Loading built-in default control script [04-10-2024 19:45:10] DbgSVC started [04-10-2024 19:45:10] New process found: Process Name - System Process Process ID - 0 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - System Process ID - 4 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - smss.exe Process ID - 316 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - csrss.exe Process ID - 420 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - wininit.exe Process ID - 504 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - csrss.exe Process ID - 512 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - winlogon.exe Process ID - 572 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - services.exe Process ID - 640 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - lsass.exe Process ID - 656 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 756 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 820 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - LogonUI.exe Process ID - 920 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - dwm.exe Process ID - 952 Process Identity - Window Manager\DWM-1 [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 964 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 972 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1020 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 452 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 888 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1144 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1152 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1356 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1616 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1744 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - spoolsv.exe Process ID - 2008 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1200 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1196 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 1348 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - ComboCleaner.Guard.exe Process ID - 1428 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - dns.exe Process ID - 1596 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - ComboCleaner.WinService.exe Process ID - 1856 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MELSC.exe Process ID - 2136 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MEIMAPS.EXE Process ID - 2144 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MEDMS.EXE Process ID - 2156 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 2180 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MBAMService.exe Process ID - 2188 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MEMTA.exe Process ID - 2320 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MEPOC.exe Process ID - 2328 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MEPOPS.exe Process ID - 2336 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MESMTPC.exe Process ID - 2344 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - mqsvc.exe Process ID - 2400 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - MsDepSvc.exe Process ID - 2408 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 2548 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 2628 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - plesksrv.exe Process ID - 2640 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - sqlwriter.exe Process ID - 2648 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - sqlbrowser.exe Process ID - 2660 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - SMSvcHost.exe Process ID - 2672 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - PopPassD.exe Process ID - 2680 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - MsMpEng.exe Process ID - 2800 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - WMSvc.exe Process ID - 2808 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 2916 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - SMSvcHost.exe Process ID - 4240 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - WmiPrvSE.exe Process ID - 4396 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - SMSvcHost.exe Process ID - 4444 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - sqlceip.exe Process ID - 4544 Process Identity - NT SERVICE\SQLTELEMETRY$MSSQLSERVER2017 [04-10-2024 19:45:10] New process found: Process Name - sqlservr.exe Process ID - 4552 Process Identity - NT SERVICE\MSSQL$MSSQLSERVER2017 [04-10-2024 19:45:10] New process found: Process Name - mysqld.exe Process ID - 4564 Process Identity - NT SERVICE\PleskSQLServer [04-10-2024 19:45:10] New process found: Process Name - mysqld.exe Process ID - 4576 Process Identity - NT SERVICE\MariaDB103 [04-10-2024 19:45:10] New process found: Process Name - w3wp.exe Process ID - 4676 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [04-10-2024 19:45:10] New process found: Process Name - fdlauncher.exe Process ID - 5744 Process Identity - NT SERVICE\MSSQLFDLauncher$MSSQLSERVER2017 [04-10-2024 19:45:10] New process found: Process Name - fdhost.exe Process ID - 5848 Process Identity - NT SERVICE\MSSQLFDLauncher$MSSQLSERVER2017 [04-10-2024 19:45:10] New process found: Process Name - conhost.exe Process ID - 5860 Process Identity - NT SERVICE\MSSQLFDLauncher$MSSQLSERVER2017 [04-10-2024 19:45:10] New process found: Process Name - w3wp.exe Process ID - 6092 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [04-10-2024 19:45:10] New process found: Process Name - conhost.exe Process ID - 1928 Process Identity - IIS APPPOOL\kdbps.edu.in [04-10-2024 19:45:10] New process found: Process Name - w3wp.exe Process ID - 6304 Process Identity - IIS APPPOOL\edtribute.com Web application pool name - edtribute.com [04-10-2024 19:45:10] New process found: Process Name - WmiPrvSE.exe Process ID - 6932 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - w3wp.exe Process ID - 4976 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [04-10-2024 19:45:10] New process found: Process Name - csrss.exe Process ID - 5844 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - winlogon.exe Process ID - 6060 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - dwm.exe Process ID - 768 Process Identity - Window Manager\DWM-2 [04-10-2024 19:45:10] New process found: Process Name - Malwarebytes.exe Process ID - 2932 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - rdpclip.exe Process ID - 3456 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - RuntimeBroker.exe Process ID - 1836 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - sihost.exe Process ID - 4604 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 7116 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - taskhostw.exe Process ID - 672 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - sppsvc.exe Process ID - 6564 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - explorer.exe Process ID - 7376 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - SearchIndexer.exe Process ID - 7696 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - ShellExperienceHost.exe Process ID - 7724 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - SppExtComObj.Exe Process ID - 7756 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New process found: Process Name - SearchUI.exe Process ID - 8000 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - SearchProtocolHost.exe Process ID - 8176 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - SearchFilterHost.exe Process ID - 288 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - svchost.exe Process ID - 8256 Process Identity - SYSTEM [04-10-2024 19:45:10] New process found: Process Name - WmiPrvSE.exe Process ID - 8724 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - w3wp.exe Process ID - 8888 Process Identity - IIS APPPOOL\tools.taxtribute.com Web application pool name - tools.taxtribute.com [04-10-2024 19:45:10] New process found: Process Name - conhost.exe Process ID - 9032 Process Identity - IIS APPPOOL\tools.taxtribute.com [04-10-2024 19:45:10] New process found: Process Name - ComboCleaner.exe Process ID - 9152 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - traymonitor.exe Process ID - 2384 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - METray.exe Process ID - 7916 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - InetMgr.exe Process ID - 8680 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - wlrmdr.exe Process ID - 8368 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:10] New process found: Process Name - audiodg.exe Process ID - 8668 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:45:10] New process found: Process Name - DbgSvc.exe Process ID - 8536 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:10] New process found: Process Name - dllhost.exe Process ID - 7348 Process Identity - NT AUTHORITY\SYSTEM COM+ package name - System Application [04-10-2024 19:45:10] New process found: Process Name - msdtc.exe Process ID - 3896 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:10] New service found: Service Name - AJRouter Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - ALG Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - AppHostSvc Process ID - 1196 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - AppIDSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - Appinfo Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - AppMgmt Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - AppReadiness Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - AppVClient Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - AppXSvc Process ID - 8256 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - aspnet_state Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - AudioEndpointBuilder Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Audiosrv Process ID - 1616 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - AxInstSV Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - BFE Process ID - 1144 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - BITS Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - BrokerInfrastructure Process ID - 756 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Browser Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - bthserv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - CDPSvc Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - CertPropSvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - ClipSVC Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - ComboCleaner.Guard Process ID - 1428 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - ComboCleaner.WinService Process ID - 1856 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - COMSysApp Process ID - 7348 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - CoreMessagingRegistrar Process ID - 1144 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - CryptSvc Process ID - 1152 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - CscService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DbgSvc Process ID - 8536 Current State - SERVICE_START_PENDING [04-10-2024 19:45:10] New service found: Service Name - DcomLaunch Process ID - 756 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - DcpSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - defragsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DeviceAssociationService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DeviceInstall Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DevQueryBroker Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - Dhcp Process ID - 1020 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - diagnosticshub.standardcollector.service Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DiagTrack Process ID - 1348 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - DmEnrollmentSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - dmwappushservice Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DNS Process ID - 1596 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Dnscache Process ID - 1152 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - dot3svc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DPS Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - DsmSvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - DsSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - Eaphost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - EFS Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - embeddedmode Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - EntAppSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - EventLog Process ID - 1020 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - EventSystem Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - fdPHost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - FDResPub Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - FontCache Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - FontCache3.0.0.0 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - FrameServer Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - ftpsvc Process ID - 1200 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - GoogleChromeElevationService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - GoogleUpdaterInternalService130.0.6679.0 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - GoogleUpdaterService130.0.6679.0 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - gpsvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - hidserv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - HvHost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - icssvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - IKEEXT Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - iphlpsvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - KeyIso Process ID - 656 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - KPSSVC Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - KtmRm Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - LanmanServer Process ID - 2180 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - LanmanWorkstation Process ID - 1152 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - lfsvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - LicenseManager Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - lltdsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - lmhosts Process ID - 1020 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - LSM Process ID - 756 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MapsBroker Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - MariaDB103 Process ID - 4576 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MBAMService Process ID - 2188 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MBVpnTunnelService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - MEDMS Process ID - 2156 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MEIMAPS Process ID - 2144 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MELCS Process ID - 2136 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MEMTAS Process ID - 2320 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MEPOCS Process ID - 2328 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MEPOPS Process ID - 2336 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MESMTPCS Process ID - 2344 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MpsSvc Process ID - 1144 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MsDepSvc Process ID - 2408 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MSDTC Process ID - 3896 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MSiSCSI Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - msiserver Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - MSMQ Process ID - 2400 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MSSQL$MSSQLSERVER2017 Process ID - 4552 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - MSSQLFDLauncher$MSSQLSERVER2017 Process ID - 5744 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - NcaSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - NcbService Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Netlogon Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - Netman Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - NetMsmqActivator Process ID - 4444 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - NetPipeActivator Process ID - 4240 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - netprofm Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - NetSetupSvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - NetTcpActivator Process ID - 2672 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - NetTcpPortSharing Process ID - 2672 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - NgcCtnrSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - NgcSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - NlaSvc Process ID - 1152 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - nsi Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - PcaSvc Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - PerfHost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - PhoneSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - pla Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - PleskSQLServer Process ID - 4564 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - plesksrv Process ID - 2640 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - PleskStartup Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - PleskTaskManager Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - PleskWebSocket Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - PlugPlay Process ID - 756 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - PolicyAgent Process ID - 2916 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - PopPassD Process ID - 2680 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Power Process ID - 756 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - PrintNotify Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - ProfSvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - QWAVE Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - RasAuto Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - RasMan Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - RemoteAccess Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - RemoteRegistry Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - RmSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - RpcEptMapper Process ID - 820 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - RpcLocator Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - RpcSs Process ID - 820 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - RSoPProv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - sacsvr Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SamSs Process ID - 656 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SCardSvr Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - ScDeviceEnum Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Schedule Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SCPolicySvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - seclogon Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SENS Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SensorDataService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SensorService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SensrSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SessionEnv Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SharedAccess Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - ShellHWDetection Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - smphost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SNMPTRAP Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - Spooler Process ID - 2008 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - sppsvc Process ID - 6564 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SQLAgent$MSSQLSERVER2017 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SQLBrowser Process ID - 2660 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SQLTELEMETRY$MSSQLSERVER2017 Process ID - 4544 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SQLWriter Process ID - 2648 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - SSDPSRV Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SstpSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - StateRepository Process ID - 2628 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - stisvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - StorSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - svsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - swprv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SysMain Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - SystemEventsBroker Process ID - 756 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - TabletInputService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - TapiSrv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - TermService Process ID - 964 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Themes Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - TieringEngineService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - tiledatamodelsvc Process ID - 2628 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - TimeBrokerSvc Process ID - 1020 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - TrkWks Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - TrustedInstaller Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - tzautoupdate Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UALSVC Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UevAgentService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UI0Detect Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UmRdpService Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - upnphost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UserManager Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - UsoSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - VaultSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vds Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmicguestinterface Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmicheartbeat Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmickvpexchange Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmicrdv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmicshutdown Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmictimesync Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmicvmsession Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - vmicvss Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - VSS Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - W32Time Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - w3logsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - W3SVC Process ID - 2548 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WalletService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WAS Process ID - 2548 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WbioSrvc Process ID - 1744 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Wcmsvc Process ID - 1356 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WdiServiceHost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WdNisSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - Wecsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WEPHOSTSVC Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - wercplsupport Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WerSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WiaRpc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WinDefend Process ID - 2800 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WinHttpAutoProxySvc Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - Winmgmt Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WinRM Process ID - 1152 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - wlidsvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - wmiApSrv Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WMSVC Process ID - 2808 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WPDBusEnum Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WpnService Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - WSearch Process ID - 7696 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - wuauserv Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - wudfsvc Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - XblAuthManager Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - XblGameSave Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - CDPUserSvc_712b2 Process ID - 7116 Current State - SERVICE_RUNNING [04-10-2024 19:45:10] New service found: Service Name - OneSyncSvc_712b2 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - PimIndexMaintenanceSvc_712b2 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UnistoreSvc_712b2 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - UserDataSvc_712b2 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:10] New service found: Service Name - WpnUserService_712b2 Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:11] New process found: Process Name - svchost.exe Process ID - 8112 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:45:11] New process found: Process Name - pleskstartup.exe Process ID - 8828 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:11] New process found: Process Name - conhost.exe Process ID - 9236 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:11] New process found: Process Name - pleskstartuphandler.exe Process ID - 9268 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:11] Service state changed: Service Name - DbgSvc Process ID - 8536 Current State - SERVICE_RUNNING [04-10-2024 19:45:11] Service state changed: Service Name - DPS Process ID - 1144 Current State - SERVICE_RUNNING [04-10-2024 19:45:11] Service state changed: Service Name - MapsBroker Process ID - 8112 Current State - SERVICE_RUNNING [04-10-2024 19:45:11] Service state changed: Service Name - PleskStartup Process ID - 8828 Current State - SERVICE_START_PENDING [04-10-2024 19:45:11] Service state changed: Service Name - WdiSystemHost Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:12] Process Exited: Process Name - sppsvc.exe Process ID - 6564 [04-10-2024 19:45:12] Process Exited: Process Name - SppExtComObj.Exe Process ID - 7756 [04-10-2024 19:45:12] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:13] New process found: Process Name - dllhost.exe Process ID - 9340 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:13] New process found: Process Name - nssm.exe Process ID - 9380 Process Identity - NT SERVICE\PleskTaskManager [04-10-2024 19:45:13] New process found: Process Name - task-manager.exe Process ID - 9444 Process Identity - NT SERVICE\PleskTaskManager [04-10-2024 19:45:13] New process found: Process Name - conhost.exe Process ID - 9452 Process Identity - NT SERVICE\PleskTaskManager [04-10-2024 19:45:13] Process Exited: Process Name - pleskstartup.exe Process ID - 8828 [04-10-2024 19:45:13] Process Exited: Process Name - conhost.exe Process ID - 9236 [04-10-2024 19:45:13] Process Exited: Process Name - pleskstartuphandler.exe Process ID - 9268 [04-10-2024 19:45:13] Service state changed: Service Name - PleskStartup Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:13] Service state changed: Service Name - PleskTaskManager Process ID - 9380 Current State - SERVICE_START_PENDING [04-10-2024 19:45:14] New process found: Process Name - nssm.exe Process ID - 9620 Process Identity - NT SERVICE\PleskWebSocket [04-10-2024 19:45:14] New process found: Process Name - php.exe Process ID - 9680 Process Identity - NT SERVICE\PleskWebSocket [04-10-2024 19:45:14] New process found: Process Name - conhost.exe Process ID - 9688 Process Identity - NT SERVICE\PleskWebSocket [04-10-2024 19:45:14] Process Exited: Process Name - wlrmdr.exe Process ID - 8368 [04-10-2024 19:45:14] Service state changed: Service Name - PleskTaskManager Process ID - 9380 Current State - SERVICE_RUNNING [04-10-2024 19:45:14] Service state changed: Service Name - PleskWebSocket Process ID - 9620 Current State - SERVICE_START_PENDING [04-10-2024 19:45:16] New process found: Process Name - sppsvc.exe Process ID - 9780 Process Identity - SYSTEM [04-10-2024 19:45:16] Service state changed: Service Name - PleskWebSocket Process ID - 9620 Current State - SERVICE_RUNNING [04-10-2024 19:45:16] Service state changed: Service Name - sppsvc Process ID - 9780 Current State - SERVICE_RUNNING [04-10-2024 19:45:16] Service state changed: Service Name - UALSVC Process ID - 452 Current State - SERVICE_START_PENDING [04-10-2024 19:45:17] New process found: Process Name - notepad.exe Process ID - 9868 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:18] New process found: Process Name - MusNotification.exe Process ID - 9920 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:18] New process found: Process Name - MusNotification.exe Process ID - 9976 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:18] Service state changed: Service Name - UsoSvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:45:19] New process found: Process Name - MusNotificationUx.exe Process ID - 9996 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:19] Process Exited: Process Name - dllhost.exe Process ID - 9340 [04-10-2024 19:45:19] Process Exited: Process Name - MusNotification.exe Process ID - 9976 [04-10-2024 19:45:21] Process Exited: Process Name - svchost.exe Process ID - 8112 [04-10-2024 19:45:21] Service state changed: Service Name - MapsBroker Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:45:22] New process found: Process Name - ApplicationFrameHost.exe Process ID - 10172 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:22] New process found: Process Name - SystemSettings.exe Process ID - 9312 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:45:22] Service state changed: Service Name - UALSVC Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:45:23] Process Exited: Process Name - MusNotification.exe Process ID - 9920 [04-10-2024 19:45:23] Process Exited: Process Name - MusNotificationUx.exe Process ID - 9996 [04-10-2024 19:45:23] Service state changed: Service Name - VaultSvc Process ID - 656 Current State - SERVICE_RUNNING [04-10-2024 19:45:23] Service state changed: Service Name - OneSyncSvc_712b2 Process ID - 7116 Current State - SERVICE_RUNNING [04-10-2024 19:45:25] Process Exited: Process Name - SystemSettings.exe Process ID - 9312 [04-10-2024 19:45:27] New process found: Process Name - w3wp.exe Process ID - 6256 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [04-10-2024 19:45:28] New process found: Process Name - ComboCleaner.Guard.exe Process ID - 10028 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:28] New process found: Process Name - svchost.exe Process ID - 10024 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:28] New process found: Process Name - WerFault.exe Process ID - 9368 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:28] New process found: Process Name - wermgr.exe Process ID - 9340 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:45:28] Service state changed: Service Name - WerSvc Process ID - 10024 Current State - SERVICE_RUNNING [04-10-2024 19:45:39] Service state changed: Service Name - DsmSvc Process ID - 972 Current State - SERVICE_STOP_PENDING [04-10-2024 19:45:39] Service state changed: Service Name - WdiServiceHost Process ID - 888 Current State - SERVICE_START_PENDING [04-10-2024 19:45:51] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8724 [04-10-2024 19:46:02] Service state changed: Service Name - DsmSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:46:02] Service state changed: Service Name - sppsvc Process ID - 9780 Current State - SERVICE_STOP_PENDING [04-10-2024 19:46:02] Service state changed: Service Name - WdiServiceHost Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:46:08] New process found: Process Name - dllhost.exe Process ID - 7828 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:46:08] Service state changed: Service Name - NetSetupSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:46:13] Process Exited: Process Name - dllhost.exe Process ID - 7828 [04-10-2024 19:46:20] Process Exited: Process Name - svchost.exe Process ID - 1744 [04-10-2024 19:46:20] Service state changed: Service Name - WbioSrvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:46:22] Process Exited: Process Name - sppsvc.exe Process ID - 9780 [04-10-2024 19:46:22] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:46:30] Process Exited: Process Name - wermgr.exe Process ID - 9340 [04-10-2024 19:46:30] Service state changed: Service Name - wisvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:46:34] New process found: Process Name - ComboCleaner.Guard.exe Process ID - 4424 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:46:34] Process Exited: Process Name - ComboCleaner.Guard.exe Process ID - 1428 [04-10-2024 19:46:34] Process Exited: Process Name - WerFault.exe Process ID - 9368 [04-10-2024 19:46:34] Process Exited: Process Name - ComboCleaner.Guard.exe Process ID - 10028 [04-10-2024 19:46:34] Service state changed: Service Name - ComboCleaner.Guard Process ID - 0 Current State - SERVICE_START_PENDING [04-10-2024 19:46:38] Process Exited: Process Name - SearchFilterHost.exe Process ID - 288 [04-10-2024 19:46:38] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 8176 [04-10-2024 19:46:38] Service state changed: Service Name - WPDBusEnum Process ID - 452 Current State - SERVICE_STOP_PENDING [04-10-2024 19:46:49] New process found: Process Name - dllhost.exe Process ID - 1884 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:46:49] Service state changed: Service Name - ComboCleaner.Guard Process ID - 4424 Current State - SERVICE_RUNNING [04-10-2024 19:46:49] Service state changed: Service Name - WPDBusEnum Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:46:53] New process found: Process Name - w3wp.exe Process ID - 10228 Process Identity - KSHITIJSINGHAL-\IWPD_42(capitalbook) Web application pool name - cb.capitalbooks-publishing.com(domain)(4.0)(pool) [04-10-2024 19:46:53] New process found: Process Name - where.exe Process ID - 7888 Process Identity - KSHITIJSINGHAL-\IWPD_42(capitalbook) [04-10-2024 19:46:53] New process found: Process Name - conhost.exe Process ID - 8376 Process Identity - KSHITIJSINGHAL-\IWPD_42(capitalbook) [04-10-2024 19:46:54] New process found: Process Name - conhost.exe Process ID - 8388 Process Identity - KSHITIJSINGHAL-\IWPD_42(capitalbook) [04-10-2024 19:46:54] Process Exited: Process Name - dllhost.exe Process ID - 1884 [04-10-2024 19:46:54] Process Exited: Process Name - where.exe Process ID - 7888 [04-10-2024 19:46:54] Process Exited: Process Name - conhost.exe Process ID - 8376 [04-10-2024 19:46:57] New process found: Process Name - w3wp.exe Process ID - 3448 Process Identity - IIS APPPOOL\tools.taxtribute.com Web application pool name - tools.taxtribute.com [04-10-2024 19:46:58] Process Exited: Process Name - w3wp.exe Process ID - 8888 Web application pool name - tools.taxtribute.com [04-10-2024 19:46:58] Process Exited: Process Name - conhost.exe Process ID - 9032 [04-10-2024 19:47:02] New process found: Process Name - WMIADAP.exe Process ID - 1816 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:47:08] New process found: Process Name - conhost.exe Process ID - 9344 Process Identity - IIS APPPOOL\tools.taxtribute.com [04-10-2024 19:47:19] New process found: Process Name - w3wp.exe Process ID - 6760 Process Identity - IIS APPPOOL\taxtribute.com Web application pool name - taxtribute.com [04-10-2024 19:47:19] New process found: Process Name - conhost.exe Process ID - 8600 Process Identity - IIS APPPOOL\taxtribute.com [04-10-2024 19:47:22] New process found: Process Name - notepad.exe Process ID - 8352 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:47:23] New process found: Process Name - w3wp.exe Process ID - 9584 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [04-10-2024 19:47:27] Process Exited: Process Name - svchost.exe Process ID - 10024 [04-10-2024 19:47:27] Service state changed: Service Name - WerSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:47:38] Service state changed: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:48:03] New process found: Process Name - w3wp.exe Process ID - 8512 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [04-10-2024 19:48:04] New process found: Process Name - w3wp.exe Process ID - 9432 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [04-10-2024 19:48:04] Process Exited: Process Name - w3wp.exe Process ID - 4676 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [04-10-2024 19:49:09] Process Exited: Process Name - w3wp.exe Process ID - 6304 Web application pool name - edtribute.com [04-10-2024 19:49:27] Process Exited: Process Name - notepad.exe Process ID - 8352 [04-10-2024 19:49:35] New process found: Process Name - dllhost.exe Process ID - 8472 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:37] Process Exited: Process Name - WMIADAP.exe Process ID - 1816 [04-10-2024 19:49:38] New process found: Process Name - InstallAgent.exe Process ID - 9124 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:40] Process Exited: Process Name - dllhost.exe Process ID - 8472 [04-10-2024 19:49:41] New process found: Process Name - msiexec.exe Process ID - 8892 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:49:41] Service state changed: Service Name - msiserver Process ID - 8892 Current State - SERVICE_RUNNING [04-10-2024 19:49:43] Process Exited: Process Name - svchost.exe Process ID - 8256 [04-10-2024 19:49:43] Process Exited: Process Name - InstallAgent.exe Process ID - 9124 [04-10-2024 19:49:43] Service state changed: Service Name - AppMgmt Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:49:43] Service state changed: Service Name - AppXSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:49:44] New process found: Process Name - python-3.12.7-amd64.exe Process ID - 2612 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:44] New process found: Process Name - python-3.12.7-amd64.exe Process ID - 8584 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:45] New process found: Process Name - msiexec.exe Process ID - 1228 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:45] New process found: Process Name - python.exe Process ID - 6956 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:45] New process found: Process Name - conhost.exe Process ID - 6380 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:45] New process found: Process Name - python.exe Process ID - 6352 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:49:48] Process Exited: Process Name - msiexec.exe Process ID - 1228 [04-10-2024 19:49:48] Process Exited: Process Name - python.exe Process ID - 6352 [04-10-2024 19:49:48] Process Exited: Process Name - conhost.exe Process ID - 6380 [04-10-2024 19:49:48] Process Exited: Process Name - python.exe Process ID - 6956 [04-10-2024 19:50:12] New process found: Process Name - CompatTelRunner.exe Process ID - 4168 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:50:12] New process found: Process Name - conhost.exe Process ID - 9716 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:50:14] New process found: Process Name - svchost.exe Process ID - 9348 Process Identity - SYSTEM [04-10-2024 19:50:14] Service state changed: Service Name - AppXSvc Process ID - 9348 Current State - SERVICE_RUNNING [04-10-2024 19:50:25] Service state changed: Service Name - wlidsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:50:35] Process Exited: Process Name - CompatTelRunner.exe Process ID - 4168 [04-10-2024 19:50:35] Process Exited: Process Name - conhost.exe Process ID - 9716 [04-10-2024 19:50:47] New process found: Process Name - w3wp.exe Process ID - 7264 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) Web application pool name - medblinkit.com(domain)(4.0)(pool) [04-10-2024 19:50:47] New process found: Process Name - conhost.exe Process ID - 9844 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) [04-10-2024 19:51:02] New process found: Process Name - ServerManager.exe Process ID - 5100 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:51:03] New process found: Process Name - WmiPrvSE.exe Process ID - 9536 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:51:05] Process Exited: Process Name - ServerManager.exe Process ID - 5100 [04-10-2024 19:51:14] New process found: Process Name - dllhost.exe Process ID - 5028 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:51:15] New process found: Process Name - sppsvc.exe Process ID - 5220 Process Identity - SYSTEM [04-10-2024 19:51:15] Service state changed: Service Name - sppsvc Process ID - 5220 Current State - SERVICE_RUNNING [04-10-2024 19:51:20] Process Exited: Process Name - dllhost.exe Process ID - 5028 [04-10-2024 19:51:26] New process found: Process Name - CompatTelRunner.exe Process ID - 4364 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:51:26] New process found: Process Name - conhost.exe Process ID - 2200 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:51:28] Process Exited: Process Name - w3wp.exe Process ID - 6256 Web application pool name - adminportal.galaxytools.in [04-10-2024 19:51:42] Process Exited: Process Name - conhost.exe Process ID - 2200 [04-10-2024 19:51:42] Process Exited: Process Name - CompatTelRunner.exe Process ID - 4364 [04-10-2024 19:51:45] Process Exited: Process Name - sppsvc.exe Process ID - 5220 [04-10-2024 19:51:45] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:51:57] Process Exited: Process Name - python-3.12.7-amd64.exe Process ID - 2612 [04-10-2024 19:51:57] Process Exited: Process Name - python-3.12.7-amd64.exe Process ID - 8584 [04-10-2024 19:51:59] New process found: Process Name - CompatTelRunner.exe Process ID - 1516 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:51:59] New process found: Process Name - conhost.exe Process ID - 7928 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:52:02] New process found: Process Name - dllhost.exe Process ID - 2656 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:02] New process found: Process Name - dllhost.exe Process ID - 2448 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 8036 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 8688 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 10384 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 10396 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 10512 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 10596 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:05] New process found: Process Name - chrome.exe Process ID - 10608 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:08] New process found: Process Name - chrome.exe Process ID - 10812 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:08] Service state changed: Service Name - NgcSvc Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:52:09] New process found: Process Name - w3wp.exe Process ID - 10896 Process Identity - IIS APPPOOL\csr.bmvfragrances.com Web application pool name - csr.bmvfragrances.com [04-10-2024 19:52:09] New process found: Process Name - conhost.exe Process ID - 11032 Process Identity - IIS APPPOOL\csr.bmvfragrances.com [04-10-2024 19:52:09] Process Exited: Process Name - chrome.exe Process ID - 10812 [04-10-2024 19:52:10] New process found: Process Name - chrome.exe Process ID - 11156 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:10] Process Exited: Process Name - dllhost.exe Process ID - 2656 [04-10-2024 19:52:10] Process Exited: Process Name - chrome.exe Process ID - 10608 [04-10-2024 19:52:17] New process found: Process Name - chrome.exe Process ID - 11260 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:17] Process Exited: Process Name - CompatTelRunner.exe Process ID - 1516 [04-10-2024 19:52:17] Process Exited: Process Name - conhost.exe Process ID - 7928 [04-10-2024 19:52:18] Process Exited: Process Name - chrome.exe Process ID - 11260 [04-10-2024 19:52:28] New process found: Process Name - SearchProtocolHost.exe Process ID - 8520 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:52:28] New process found: Process Name - SearchFilterHost.exe Process ID - 6540 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:52:34] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6932 [04-10-2024 19:52:34] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9536 [04-10-2024 19:52:35] New process found: Process Name - python-3.12.7-amd64.exe Process ID - 10868 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:35] New process found: Process Name - python-3.12.7-amd64.exe Process ID - 11064 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:53] New process found: Process Name - python-3.12.7-amd64.exe Process ID - 11132 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:52:56] Process Exited: Process Name - conhost.exe Process ID - 8388 [04-10-2024 19:52:56] Process Exited: Process Name - w3wp.exe Process ID - 10228 Web application pool name - cb.capitalbooks-publishing.com(domain)(4.0)(pool) [04-10-2024 19:52:59] Process Exited: Process Name - w3wp.exe Process ID - 3448 Web application pool name - tools.taxtribute.com [04-10-2024 19:52:59] Process Exited: Process Name - conhost.exe Process ID - 9344 [04-10-2024 19:53:03] New process found: Process Name - taskhostw.exe Process ID - 9456 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:03] New process found: Process Name - rundll32.exe Process ID - 2656 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:03] New process found: Process Name - taskhostw.exe Process ID - 10872 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:03] New process found: Process Name - taskhostw.exe Process ID - 11040 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - MpCmdRun.exe Process ID - 6424 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 9712 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - MpCmdRun.exe Process ID - 10608 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - CompatTelRunner.exe Process ID - 7932 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 9292 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 5136 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - dstokenclean.exe Process ID - 9284 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - MpCmdRun.exe Process ID - 10216 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 10012 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - MpCmdRun.exe Process ID - 2692 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 7400 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 5000 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - DiskSnapshot.exe Process ID - 8640 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - taskhostw.exe Process ID - 3544 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:53:03] New process found: Process Name - CompatTelRunner.exe Process ID - 7396 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - conhost.exe Process ID - 7760 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:03] New process found: Process Name - cleanmgr.exe Process ID - 8848 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:03] Service state changed: Service Name - ClipSVC Process ID - 9348 Current State - SERVICE_RUNNING [04-10-2024 19:53:03] Service state changed: Service Name - LicenseManager Process ID - 888 Current State - SERVICE_RUNNING [04-10-2024 19:53:03] Service state changed: Service Name - RemoteRegistry Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:53:03] Service state changed: Service Name - StorSvc Process ID - 452 Current State - SERVICE_RUNNING [04-10-2024 19:53:04] New process found: Process Name - ngentask.exe Process ID - 8572 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:04] New process found: Process Name - ngentask.exe Process ID - 9488 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:04] New process found: Process Name - conhost.exe Process ID - 3528 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:04] New process found: Process Name - conhost.exe Process ID - 6916 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:04] New process found: Process Name - sdiagnhost.exe Process ID - 10064 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:04] New process found: Process Name - conhost.exe Process ID - 5896 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:04] New process found: Process Name - ngen.exe Process ID - 7292 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:04] Process Exited: Process Name - rundll32.exe Process ID - 2656 [04-10-2024 19:53:04] Process Exited: Process Name - taskhostw.exe Process ID - 3544 [04-10-2024 19:53:04] Process Exited: Process Name - conhost.exe Process ID - 7760 [04-10-2024 19:53:04] Process Exited: Process Name - DiskSnapshot.exe Process ID - 8640 [04-10-2024 19:53:04] Process Exited: Process Name - taskhostw.exe Process ID - 10872 [04-10-2024 19:53:04] Service state changed: Service Name - wlidsvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:53:05] New process found: Process Name - svchost.exe Process ID - 5364 Process Identity - NT AUTHORITY\LOCAL SERVICE [04-10-2024 19:53:05] New process found: Process Name - ngen.exe Process ID - 10836 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:05] Process Exited: Process Name - conhost.exe Process ID - 3528 [04-10-2024 19:53:05] Process Exited: Process Name - ngen.exe Process ID - 7292 [04-10-2024 19:53:05] Process Exited: Process Name - ngentask.exe Process ID - 9488 [04-10-2024 19:53:05] Service state changed: Service Name - BITS Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:53:05] Service state changed: Service Name - SSDPSRV Process ID - 5364 Current State - SERVICE_START_PENDING [04-10-2024 19:53:06] New process found: Process Name - w3wp.exe Process ID - 5084 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [04-10-2024 19:53:06] Process Exited: Process Name - conhost.exe Process ID - 6916 [04-10-2024 19:53:06] Process Exited: Process Name - ngentask.exe Process ID - 8572 [04-10-2024 19:53:06] Process Exited: Process Name - w3wp.exe Process ID - 9432 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [04-10-2024 19:53:06] Process Exited: Process Name - ngen.exe Process ID - 10836 [04-10-2024 19:53:06] Process Exited: Process Name - taskhostw.exe Process ID - 11040 [04-10-2024 19:53:06] Service state changed: Service Name - SSDPSRV Process ID - 5364 Current State - SERVICE_RUNNING [04-10-2024 19:53:07] New process found: Process Name - sppsvc.exe Process ID - 1840 Process Identity - SYSTEM [04-10-2024 19:53:07] Service state changed: Service Name - sppsvc Process ID - 1840 Current State - SERVICE_RUNNING [04-10-2024 19:53:08] New process found: Process Name - MpCmdRun.exe Process ID - 11276 Process Identity - NT AUTHORITY\NETWORK SERVICE [04-10-2024 19:53:10] Process Exited: Process Name - conhost.exe Process ID - 5896 [04-10-2024 19:53:10] Process Exited: Process Name - sdiagnhost.exe Process ID - 10064 [04-10-2024 19:53:21] New process found: Process Name - msiexec.exe Process ID - 11648 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:21] New process found: Process Name - python.exe Process ID - 11684 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:21] New process found: Process Name - conhost.exe Process ID - 11692 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:21] Process Exited: Process Name - w3wp.exe Process ID - 6760 Web application pool name - taxtribute.com [04-10-2024 19:53:21] Process Exited: Process Name - conhost.exe Process ID - 8600 [04-10-2024 19:53:22] Process Exited: Process Name - taskhostw.exe Process ID - 9456 [04-10-2024 19:53:23] New process found: Process Name - python.exe Process ID - 11740 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:24] New process found: Process Name - CompatTelRunner.exe Process ID - 11792 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:24] New process found: Process Name - conhost.exe Process ID - 11800 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:26] New process found: Process Name - DismHost.exe Process ID - 11856 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:53:32] New process found: Process Name - TrustedInstaller.exe Process ID - 11908 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:32] Service state changed: Service Name - TrustedInstaller Process ID - 11908 Current State - SERVICE_RUNNING [04-10-2024 19:53:35] New process found: Process Name - TiWorker.exe Process ID - 12080 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:53:35] Process Exited: Process Name - msiexec.exe Process ID - 11648 [04-10-2024 19:53:35] Process Exited: Process Name - python.exe Process ID - 11684 [04-10-2024 19:53:35] Process Exited: Process Name - conhost.exe Process ID - 11692 [04-10-2024 19:53:35] Process Exited: Process Name - python.exe Process ID - 11740 [04-10-2024 19:53:38] Process Exited: Process Name - sppsvc.exe Process ID - 1840 [04-10-2024 19:53:38] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:53:41] Process Exited: Process Name - CompatTelRunner.exe Process ID - 11792 [04-10-2024 19:53:41] Process Exited: Process Name - conhost.exe Process ID - 11800 [04-10-2024 19:54:03] Process Exited: Process Name - MpCmdRun.exe Process ID - 6424 [04-10-2024 19:54:03] Process Exited: Process Name - conhost.exe Process ID - 7400 [04-10-2024 19:54:03] Process Exited: Process Name - conhost.exe Process ID - 9292 [04-10-2024 19:54:03] Process Exited: Process Name - conhost.exe Process ID - 9712 [04-10-2024 19:54:03] Process Exited: Process Name - MpCmdRun.exe Process ID - 10216 [04-10-2024 19:54:03] Process Exited: Process Name - MpCmdRun.exe Process ID - 10608 [04-10-2024 19:54:03] Process Exited: Process Name - python-3.12.7-amd64.exe Process ID - 10868 [04-10-2024 19:54:03] Process Exited: Process Name - python-3.12.7-amd64.exe Process ID - 11064 [04-10-2024 19:54:03] Process Exited: Process Name - python-3.12.7-amd64.exe Process ID - 11132 [04-10-2024 19:54:05] New process found: Process Name - CompatTelRunner.exe Process ID - 10064 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:54:05] New process found: Process Name - conhost.exe Process ID - 5492 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:54:05] Process Exited: Process Name - w3wp.exe Process ID - 8512 Web application pool name - galaxytools.in [04-10-2024 19:54:10] New process found: Process Name - CompatTelRunner.exe Process ID - 11424 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:54:10] Process Exited: Process Name - CompatTelRunner.exe Process ID - 7396 [04-10-2024 19:54:10] Service state changed: Service Name - NgcSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:54:10] Service state changed: Service Name - wisvc Process ID - 972 Current State - SERVICE_RUNNING [04-10-2024 19:54:12] Process Exited: Process Name - conhost.exe Process ID - 5136 [04-10-2024 19:54:12] Process Exited: Process Name - CompatTelRunner.exe Process ID - 7932 [04-10-2024 19:54:12] Process Exited: Process Name - CompatTelRunner.exe Process ID - 11424 [04-10-2024 19:54:13] New process found: Process Name - w3wp.exe Process ID - 11476 Process Identity - IIS APPPOOL\tools.taxtribute.com Web application pool name - tools.taxtribute.com [04-10-2024 19:54:13] New process found: Process Name - where.exe Process ID - 8800 Process Identity - IIS APPPOOL\tools.taxtribute.com [04-10-2024 19:54:13] New process found: Process Name - conhost.exe Process ID - 8708 Process Identity - IIS APPPOOL\tools.taxtribute.com [04-10-2024 19:54:14] New process found: Process Name - conhost.exe Process ID - 4048 Process Identity - IIS APPPOOL\tools.taxtribute.com [04-10-2024 19:54:14] Process Exited: Process Name - conhost.exe Process ID - 8708 [04-10-2024 19:54:14] Process Exited: Process Name - where.exe Process ID - 8800 [04-10-2024 19:54:15] Process Exited: Process Name - cleanmgr.exe Process ID - 8848 [04-10-2024 19:54:15] Process Exited: Process Name - DismHost.exe Process ID - 11856 [04-10-2024 19:54:22] Process Exited: Process Name - conhost.exe Process ID - 5492 [04-10-2024 19:54:22] Process Exited: Process Name - CompatTelRunner.exe Process ID - 10064 [04-10-2024 19:54:30] New process found: Process Name - notepad.exe Process ID - 11020 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:54:38] Process Exited: Process Name - SearchFilterHost.exe Process ID - 6540 [04-10-2024 19:54:38] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 8520 [04-10-2024 19:54:39] New process found: Process Name - w3wp.exe Process ID - 11980 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [04-10-2024 19:54:42] Process Exited: Process Name - audiodg.exe Process ID - 8668 [04-10-2024 19:54:44] Process Exited: Process Name - notepad.exe Process ID - 11020 [04-10-2024 19:54:46] Process Exited: Process Name - w3wp.exe Process ID - 4976 Web application pool name - DefaultAppPool [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 8036 [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 8688 [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 10384 [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 10396 [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 10512 [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 10596 [04-10-2024 19:54:47] Process Exited: Process Name - chrome.exe Process ID - 11156 [04-10-2024 19:54:49] New process found: Process Name - dllhost.exe Process ID - 11236 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:54:50] New process found: Process Name - cmd.exe Process ID - 11816 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:54:50] New process found: Process Name - conhost.exe Process ID - 11792 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:54:54] Process Exited: Process Name - dllhost.exe Process ID - 11236 [04-10-2024 19:55:16] Service state changed: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:25] Process Exited: Process Name - w3wp.exe Process ID - 9584 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [04-10-2024 19:55:30] New process found: Process Name - dllhost.exe Process ID - 3424 Process Identity - KSHITIJSINGHAL-\Administrator [04-10-2024 19:55:32] New process found: Process Name - w3wp.exe Process ID - 9712 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [04-10-2024 19:55:35] Process Exited: Process Name - dllhost.exe Process ID - 3424 [04-10-2024 19:55:39] New process found: Process Name - LogonUI.exe Process ID - 8384 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:55:39] Process Exited: Process Name - traymonitor.exe Process ID - 2384 [04-10-2024 19:55:39] Process Exited: Process Name - dllhost.exe Process ID - 2448 [04-10-2024 19:55:39] Process Exited: Process Name - Malwarebytes.exe Process ID - 2932 [04-10-2024 19:55:39] Process Exited: Process Name - rdpclip.exe Process ID - 3456 [04-10-2024 19:55:39] Process Exited: Process Name - ShellExperienceHost.exe Process ID - 7724 [04-10-2024 19:55:39] Process Exited: Process Name - METray.exe Process ID - 7916 [04-10-2024 19:55:39] Process Exited: Process Name - InetMgr.exe Process ID - 8680 [04-10-2024 19:55:39] Process Exited: Process Name - ComboCleaner.exe Process ID - 9152 [04-10-2024 19:55:39] Process Exited: Process Name - notepad.exe Process ID - 9868 [04-10-2024 19:55:39] Process Exited: Process Name - conhost.exe Process ID - 11792 [04-10-2024 19:55:39] Process Exited: Process Name - cmd.exe Process ID - 11816 [04-10-2024 19:55:40] New process found: Process Name - SearchProtocolHost.exe Process ID - 9040 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:55:40] New process found: Process Name - SearchFilterHost.exe Process ID - 8708 Process Identity - NT AUTHORITY\SYSTEM [04-10-2024 19:55:40] Process Exited: Process Name - taskhostw.exe Process ID - 672 [04-10-2024 19:55:40] Process Exited: Process Name - dwm.exe Process ID - 768 [04-10-2024 19:55:40] Process Exited: Process Name - RuntimeBroker.exe Process ID - 1836 [04-10-2024 19:55:40] Process Exited: Process Name - ComboCleaner.WinService.exe Process ID - 1856 [04-10-2024 19:55:40] Process Exited: Process Name - MpCmdRun.exe Process ID - 2692 [04-10-2024 19:55:40] Process Exited: Process Name - ComboCleaner.Guard.exe Process ID - 4424 [04-10-2024 19:55:40] Process Exited: Process Name - sihost.exe Process ID - 4604 [04-10-2024 19:55:40] Process Exited: Process Name - conhost.exe Process ID - 5000 [04-10-2024 19:55:40] Process Exited: Process Name - winlogon.exe Process ID - 6060 [04-10-2024 19:55:40] Process Exited: Process Name - svchost.exe Process ID - 7116 [04-10-2024 19:55:40] Process Exited: Process Name - explorer.exe Process ID - 7376 [04-10-2024 19:55:40] Process Exited: Process Name - SearchUI.exe Process ID - 8000 [04-10-2024 19:55:40] Process Exited: Process Name - LogonUI.exe Process ID - 8384 [04-10-2024 19:55:40] Process Exited: Process Name - dstokenclean.exe Process ID - 9284 [04-10-2024 19:55:40] Process Exited: Process Name - conhost.exe Process ID - 10012 [04-10-2024 19:55:40] Process Exited: Process Name - ApplicationFrameHost.exe Process ID - 10172 [04-10-2024 19:55:40] Process Exited: Process Name - TrustedInstaller.exe Process ID - 11908 [04-10-2024 19:55:40] Process Exited: Process Name - TiWorker.exe Process ID - 12080 [04-10-2024 19:55:40] Service state changed: Service Name - ComboCleaner.Guard Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:40] Service state changed: Service Name - ComboCleaner.WinService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:40] Service state changed: Service Name - DiagTrack Process ID - 1348 Current State - SERVICE_STOP_PENDING [04-10-2024 19:55:40] Service state changed: Service Name - gpsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:40] Service state changed: Service Name - MBAMService Process ID - 2188 Current State - SERVICE_STOP_PENDING [04-10-2024 19:55:40] Service state changed: Service Name - StorSvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:40] Service state changed: Service Name - tiledatamodelsvc Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:40] Service state changed: Service Name - TrustedInstaller Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:40] Service state changed: Service Name - UALSVC Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:41] New process found: Process Name - w3wp.exe Process ID - 10376 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) Web application pool name - medblinkit.com(domain)(4.0)(pool) [04-10-2024 19:55:41] Process Exited: Process Name - svchost.exe Process ID - 1348 [04-10-2024 19:55:41] Process Exited: Process Name - MBAMService.exe Process ID - 2188 [04-10-2024 19:55:41] Service state changed: Service Name - DiagTrack Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:41] Service state changed: Service Name - MBAMService Process ID - 0 Current State - SERVICE_STOPPED [04-10-2024 19:55:43] Process Exited: Process Name - w3wp.exe Process ID - 7264 Web application pool name - medblinkit.com(domain)(4.0)(pool) [04-10-2024 19:55:43] Process Exited: Process Name - conhost.exe Process ID - 9844 ControlTrace API failed to stop the ETW tracing session. Error Returned from API - 0x00001069 [04-10-2024 19:55:46] DbgSVC stopped