows Firewall With Advanced Security/FirewallVerbose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsBackup/ActionCenter" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsColorSystem/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsSystemAssessmentTool/Tracing" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUIImmersive/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WindowsUpdateClient/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wininit/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winlogon/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-AFD/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-NameResolution/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsock-WS2HELP/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Winsrv/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wired-AutoConfig/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WlanDlg/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Wordpad/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-WorkFolders/WHC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-Workplace Join/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML-Diagnostics/Default" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAML/Default" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-XAudio2/Performance" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-glcnd/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-mobsync/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-ntshrui-perf" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-osk/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-stobject/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Analytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-Windows-wmbclass/Trace" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-LocationServiceProvider/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellManager/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Microsoft-WindowsPhone-Net-Cellcore-CellularAPI/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "NIS-Driver-WFP/Diagnostic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Navigator" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Network Isolation Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OAlerts" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OSK_SoftKeyboard_Channel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OfficeChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OfficeDebugChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OneApp_IGCC" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OpenSSH/Admin" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OpenSSH/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "OpenSSH/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Physical_Keyboard_Manager_Channel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "PlayReadyPerformanceChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "RTWorkQueueExtended" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "RTWorkQueueTheading" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "SMSApi" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Security" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Setup" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "SmbWmiAnalytic" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "System" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "SystemEventsBroker" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "TabletPC_InputPanel_Channel/IHM" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "TimeBroker" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "UIManager_Channel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Uac/Debug" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_KS_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_MFH264Enc_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_MP4SDECD_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2ADEC_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_MSMPEG2VDEC_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_VC1ENC_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_WMPHOTO_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WINDOWS_wmvdecod_CHANNEL" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WMPSetup" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WMPSyncEngine" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/Operational" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Windows Networking Vpn Plugin Platform/OperationalVerbose" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "Windows PowerShell" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "WordChannel" 
 
C:\Users\kgwal\OneDrive\Desktop>wevtutil cl "muxencode" 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 20:35:59 ====

  • 0

#8
RKinner
Posted 30 October 2022 - 08:30 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Yes it worked.  DISM completed without problems this time  and SFC says it was able to repair all files.  Can I see a new VEW log?


  • 0

#9
portillos
Posted 30 October 2022 - 09:21 AM

portillos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

excellent.  Here's the  new VEW log:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 30/10/2022 10:19:14 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/10/2022 1:49:59 AM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 30/10/2022 1:49:13 AM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 30/10/2022 1:49:13 AM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/10/2022 4:23:10 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 4:22:04 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 2:47:24 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 2:23:15 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-1592514423-3326616912-2519584020-3369785941-1636171354-795750496-3982133047). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 2:22:57 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 1:52:01 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name t-ring-fallback.msedge.net timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 30/10/2022 1:50:40 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 30/10/2022 1:49:59 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 1:49:43 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 1:49:43 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 30/10/2022 1:49:31 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&16e92655&0&01.
 
Log: 'System' Date/Time: 30/10/2022 1:49:28 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\DRIVERENUM\{cfabacad-7939-467c-96a7-93781d90d2d8}#WirelessButtonDriver_usersvc&3&9489f59&0.
 
Log: 'System' Date/Time: 30/10/2022 1:49:28 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device PCI\VEN_8086&DEV_8A03&SUBSYS_86C9103C&REV_03\3&11583659&2&20.
 
Log: 'System' Date/Time: 30/10/2022 1:49:14 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll 

  • 0

#10
RKinner
Posted 30 October 2022 - 10:47 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Still getting a Zoom error:

Log: 'Application' Date/Time: 30/10/2022 1:49:59 AM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 

 

 

 

The only other possibly important errors are from Intel:


Log: 'System' Date/Time: 30/10/2022 1:49:31 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&16e92655&0&01.
 
Log: 'System' Date/Time: 30/10/2022 1:49:28 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\DRIVERENUM\{cfabacad-7939-467c-96a7-93781d90d2d8}#WirelessButtonDriver_usersvc&3&9489f59&0.
 
Log: 'System' Date/Time: 30/10/2022 1:49:28 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device PCI\VEN_8086&DEV_8A03&SUBSYS_86C9103C&REV_03\3&11583659&2&20.

 

Hopefully the PC is new enough that HP still offers updates.  I would go to the HP support site

https://support.hp.c...drivers/laptops

and put in the serial number for your PC.  (Should be on the bottom of your PC)   See if they have any Intel updates.  You can also try intel.com and see if they have anything for your PC.

 
 

 

 

 

 


  • 0

#11
portillos
Posted 01 November 2022 - 10:35 AM

portillos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

Installed lots of updates and in fact there was another windows update that I installed.  Here's the updated VEW:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 01/11/2022 11:33:18 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 01/11/2022 4:24:39 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 01/11/2022 4:24:39 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 01/11/2022 4:24:39 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 01/11/2022 4:24:39 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 01/11/2022 1:46:32 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 01/11/2022 12:34:42 AM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 01/11/2022 12:34:42 AM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 01/11/2022 12:18:52 AM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 01/11/2022 12:18:52 AM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 30/10/2022 1:49:59 AM
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Users\kgwal\AppData\Roaming\Zoom\bin\Zoom.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
 
Log: 'Application' Date/Time: 30/10/2022 1:49:13 AM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 30/10/2022 1:49:13 AM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/10/2022 8:36:08 PM
Type: Warning Category: 0
Event: 2 Source: Steam Client Service
Warning: Updated file "SteamService.dll" from version 0x000700380063001a to version 0x0007003b00360011.
 
 
Log: 'Application' Date/Time: 30/10/2022 8:36:08 PM
Type: Warning Category: 0
Event: 2 Source: Steam Client Service
Warning: Updated file "steamxboxutil64.exe" from version 0x000700380063001a to version 0x0007003b00360011.
 
 
Log: 'Application' Date/Time: 30/10/2022 8:36:08 PM
Type: Warning Category: 0
Event: 2 Source: Steam Client Service
Warning: Updated file "secure_desktop_capture.exe" from version 0x000700380063001a to version 0x0007003b00360011.
 
 
Log: 'Application' Date/Time: 30/10/2022 8:36:07 PM
Type: Warning Category: 0
Event: 2 Source: Steam Client Service
Warning: Updated file "SteamService.exe" from version 0x000700380063001a to version 0x0007003b00360011.
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/10/2022 8:36:07 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 30/10/2022 8:36:07 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/11/2022 4:27:08 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:26:50 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:26:50 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:26:03 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 01/11/2022 4:24:55 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\8&16e92655&0&01.
 
Log: 'System' Date/Time: 01/11/2022 4:24:52 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\DRIVERENUM\{cfabacad-7939-467c-96a7-93781d90d2d8}#WirelessButtonDriver_usersvc&3&9489f59&0.
 
Log: 'System' Date/Time: 01/11/2022 4:24:50 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device PCI\VEN_8086&DEV_8A03&SUBSYS_86C9103C&REV_03\3&11583659&2&20.
 
Log: 'System' Date/Time: 01/11/2022 4:24:40 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll 
 
Log: 'System' Date/Time: 01/11/2022 4:24:12 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:24:06 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:24:05 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:23:57 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:23:55 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:23:50 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:23:43 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:22:15 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:19:58 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 4:14:17 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 1:49:04 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user LAPTOP-IC9ME3DV\kgwal SID (S-1-5-21-691941065-2667957141-2909907241-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 01/11/2022 1:48:42 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP