Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 Ran by SYSTEM on MININT-2PEM58J (09-11-2023 15:09:13) Running from D:\\FRST64.exe Platform: Windows 10 Home Version 22H2 19045.3448 (X64) Language: Polski (Polska) -> Polski (Polska) Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1412840 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1412840 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc) HKLM\...\Run: [HP LaserJet M1522 MFP Series Fax] => C:\Program Files (x86)\HP\hp LaserJet M1522\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-03-07] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4478360 2023-11-03] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [MFFSum_Pro_LL2] => C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe [24576 2010-01-08] () HKLM-x32\...\Run: [MFPrintServer_Pro_LL2] => C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe [73728 2010-01-08] () HKLM-x32\...\Run: [ToolBoxFX] => C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [53248 2010-03-03] (HP) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2005-02-16] (Hewlett-Packard Co.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-03] (Wondershare software CO., LIMITED -> Wondershare) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5204968 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.) HKLM-x32\...\Run: [LocalServiceControl] => C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe [500736 2023-09-04] (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) HKU\Marek\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung Electronics CO., LTD. -> Samsung) HKU\Marek\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7340184 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.) HKU\Marek\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\Marek\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Marek\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\Marek\...\Run: [HP LJ Pro M428fM429f (NET)] => C:\Program Files\HP\HP LaserJet Pro M428f-M429f\Bin\ScanToPCActivationApp.exe [4073896 2022-02-14] (VistaName -> HP Inc.) HKU\Marek\...\Run: [MicrosoftEdgeAutoLaunch_03B5A3EA4209A3DB74DEEA6B651FF542] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891768 2023-11-02] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\GSIMPPR: C:\Windows\System32\spool\prtprocs\x64\gsimppr.dll [90112 2008-10-15] (Monotype Imaging Inc.) HKLM\...\Windows x64\Print Processors\HPCP1020PP: C:\Windows\System32\spool\prtprocs\x64\HPCP1020PP.DLL [65024 2012-11-28] (Marvell Semiconductor, Inc.) HKLM\...\Windows x64\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL [300032 2009-10-23] (Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\spe__PC: C:\Windows\System32\spool\prtprocs\x64\spe__pc.dll [41984 2012-12-06] (Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\Companion Suite Pro LL2 Fax Port Monitor: C:\Windows\system32\cspll2p.dll [34816 2009-12-08] (OEM) HKLM\...\Print\Monitors\Companion Suite Pro LL2 TCP/IP Monitor: C:\Windows\system32\LF2PM.DLL [53248 2010-03-12] (Microsoft Corporation) HKLM\...\Print\Monitors\HP AC11 Status Monitor: C:\Windows\system32\hpinkstsAC11LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP CP1020 LM: C:\Windows\system32\HPCP1020LM.DLL [129024 2012-11-28] () HKLM\...\Print\Monitors\HP Fax Port: C:\Windows\system32\hppfaxprintermon5.dll [22016 2009-09-22] (Hewlett-Packard Company) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) HKLM\...\Print\Monitors\LF2GPPJL: C:\Windows\system32\LF2GPPJL.DLL [65536 2010-04-02] () HKLM\...\Print\Monitors\LFOGRPJL: C:\Windows\system32\LFOGRPJL.DLL [71680 2010-04-02] () HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.23.0.2.dll [974120 2023-09-18] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [115200 2017-01-31] (pdfforge GmbH) HKLM\...\Print\Monitors\spe__ Langmon: C:\Windows\system32\spe__l.dll [34304 2011-04-11] () HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2023-11-09] ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software) Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Automatyczne aktualizacje-AKP.lnk [2022-09-29] ShortcutTarget: RT-Automatyczne aktualizacje-AKP.lnk -> C:\ADAKO\VCDS\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC) Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2019-05-23] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (All) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {109C8DB2-F29D-45CB-8818-D79EA2482110} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Task: {13EA7026-38DE-46D9-A8F3-AAB1470836D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {1A22A8EE-91D9-4F4F-9CE8-5902FBF487DE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {37E27B83-2772-461D-A42C-32FF57E8BFED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {4455DBF5-68DF-436D-9A9E-2BFDBA839428} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {453700D0-8CA5-4A6C-901E-F9BF6418FA6C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {4AF7BA35-50A2-4A0C-88D6-51A7B3428A42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {85326E90-B820-42A1-9AF5-D45057B3AE43} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {9F2FE321-F4A0-49BB-94B9-22BBA38C415E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {A04E8CEC-13E6-42E9-87EA-3FD218742E8D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {A5374E21-1D9C-49A0-83A1-44CDFAEF907D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {B8EEBB9F-809A-4EA0-97A2-E294EBDC860E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {D9975D82-2CEA-47E5-BFCE-96DBB95E657C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {EB53FE85-7F11-441F-AF3E-677494205F73} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {FB4857DD-C92A-40C1-A54D-DBCB17A89ADA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {FF11682E-71E7-40B9-9B7B-6EFE0CA4FCB5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {D08AE393-9235-41BD-9C2B-F2A112C4CA45} - System32\Tasks\{22AFD03A-7220-407D-A501-4884E76E9494} => C:\WINDOWS\system32\pcalua.exe [53760 2023-08-28] (Microsoft Corporation) -> -a C:\Users\Marek\Downloads\VCDS-AKP-11.11.6-Installer.exe -d C:\Users\Marek\Downloads Task: {23C01929-2ED8-4A94-8808-4521120176F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {ECC818BA-8C18-4F33-B730-E119D35D1328} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {2ABFDAB2-D123-47F3-A703-86771DAB90F6} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [868728 2014-11-12] (Samsung Electronics CO., LTD. -> SEC) Task: {2C206AD9-699E-4D5B-AA68-D2C3EA61616F} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1689863419-2369483584-1389092369-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2021-05-14] () Task: {D8DEEE0D-F94A-4E32-8D5A-F198E566ECBD} - System32\Tasks\AMD RELAUNCHER => C:\AMD\Radeon-Software-Adrenalin-2020-22.6.1-Win10-Win11-64Bit-LegacyASICs-June23-2022-LEGACY\\Bin64\InstallManagerApp.exe /LOCAL0 /HIDEEULA /FROMCLEANINSTALL -DefView=4 (No File) Task: {09CFA56E-34FE-40DB-8449-E02ADA3E3A87} - System32\Tasks\AMD Updater => "C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe" /AUTOUPDATEIN (No File) Task: {6D809A2A-C8CB-4CDE-86FD-872DF1AA8767} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.) Task: {CC2895FF-0EA1-431F-8298-AAED137ED9E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5000600 2023-03-07] (Avast Software s.r.o. -> AVAST Software) Task: {54AC057E-8F8A-4943-81C9-D421D689F492} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1398680 2023-11-09] (Avast Software s.r.o. -> AVAST Software) Task: {E609F485-74D1-4FD7-B115-1B9E5C64F0B9} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4845464 2023-11-03] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters). Task: {858D97E3-0E0C-4E13-9B1C-633763D85205} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7319448 2023-11-01] (Avast Software s.r.o. -> Avast Software) Task: {9147C700-4CE0-4D8D-93AA-15431817BB9C} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4845464 2023-11-09] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters). Task: {10DC327A-4FFC-4BE8-9F35-12801A3D478D} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-11-06] (Avast Software s.r.o. -> Avast Software) Task: {2F12F2B9-064B-4690-8D2A-FD9A8EA294AB} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2023-05-29] (Avast Software s.r.o. -> AVAST Software) Task: {5E0D374F-7A14-41F4-B031-770527D1CADD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software) Task: {9B898F7E-273C-43F2-83BB-7E5333D2B908} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {BA131025-C47C-4C66-8883-2D99BE40981F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "caa54e8f-d9a4-4c40-a5f9-a42b64703cde" --version "6.17.10746" --silent Task: {97AF0008-2A52-4115-945E-59639A80EFE6} - System32\Tasks\CCleanerSkipUAC - Marek => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {D221F9EC-F7C0-4ACC-91BB-6C80353ADD26} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (No File) Task: {C11FBEA3-B447-4C65-9D98-4129B27A1531} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {02695DB9-B979-4F6F-AD4A-C91AAA1FCB4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {416591C5-352E-445F-9E8C-6495C6574697} - System32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series => C:\Program Files\HP\HP OfficeJet 200 Mobile Series\Bin\HPCustPartic.exe [6438536 2017-06-15] (Hewlett Packard -> HP Inc.) Task: {6A18352E-96A0-49ED-85A0-AA87E0ADC392} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1689863419-2369483584-1389092369-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate (No File) Task: {A239F8C0-3FFD-41CE-8248-E98E3A8D003E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973768 2023-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {565C0E8C-FFA5-4DB4-9C02-F06066598118} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973768 2023-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {040EFEFD-97AE-4656-ADAF-2836734C0DAE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {BAF4B9A8-1B02-4B38-B231-7EA97230256B} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {D5A9F0F2-D7CA-4A2B-8871-C67F2CBEADF1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {1D44DA44-C6A2-454A-AD76-389CB7AB7B77} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {B750F9BA-94F7-495C-9AA5-9E0BFB0E1F63} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {F346D1E4-9974-4A5D-9E35-FE7079A30555} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [570368 2019-12-07] (Microsoft Corporation) Task: {8E33F0A3-A31E-4E6C-AFF7-844A27E761B7} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [570368 2019-12-07] (Microsoft Corporation) Task: {5B885149-AF43-451C-A12F-0CD1E0A34023} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager => {DECA92E0-AF85-439E-9204-86679978DA08} C:\Windows\System32\AppLockerCsp.dll [390144 2023-03-16] (Microsoft Corporation) Task: {4EBE9A38-6BE4-429E-8588-B460327DB327} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [160768 2023-03-16] (Microsoft Corporation) Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific => {9F2B0085-9218-42A1-88B0-9F0E65851666} Task: {7A27D6E9-CB10-42F6-B75D-A53F78486290} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [49152 2023-03-16] (Microsoft Corporation) Task: {CE5818EE-B1E6-4650-841C-0CC0680FDEC3} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc Task: {CE5818EE-B1E6-4650-841C-0CC0680FDEC3} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun Task: {CE5818EE-B1E6-4650-841C-0CC0680FDEC3} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData Task: {7A5AFDB2-56EC-4352-AB44-069E7BF253A8} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [185832 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {578BB5E7-48EF-4AC6-BDC8-BD6585EBADC9} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaPatchSdbTask Task: {73469C3A-0B60-4A11-AD8A-FC67A901B741} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [185832 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {3D363385-64B8-4207-AC46-3EE180DD87F2} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> Startupscan.dll,SusRunTask Task: {B5108B49-C39A-43DE-AC49-06155873BAE9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [120320 2021-01-13] (Microsoft Corporation) Task: {BA366117-6A44-44F3-9BAA-09C4ADA110CC} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [120320 2021-01-13] (Microsoft Corporation) Task: {E003BEA4-7D11-4522-9834-25C3F9F93F53} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {F472261A-A57A-465B-A695-5F2E75E37782} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [13312 2020-11-06] (Microsoft Corporation) Task: {3E81F21F-DDA4-4F05-8986-20BCF0A53FB6} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [95744 2023-08-28] (Microsoft Corporation) Task: {5965ABDF-18D3-420C-8920-CCFB02F29614} - System32\Tasks\Microsoft\Windows\AppListBackup\BackupNonMaintenance => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [95744 2023-08-28] (Microsoft Corporation) Task: {C9ABE41C-5E65-4E52-8BAD-4F1BCA3B5715} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2021-06-11] (Microsoft Corporation) Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2021-06-11] (Microsoft Corporation) Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [40448 2019-12-07] (Microsoft Corporation) Task: {077333D6-06BA-4EA4-BDF4-1CD1439558F2} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask => {E984D939-0E00-4DD9-AC3A-7ACA04745521} Task: {F0BE4F3E-F4F0-4B98-88EE-57290DDF6CB2} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [279552 2023-08-28] (Microsoft Corporation) Task: {F67BF9CD-2696-4F2D-9D78-BB8C84A53C1E} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [279552 2023-08-28] (Microsoft Corporation) Task: {2F63CF7F-0537-4E2A-9F8A-B763EFE907F5} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [279552 2023-08-28] (Microsoft Corporation) Task: {50DDDD38-168C-486B-966F-A23226488295} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation) Task: {0EDEA23A-3DEC-41C3-B03E-BC7A3356D6BC} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation) Task: {78FC1447-DCFF-4832-A268-0ABA89022F48} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation) Task: {57C76B66-AD3C-4221-81FA-55045859B06F} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [16384 2019-12-07] (Microsoft Corporation) Task: {3FC4BE91-4A96-48F5-8858-1628CB88EFB5} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [248320 2021-09-17] (Microsoft Windows -> Microsoft Corporation) -> %windir% /sysrepair Task: {5B0ED9ED-6704-45F8-B8C1-93C5A3B5F4FF} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [1129592 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {12514C9A-1DE5-40CE-B66C-D6838DA9A169} - System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask => {E4544ABA-62BF-4C54-AAB2-EC246342626C} C:\Windows\System32\CloudExperienceHostBroker.exe [70120 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {CCEB5B89-7D49-4913-AED9-16E1914151FF} - System32\Tasks\Microsoft\Windows\CloudRestore\Backup => {722D0F89-B69C-4700-AE8C-4A44350E4876} C:\WINDOWS\System32\CloudRestoreLauncher.dll [538624 2023-08-28] (Microsoft Corporation) Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\Windows\System32\BthTelemetry.dll [30208 2019-12-07] (Microsoft Corporation) Task: {ED77AEE0-EAFB-4133-B544-9E7C5632D902} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [112640 2023-08-28] (Microsoft Corporation) Task: {7572B7F9-BE9D-43BF-9A4E-F82023EDBD33} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {C27F6B1D-FE0B-45E4-9257-38799FA69BC8} C:\Windows\System32\usbceip.dll [119808 2019-12-07] (Microsoft Corporation) Task: {304D2127-E6ED-4C82-B9B3-63B3B54A4D66} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [316928 2021-01-13] (Microsoft Corporation) Task: {90F68E39-00DE-4159-BCDB-5C5759A5CF53} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [316928 2021-01-13] (Microsoft Corporation) Task: {EAD9ED20-AC69-4E97-8CCB-E8F62CA707B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [316928 2021-01-13] (Microsoft Corporation) Task: {3E61927A-722F-431F-9A0D-4AC5705B0F44} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [210432 2021-01-13] (Microsoft Corp.) Task: {4F41B4A1-8822-4B02-90CD-202A0099FFAE} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [58704 2023-05-10] (Microsoft Windows -> Microsoft Corporation) Task: {F278A444-BDB4-4CD1-A2F0-7A2284C32800} - System32\Tasks\Microsoft\Windows\Device Information\Device User => C:\Windows\system32\devicecensus.exe [58704 2023-05-10] (Microsoft Windows -> Microsoft Corporation) Task: {082F4875-D88C-40EA-8706-87480962C446} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh => {23C1F3CF-C110-4512-ACA9-7B6174ECE888} C:\Windows\System32\DeviceSetupManagerAPI.dll [162816 2021-01-13] (Microsoft Corporation) Task: {9D87DBE9-E563-4708-A9E9-1A6EE5951EC2} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {0016B09F-CFDA-4F5B-A70B-84A75599B89B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {61B4D08B-1B23-4CC8-869E-CF0B7996EF5F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {6AAEEF1D-9661-4720-B127-27C975871238} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {9ECD9F35-130A-4C0C-A551-9D3335B165D7} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {EA82AA60-4BB0-41D9-AA1A-D64D739F55DE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {5E0DF2C3-3D26-4759-9E02-FB7F4DCD159B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {114EC267-55F2-45DA-9AB6-B98CA9DC0D01} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {AF73DAAA-53AE-4CC8-8671-BE29D886B057} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {C660D735-E9F2-4190-9B4E-97ADF1AFFA16} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {429BE689-13CF-42A7-A594-FE009E7A2028} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {A2FFCE6E-7F06-494A-8C84-6EFCAEB075BB} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2023-08-28] (Microsoft Corporation) Task: {DF95CAA3-ED44-468F-A129-F09EC80955D9} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\Windows\System32\MitigationClient.dll [495616 2023-08-28] (Microsoft Corporation) Task: {C3944556-15CF-467E-89E2-29D4BFD3EC5A} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\Windows\System32\sdiagschd.dll [68096 2022-08-11] (Microsoft Corporation) Task: {55B1C85E-5BEF-4EDB-ADD0-ECEAEF261E7C} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\Windows\system32\directxdatabaseupdater.exe [286208 2022-10-03] (Microsoft Corporation) Task: {0CBABB27-6DFC-4155-BAE7-AE919B92FEF2} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [236032 2022-10-03] (Microsoft Corporation) Task: {6AA2E298-C47C-45AE-BF6F-E2D9A555345C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [322560 2023-05-10] (Microsoft Corporation) -> /autoclean /d %systemdrive% Task: {B97C7632-DD50-4F07-8E4E-F1450795BF78} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> dfdts.dll,DfdGetDefaultPolicyAndSMART Task: {3A4032F6-6063-4D54-BAE3-F8A4A5110CDA} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [54784 2019-12-07] (Microsoft Corporation) Task: {C9EC268B-1D36-4AF0-A1EB-2C1BC3B455D9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [85504 2023-02-15] (Microsoft Corporation) Task: {117E2D01-1275-4560-90E9-A34BB4EE69A3} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => {AB2A519B-03B0-43CE-940A-A73DF850B49A} C:\Windows\system32\StorageUsage.dll [161792 2023-07-15] (Microsoft Corporation) Task: {69D15B8E-729C-4C1C-A0E7-6DCA5E963E60} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [40960 2019-12-07] (Microsoft Corporation) Task: {EF4B8F07-FA4B-4CD0-84BC-4A758127E3DD} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2021-06-11] (Microsoft Corporation) Task: {3789A597-BD62-4A2F-8F57-AE2D504E0E98} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2021-06-11] (Microsoft Corporation) Task: {0E2DCCB3-7B11-40CF-B973-90F22732E317} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2021-06-11] (Microsoft Corporation) Task: {66A3F618-0C70-4F70-9BBA-735CCDB43A09} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2021-06-11] (Microsoft Corporation) Task: {B9E96119-515B-4D19-8357-D54B747395AD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [166912 2023-08-28] (Microsoft Corporation) Task: {4CA7EF64-0E5E-4B8C-A197-D6F4CA66CC6C} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} Task: {F28515AA-13FC-4A74-B712-EAB16A67800B} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} Task: {F8FEDA28-6261-4385-844A-684E6C988577} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh => {711001CD-CC1D-4470-9B7E-1EF73849C79E} C:\Windows\System32\MitigationConfiguration.dll [86528 2022-02-17] (Microsoft Corporation) Task: {92FFE795-C628-4324-AB97-06F804352DB6} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [120320 2021-09-17] (Microsoft Corporation) Task: {7617E03F-109E-435B-9B4C-0282CD5BE4A9} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [120320 2021-09-17] (Microsoft Corporation) Task: {2EE7F450-D2B6-4D5E-AFE0-A8699149E79E} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) => {89917B7C-A1A6-11DF-8BF6-18A90531A85A} C:\Windows\System32\fhtask.dll [61952 2023-09-15] (Microsoft Corporation) Task: {FB3034E9-F6CD-419A-BDBD-566A13A716B0} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => {59EECBFE-C2F5-4419-9B99-13FE05FF2675} C:\Windows\System32\fcon.dll [259072 2023-07-15] (Microsoft Corporation) Task: {7BD6450C-E327-47E5-930C-A3087D4AC957} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing => {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} C:\Windows\System32\fcon.dll [259072 2023-07-15] (Microsoft Corporation) Task: {DA042D26-A706-434B-9DF6-6877E9774BC7} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting => {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} C:\Windows\System32\fcon.dll [259072 2023-07-15] (Microsoft Corporation) Task: {4F2030CE-BA8E-4122-B9A8-29AA5858973E} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache => {E07647F7-AED2-48D9-9720-939BC24A8A3C} C:\Windows\System32\wosc.dll [270848 2023-08-28] (Microsoft Corporation) Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [510464 2022-08-11] () Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - System32\Tasks\Microsoft\Windows\IME\SQM data sender => {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} C:\Windows\System32\IME\shared\imecfm.dll [222008 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [208896 2023-08-09] (Microsoft Corporation) Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [208896 2023-08-09] (Microsoft Corporation) Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [208896 2023-08-09] (Microsoft Corporation) Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [208896 2023-08-09] (Microsoft Corporation) Task: {A08D6A77-C926-4E78-9ED0-09836E2769AE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates => {A558C6A5-B42B-4C98-B610-BF9559143139} C:\Windows\System32\InstallServiceTasks.dll [230400 2023-08-28] (Microsoft Corporation) Task: {A2FADBDF-6855-42F7-BDFC-F0C510EDA9BC} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser => {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} C:\Windows\System32\InstallServiceTasks.dll [230400 2023-08-28] (Microsoft Corporation) Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry => {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} C:\Windows\System32\InstallServiceTasks.dll [230400 2023-08-28] (Microsoft Corporation) Task: {9B29B882-A95C-438B-BF91-E7C31B1D82D1} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates => {0DC331EE-8438-49D5-A721-E10B937CE459} C:\Windows\System32\InstallServiceTasks.dll [230400 2023-08-28] (Microsoft Corporation) Task: {EC3EFE4E-A2E4-4C66-975C-CA2EFD0D42CD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates => {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} C:\Windows\System32\InstallServiceTasks.dll [230400 2023-08-28] (Microsoft Corporation) Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [217968 2023-05-10] (Microsoft Windows -> Microsoft Corporation) Task: {7A7B60AA-BA42-409F-BC97-7BCFEFAD6308} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [181248 2023-08-28] (Microsoft Corporation) Task: {A499FA48-7057-4AC1-9702-44C6FD924058} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources => {D0582E3B-3126-4CAA-9155-AC37C912A489} Task: {9520602D-5D35-49BC-B397-5251EC6364E8} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [181248 2023-08-28] (Microsoft Corporation) Task: {A28E2F31-2C6D-426C-A2AC-2F9F6952D916} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange => {77646A68-AD14-4D53-897D-7BE4DDE5F929} C:\Windows\System32\TempSignedLicenseExchangeTask.dll [74752 2020-11-06] (Microsoft Corporation) Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [71168 2019-12-07] (Microsoft Corporation) Task: {E32B86AB-ABAA-45A7-9BE7-9BB2E6B7837D} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [62464 2021-01-13] (Microsoft Corporation) Task: {6F063424-E8AD-40FA-92B9-CD047EC2A92A} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [377856 2023-08-09] (Microsoft Corporation) Task: {02A80421-5099-4435-BFB5-74DA5F2B6EE9} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [200704 2023-08-28] (Microsoft Corporation) Task: {F5755DF1-5FD3-4655-A459-4E5278DF0FA1} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [200704 2023-08-28] (Microsoft Corporation) Task: {E38739C8-A84F-4F9B-8913-DCA75BC35C79} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [87040 2023-08-28] (Microsoft Corporation) Task: {80436C26-BC19-4930-9051-F06F0E0BA960} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [87040 2023-08-28] (Microsoft Corporation) Task: {2AD5F8AE-8128-49DD-AB67-7D9052D0C609} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry => C:\Windows\system32\ProvTool.exe [87040 2023-08-28] (Microsoft Corporation) Task: {E91D1CC3-09DF-45F0-8208-474AEE6B0A16} - System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot => C:\Windows\system32\ProvTool.exe [87040 2023-08-28] (Microsoft Corporation) Task: {701473A3-4C61-4063-AAC6-871E22A29FE7} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask => {9885AEF2-BD9F-41E0-B15E-B3141395E803} C:\Windows\System32\mapstoasttask.dll [53760 2019-12-07] (Microsoft Corporation) Task: {E577C99D-E5DD-43E8-9E9F-2D291B431572} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask => {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} C:\Windows\System32\mapsupdatetask.dll [45568 2019-12-07] (Microsoft Corporation) Task: {78E96733-DDEF-4FB9-AD45-FC553EFC4CFD} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents => {8168E74A-B39F-46D8-ADCD-7BED477B80A3} C:\Windows\System32\MemoryDiagnostic.dll [33792 2019-12-07] (Microsoft Corporation) Task: {29903646-8B95-441C-AE59-CC43C0C76FF5} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic => {8168E74A-B39F-46D8-ADCD-7BED477B80A3} C:\Windows\System32\MemoryDiagnostic.dll [33792 2019-12-07] (Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [119296 2019-12-07] (Microsoft Corporation) Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {72DE7E6C-B7E5-4FC4-B7AD-3D9C42247F14} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [745472 2022-08-11] (Microsoft Corporation) Task: {6EE3AFA8-CBB1-4E6E-B0B4-ABFF3127206C} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [72704 2020-11-06] (Microsoft Corporation) Task: {431C06B2-3B29-4A2E-9225-5C8F6A8D1A62} - System32\Tasks\Microsoft\Windows\MUI\Mcbuilder => C:\windows\System32\mcbuilder.exe [94208 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {9486DC81-1119-4559-9110-1A771DEC137A} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [90112 2021-01-13] (Microsoft Corporation) Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler => {5AA199A0-1CED-43A5-9B85-3226086738A3} Task: {3A6DB6F9-A355-420A-B6E0-7C54D12F4033} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [88781 2019-12-07] () Task: {C34E99FC-E9DA-45EE-AF9B-77AAD0B1B25F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [132408 2021-01-13] (Microsoft Windows -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {C7D7E066-0562-4FC4-9FB9-60C7C3FE0B9D} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\Windows\system32\SecureBootEncodeUEFI.exe [95232 2023-08-28] (Microsoft Corporation) Task: {AAE4A09B-2A9A-4459-8078-98FA6265AF7F} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [317440 2023-08-28] (Microsoft Corporation) Task: {FB09E21D-A58E-4797-94AC-04234895966E} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [317440 2023-08-28] (Microsoft Corporation) Task: {C0467AB3-5004-4E13-BD2C-8DDF2AB880B5} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy => {60400283-B242-4FA8-8C25-CAF695B88209} C:\Windows\System32\pnppolicy.dll [91648 2023-07-15] (Microsoft Corporation) Task: {4E3AEDFB-B76C-4C12-A54F-3BD72A10C434} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required => {48794782-6A1F-47B9-BD52-1D5F95D49C1B} C:\Windows\System32\pnpui.dll [49664 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => {DEF03232-9688-11E2-BE7F-B4B52FD966FF} Task: {DF27E6F5-E07E-4744-981B-BB5BC982261C} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [337920 2023-07-15] (Microsoft Corporation) Task: {D9353C30-D505-4F11-8F95-55F3DDA1E214} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE} C:\Windows\System32\energytask.dll [26624 2021-06-11] (Microsoft Corporation) Task: {35525E8D-FD60-47BF-8D11-FA4F778C57C3} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [100352 2019-12-07] (Microsoft Corporation) Task: {E5A260DD-FE4A-4CA0-A35B-B9C705987CD9} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\WINDOWS\System32\PrinterCleanupTask.dll [86528 2023-08-28] (Microsoft Corporation) Task: {A74EF9D1-6D6B-4566-8E25-782430F970E5} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start pushtoinstall login Task: {4BCE6391-0B05-40B4-B642-910B37FB1CE6} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start pushtoinstall registration Task: {C0E197F6-2E40-46FD-83DA-BE8704EF2CE5} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {C463A0FC-794F-4FDF-9201-01938CEACAFA} C:\Windows\system32\rasmbmgr.dll [61952 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {F0FCA53B-F391-48AD-91F6-D1994846E55E} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047} C:\Windows\System32\ReAgentTask.dll [13824 2019-12-07] (Microsoft Corporation) Task: {00446CF1-8668-472D-BEDD-D0BB88DBA009} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {CA767AA8-9157-4604-B64B-40747123D5F2} C:\Windows\System32\regidle.dll [15872 2019-12-07] (Microsoft Corporation) Task: {CC4F585B-EBBB-4AA6-9BDF-B28C489A9125} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [135168 2021-07-18] (Microsoft Corporation) Task: {8627F38D-3BB5-45A5-AAE5-B8735A41B62D} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => {752073A1-23F2-4396-85F0-8FDB879ED0ED} Task: {E51EADD7-C4F7-43E7-A9CB-FEC8EC1E204F} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncCore.dll [1129472 2023-08-09] (Microsoft Corporation) Task: {7445D17B-89AB-43F3-B904-4DD68B19A6F2} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask => {A4173A49-F373-4475-9A0F-2D615204DC20} C:\Windows\system32\SettingSyncCore.dll [1129472 2023-08-09] (Microsoft Corporation) Task: {8DB27523-093D-4B93-A00B-68F6317DFAE1} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {EC95F45C-0486-40E1-8938-20FE3E377E7D} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask => {990A9F8F-301F-45F7-8D0E-68C5952DBA43} C:\Windows\system32\shell32.dll [7653048 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {DFDC1B83-7FD3-4C77-8CD1-7391D1680ACA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [1173472 2022-02-17] (Microsoft Windows -> Microsoft Corporation) Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask => {D2CBF5F7-5702-440B-8D8F-8203034A6B82} Task: {CD0446AF-D5F6-4616-85CE-058C20FCE9EC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask => {C844C79D-AED8-4DCE-AB25-4D359BED84F8} C:\Windows\System32\WpcRefreshTask.dll [1034240 2023-02-15] (Microsoft Corporation) Task: {1A7A6FA0-93DC-4EDE-9CBC-14ED8FEE3A66} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {C483CE25-B1C5-4BEB-AA31-5CADC8C66692} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance => {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} C:\Windows\System32\srchadmin.dll [218112 2021-01-13] (Microsoft Corporation) Task: {6ACC10EB-9A0C-496B-91EA-9AEA37B2E16E} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll [141824 2022-07-18] (Microsoft Corporation) Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1259008 2023-03-16] (Microsoft Corporation) Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {2DFC28A5-3035-4555-A9E6-CE6D44EB1DB3} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2023-06-15] (Microsoft Corporation) Task: {892625FE-213B-4B60-95ED-A1CEFCAA365D} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2023-06-15] (Microsoft Corporation) Task: {3AB082DC-B77E-4487-BB5D-5DCB3A6C2B3C} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2023-06-15] (Microsoft Corporation) Task: {A9C498D6-046E-407B-A5B5-597DFC8756D9} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [165376 2020-11-06] (Microsoft Corporation) Task: {AFEE5D15-0E83-432F-9DB0-58A2702115E1} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [80752 2022-02-17] (Microsoft Windows -> Microsoft Corporation) Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [305664 2022-02-17] (Microsoft Corporation) Task: {4D595DA6-BC59-47AE-A527-EC01FCE2E615} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [182272 2023-02-15] (Microsoft Corporation) Task: {58CCC4DA-C86D-4E3D-8FAF-A7B24D8F3950} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks Task: {D777B567-BB3B-4111-881C-0CB741022B0C} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [326144 2021-01-13] (Microsoft Corporation) Task: {FC3767EA-5307-4D11-BA38-EB21A39737D7} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\Windows\system32\defrag.exe [210432 2021-01-13] (Microsoft Corp.) Task: {261077B5-80C0-4540-B614-72DE15169A3A} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [182128 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {8B0F524A-7883-44E2-ACAA-6D3CA8615858} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [182128 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {64614AC8-EA46-476D-A71C-2C0B055C95CC} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => {17C82257-654E-4C47-8E23-DCA24EAA76A0} C:\Windows\system32\sysmain.dll [1005568 2021-09-17] (Microsoft Corporation) Task: {236EEE35-EDD5-418B-BCD5-293F6FAD7966} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} C:\Windows\system32\sysmain.dll [1005568 2021-09-17] (Microsoft Corporation) Task: {051DF697-AF10-4DB6-9B93-E1A4E35F00F7} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync => {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} C:\Windows\system32\sysmain.dll [1005568 2021-09-17] (Microsoft Corporation) Task: {638672E6-20F1-499D-BFCC-9EA7935257C4} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> sysmain.dll,PfSvWsSwapAssessmentTask Task: {20546688-8F7B-4B82-8429-7E7E4F537E96} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [59392 2020-11-06] (Microsoft Corporation) Task: {7BE5585E-0190-458B-9CEC-F4076574C717} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855FEC53-D2E4-4999-9E87-3414E9CF0FF4} C:\Windows\system32\wdc.dll [739840 2019-12-07] (Microsoft Corporation) Task: {88CE6B8C-B14B-499A-8D43-214F06116F07} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} C:\Windows\system32\MsCtfMonitor.dll [96256 2020-11-06] (Microsoft Corporation) Task: {F5E862B9-98AE-458E-BC87-3ED25EFBB4D3} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime => {A31AD6C2-FF4C-43D4-8E90-7101023096F9} C:\Windows\system32\TimeSyncTask.dll [15360 2019-12-07] (Microsoft Corporation) Task: {1FDAEDB1-C8AA-43FA-B046-3CDDDA12661E} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start w32time task_started Task: {C4C11C95-C597-4541-B0FF-0FB2C761FC92} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [70144 2019-12-07] (Microsoft Corporation) Task: {8A43AE7B-C54A-405B-913A-945A0AF2CA8F} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [317440 2023-08-28] (Microsoft Corporation) Task: {15E69FB7-BC19-4737-A3DF-0700D3959249} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [317440 2023-08-28] (Microsoft Corporation) Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [463232 2022-12-14] (Microsoft Windows -> Microsoft Corporation) Task: {8611FEB7-D444-401C-B2D1-5F8966706196} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Backup Scan => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {3FE34F44-53E8-4B61-86FC-97B7C5498FC8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {FDA3F76E-FCB6-4B7B-8D08-198A76325A50} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\Windows\system32\MusNotification.exe [692736 2023-08-28] (Microsoft Corporation) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [692736 2023-08-28] (Microsoft Corporation) Task: {3946B1F1-64F4-436F-983F-D329A23654DC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\Windows\system32\MusNotification.exe [692736 2023-08-28] (Microsoft Corporation) Task: {3E00C42A-D5BF-4F0C-A6E9-1523B4C2FB73} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\Windows\system32\MusNotification.exe [692736 2023-08-28] (Microsoft Corporation) Task: {70EA2999-165C-4933-9027-250FB8B772F8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {4A1CF576-B9E8-4450-94F9-AB053FDFFEC8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {309BA321-F7C8-46A4-BA50-5FAC484229CB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {20777324-604E-4B8B-8B7D-64922BD88B3B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {3E6EDE88-292A-4ABC-BA6C-27A6EB003AD9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {72D7B0A9-25FF-4C4D-BD6C-91AD8463EE95} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {0BE14665-0EE3-4B6A-A0E4-39E4F112286F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe [49144 2018-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {7F1F2034-456C-43E0-8067-AEEEF6D614DA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [49144 2018-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {A99081EA-4A7A-47B7-9315-664132C418A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [49144 2018-01-19] (Microsoft Corporation -> Microsoft Corporation) Task: {CB673CE4-960F-462D-AAD7-CDA0CD9FE030} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask => C:\Windows\system32\usoclient.exe [90624 2023-08-28] (Microsoft Corporation) Task: {6E3BAC36-4F93-4D3D-8AE1-AC27B6044952} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [692736 2023-08-28] (Microsoft Corporation) Task: {4671B5C1-A383-4428-A45A-8D348E4CB873} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe [692736 2023-08-28] (Microsoft Corporation) Task: {57FF06A5-1054-4791-9938-1C3E61F00B07} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> config upnphost start= auto Task: {C5D47392-881C-422A-9BF8-E4916B55CD22} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications => {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} C:\Windows\System32\UsbTask.dll [55808 2021-01-13] (Microsoft Corporation) Task: {3E51A991-10E2-4B16-B5B4-A2F051544BB9} - System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask => {BA677074-762C-444B-94C8-8C83F93F6605} Task: {0CEC0B91-4AE9-4E8A-ACB2-3B4C811F442C} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {1E334E22-CBC0-4D9C-B830-F1CC1BD6DCFD} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [132408 2021-01-13] (Microsoft Windows -> Microsoft Corporation) Task: {4D36FC3F-B740-4739-9A9D-C43793F201B8} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} C:\Windows\System32\wdi.dll [105472 2019-12-07] (Microsoft Corporation) Task: {75A35C91-670A-4071-BB93-066651438E14} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [236416 2023-08-28] (Microsoft Windows -> Microsoft Corporation) Task: {86158314-60CF-4F3F-85B5-2399327EA496} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\system32\rundll32.exe [71680 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> bfe.dll,BfeOnServiceStartTypeChange Task: {94EF6A03-19A8-4414-9BFE-4292DF314D5F} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [71168 2019-12-06] (Microsoft Corporation) Task: {AA70A383-6F5D-470B-AA6B-B324620D9C75} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490D-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [708592 2021-01-13] (Microsoft Windows -> Microsoft Corporation) Task: {367F5708-37B4-4C4D-BB0A-319CF867CB64} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall => {EFF7F153-1C97-417A-B633-FEDE6683A939} Task: {C4748C3A-6837-45DF-8EE1-2D9FD74E36A5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall => {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Task: {1238EC30-91C5-4C0B-98DD-0E0AF50275B8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect => {784E29F4-5EBE-4279-9948-1E8FE941646D} Task: {6F18F965-B3A8-47E6-B49C-2683B77FF9C3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe [371672 2023-09-15] (Microsoft Windows -> Microsoft Corporation) Task: {8FF5DE67-C947-4488-997B-4184221E7D50} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start wuauserv Task: {5ED62CA8-FB06-45E7-9E51-4C28A23A3144} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start wuauserv Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihpostreboot => C:\Windows\system32\sihclient.exe [411760 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D85F83F5-ED09-49BC-A506-32C837CA0904} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358B920-0AC7-461F-98F4-58E32CD89148} C:\Windows\system32\wininet.dll [5039616 2023-08-28] (Microsoft Corporation) Task: {5E351EE7-F0D4-4F41-A05C-907EB1A33CE8} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync => {B0D2B535-12E1-439F-86B3-BADA289510F0} C:\Windows\System32\WiFiCloudStore.dll [283648 2023-05-10] (Microsoft Corporation) Task: {23C98575-0E86-4478-A215-809EA6EE99BC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [30720 2019-12-07] (Microsoft Corporation) Task: {03B269A4-3C91-4A6A-84C5-8FA60A2D6732} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [30720 2019-12-07] (Microsoft Corporation) Task: {F93E2A44-7E3E-49FE-9F66-12B1F4A037C0} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => {97D47D56-3777-49FB-8E8F-90D7E30E1A1E} C:\Windows\System32\WorkFoldersShell.dll [230400 2022-04-13] (Microsoft Corporation) Task: {6440C5E0-A168-4A5F-B84E-F7C8C0A6E933} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} C:\Windows\System32\WorkFoldersShell.dll [230400 2022-04-13] (Microsoft Corporation) Task: {4BDB5047-01B7-48D5-AE7E-720EDA7D2049} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [468992 2022-10-03] (Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File) Task: {571A0A5E-B60E-4A25-BEFB-ABB3C6BB6B78} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync => {C662D912-E4D6-44A3-89A0-20550514951D} C:\Windows\System32\dsregtask.dll [52736 2022-10-03] (Microsoft Corporation) Task: {35D4C945-33D4-43B6-83D3-99034D411E25} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [468992 2022-10-03] (Microsoft Corporation) Task: {DF6A7742-913B-4025-B27A-CE65BB343A0D} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [132408 2021-01-13] (Microsoft Windows -> Microsoft Corporation) Task: {65ABD2B9-E0F7-4350-A396-343BA8418F4C} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [745984 2023-08-28] (Microsoft Corporation) Task: {41F5FC9D-EE65-4CA4-A908-91B3587198E0} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [33792 2022-06-22] (Microsoft Corporation) Task: {A59405BE-61C6-4F9A-A829-CEC0309F17E9} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [33792 2022-06-22] (Microsoft Corporation) Task: {CCC2F28C-67A7-435B-AA90-96572F9706AB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation) Task: {118409F0-5BD5-40F6-A536-29EAD2146BF5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation) Task: {602F723B-03D4-4ABB-80BA-E072B2F63E85} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2179792 2013-05-13] (Microsoft Corporation -> Microsoft) Task: {1F16F1B2-6F0B-48A3-992B-EEC46418C4EF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation) Task: {D9D6690D-99F1-4D10-B70D-24D2099495DD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation) Task: {ECF75827-4F8E-46D7-B8ED-1474B71AEFFB} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-08] (Microsoft Corporation -> Microsoft Corporation) Task: {B3EB33DC-668E-41A2-84BC-DF161AC63BAC} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-08] (Microsoft Corporation -> Microsoft Corporation) Task: {6B3C9ED0-920C-4D33-A319-165412F0A0AD} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe /analyze (No File) Task: {4E30F175-1699-416E-B398-E5A609D265D6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe /submit (No File) Task: {63C0030A-A999-473D-B111-FDD1632A8587} - System32\Tasks\Norton WSC Integration => "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe" /taskschd (No File) Task: {F35ED545-568D-4190-8B6D-757C0CCFB1B1} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1689863419-2369483584-1389092369-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) Task: {8D6BDC7C-4966-44B4-9823-39B372832251} - System32\Tasks\Opera scheduled Autoupdate 1660658779 => C:\Users\Marek\AppData\Local\Programs\Opera\launcher.exe [2642848 2023-10-30] (Opera Norway AS -> Opera Software) Task: {23B6FBB9-20C9-4D2B-A594-8B1B40D2CEE1} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1689863419-2369483584-1389092369-1001 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [669696 2023-07-15] (Microsoft Corporation) Task: {ABAE362F-6906-41FC-BC07-979B8F4DCEC1} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2294720 2023-04-27] (pdfforge GmbH -> pdfforge GmbH) Task: {3ADA2EAC-0885-4EEF-BE63-131054A1BF55} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2294720 2023-04-27] (pdfforge GmbH -> pdfforge GmbH) Task: {67BE2963-6DED-4C0E-AE5E-505605801C64} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [15917496 2022-11-17] (pdfforge GmbH -> pdfforge GmbH.) Task: {633ECBEB-7134-4E7C-B3D2-EF3BB40FC3D2} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3457984 2023-04-27] (pdfforge GmbH -> pdfforge GmbH) Task: {76D1B5A5-3DE1-4A2D-A8EB-102B7730D51B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {60B94EA5-F776-43AA-84FE-6A9B80040824} - System32\Tasks\S-1-5-21-1689863419-2369483584-1389092369-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [176640 2021-01-13] (Microsoft Corporation) Task: {F38BA57B-D974-4588-B15D-AD5BDFCBD637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5363552 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.) Task: {ABCDC38C-96E1-49E1-BD04-9F042727E5F9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5629064 2021-11-23] (Safer-Networking Limited -> Safer-Networking Ltd.) Task: {3018EFF8-597E-4738-B9BF-419E541CA656} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6093928 2021-12-20] (Safer-Networking Limited -> Safer-Networking Ltd.) Task: {C12E3306-22DA-4B91-94A9-48E4538FDA14} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2982184 2016-02-23] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {B37181C6-1784-4D4D-8E19-45687148CE8E} - System32\Tasks\Samsung_PSSD_Registration_Plus => C:\Program Files (x86)\Samsung\Portable_SSD\SamsungPortableSSDMon_1.0.exe [869224 2021-08-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics) Task: {4E14F0AB-40C0-4A34-ABEF-A2B0C7290FF6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) Task: {7AC1277B-3F16-4EAD-A9FE-6CAA2FA7A5DD} - System32\Tasks\SetGoIoPackageUpdater => C:\Program Files (x86)\Somfy\Set&Go io\SetGoIoPackageUpdater.exe [1515816 2023-03-06] (SOMFY ACTIVITES SA -> Somfy) Task: {2931275E-B42C-4DAD-ADCF-5E34B6DC4360} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2623296 2014-01-29] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) Task: {3BBE0B1E-140D-4161-8C85-339D6D2018E8} - System32\Tasks\User_Feed_Synchronization-{C0A555B5-3F25-46CE-93FE-1810BCA496E0} => C:\WINDOWS\system32\msfeedssync.exe [14848 2019-12-07] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated) S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8905624 2023-03-07] (Avast Software s.r.o. -> AVAST Software) S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-03-07] (Avast Software s.r.o. -> AVAST Software) S2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2197912 2023-03-07] (Avast Software s.r.o. -> AVAST Software) S2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [583576 2023-03-07] (Avast Software s.r.o. -> AVAST Software) S2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2023-05-29] (Avast Software s.r.o. -> AVAST Software) S2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-09-16] (Avast Software s.r.o. -> AVAST Software) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) S2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18266008 2023-11-03] (Avast Software s.r.o. -> AVAST Software) S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054128 2023-08-16] (Microsoft Corporation -> Microsoft Corporation) S2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [121344 2017-08-08] (Dassault Systèmes) S2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [44168 2022-04-29] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) S2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) S2 FUSServices; C:\windows\SysWOW64\FUSServices.exe [10752 2010-01-08] () S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-09] (HP Inc. -> HP Inc.) S2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [124536 2012-12-25] (Hewlett-Packard Company -> HP) S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) S2 MSSQL$WHOKNA4; c:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation -> Microsoft Corporation) S2 MSSQL$WHOKNA4DAKO; c:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4DAKO\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2019-04-14] (StagWare) S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () S3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3182016 2023-04-27] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [508864 2023-04-27] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414144 2023-04-27] (pdfforge GmbH -> pdfforge GmbH) S2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2782080 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.) S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4605312 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11227032 2023-11-09] (Avast Software s.r.o. -> AVAST Software) S4 SQLAgent$WHOKNA4; c:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation -> Microsoft Corporation) S4 SQLAgent$WHOKNA4DAKO; c:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4DAKO\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation -> Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [382976 2021-05-14] () S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{68F93440-851B-4190-92C8-498CC8B8455E} [21312 2020-11-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) S2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) S2 pgsql-8.3; "C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe" runservice -w -N "pgsql-8.3" -D "C:\Program Files (x86)\PostgreSQL\8.3\data\" S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe <==== ATTENTION (Access Denied) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 acpials; C:\Windows\System32\drivers\acpials.sys [13312 2021-01-13] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Corporation) S1 afunix; C:\Windows\system32\drivers\afunix.sys [44032 2022-08-11] (Microsoft Corporation) S1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [30720 2022-08-11] (Microsoft Corporation) S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [292352 2021-04-16] (Microsoft Corporation) S3 AMPPAL; C:\Windows\System32\drivers\AMPPAL.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\system32\DRIVERS\amppal.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2023-03-16] (Microsoft Corporation) S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [231808 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391856 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297880 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268480 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [557136 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [941928 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [699624 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212640 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319056 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76568 2023-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software) S3 aswWintun; C:\Windows\System32\drivers\aswWintun.sys [51112 2023-05-29] (Avast Software s.r.o. -> AVAST Software) S3 aswWireGuard; C:\Windows\System32\drivers\aswWireguard.sys [184544 2023-05-29] (Avast Software s.r.o. -> Avast Software) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Windows (R) Win 7 DDK provider) S1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Corporation) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [282624 2023-08-09] (Microsoft Corporation) S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [113664 2023-05-10] (Microsoft Corporation) S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [65536 2022-04-13] (Microsoft Corporation) S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-13] (Microsoft Corporation) S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2020-11-06] (Microsoft Corporation) S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [45568 2023-05-10] (Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) S3 BthPan; C:\Windows\System32\drivers\bthpan.sys [133632 2023-04-12] (Microsoft Corporation) S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [1565696 2023-05-10] (Microsoft Corporation) S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [110592 2023-05-10] (Microsoft Corporation) S1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation -> EldoS Corporation) S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [100864 2022-10-12] (Microsoft Corporation) S1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [95232 2023-02-15] () S3 circlass; C:\Windows\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Corporation) S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [498176 2023-09-15] (Microsoft Corporation) S1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [152064 2023-02-15] (Microsoft Corporation) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [74296 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [54328 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> ) S1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [24152 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [555072 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 FaxLffv2; C:\Windows\System32\Drivers\FaxLffv2.sys [31232 2008-06-18] (OEM) S1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Corporation) S1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Corporation) S3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [138240 2023-08-09] (Microsoft Corporation) S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [120320 2020-11-06] (Microsoft Corporation) S3 HidIr; C:\Windows\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Corporation) S3 hidspi; C:\Windows\System32\drivers\hidspi.sys [104448 2023-06-15] (Microsoft Corporation) S3 HidSpiCx; C:\Windows\System32\drivers\HidSpiCx.sys [98304 2023-06-15] (Microsoft Corporation) S3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [44032 2023-06-15] (Microsoft Corporation) S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) S3 htcnprot; C:\Windows\system32\DRIVERS\htcnprot.sys [36928 2012-12-07] (HTC Corp. -> Windows (R) Win 7 DDK provider) S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [47104 2020-11-06] (Microsoft Corporation) S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [91648 2022-10-03] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [227840 2023-08-09] (Microsoft Corporation) S2 lltdio; C:\Windows\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Corporation) S2 luafv; C:\Windows\system32\drivers\luafv.sys [143360 2023-02-15] (Microsoft Corporation) S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [386048 2022-04-13] (Microsoft Corporation) S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Corporation) S3 Modem; C:\Windows\System32\drivers\modem.sys [47104 2021-01-13] (Microsoft Corporation) S3 monitor; C:\Windows\System32\drivers\monitor.sys [83968 2021-08-12] (Microsoft Corporation) S3 MpKsl66768c96; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E035BBFC-3B8F-4EEB-BCB2-5C3E8BB90437}\MpKslDrv.sys [123112 2021-08-12] (Microsoft Windows -> Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [165888 2022-02-17] (Microsoft Corporation) S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Corporation) S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Corporation) S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [45568 2023-09-15] (Microsoft Corporation) S2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-11-28] (Marvell Semiconductor, Inc.) S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [757760 2021-12-17] (Microsoft Corporation) S1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Corporation) S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [135168 2020-11-06] (Microsoft Corporation) S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [208384 2023-04-12] (Microsoft Corporation) S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [208384 2023-04-12] (Microsoft Corporation) S2 Ndu; C:\Windows\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Corporation) S1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [124952 2023-05-29] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider) S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2019-12-07] (Intel Corporation) S2 NPF; C:\Program Files (x86)\VIDOS ONE PC Site\Drivers\npf64.sys [36600 2021-04-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [825344 2023-05-10] (Microsoft Corporation) S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Corporation) S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [105984 2023-03-16] (Microsoft Corporation) S0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation -> Corel Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Corporation) S3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider) S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [114688 2023-08-09] (Microsoft Corporation) S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [112128 2023-08-28] (Microsoft Corporation) S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [89088 2023-08-28] (Microsoft Corporation) S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [87552 2023-06-15] (Microsoft Corporation) S3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [169984 2021-04-16] (Microsoft Corporation) S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Corporation) S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Corporation) S2 rspndr; C:\Windows\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Corporation) S3 RT-USB; C:\Windows\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [44032 2023-08-09] (Microsoft Corporation) S3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [323072 2023-07-15] (Microsoft Corporation) S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation) S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider) S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [784896 2023-05-10] (Microsoft Corporation) S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [322560 2023-08-09] (Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 StillCam; C:\Windows\System32\drivers\serscan.sys [13312 2022-07-18] (Microsoft Corporation) S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [6656 2021-04-16] (Microsoft Corporation) S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [56832 2023-07-15] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Corporation) S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [37888 2021-08-12] (Microsoft Corporation) S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [129024 2022-11-10] (Microsoft Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [160256 2021-10-15] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Corporation) S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation) S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [113152 2020-11-06] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [348672 2023-08-09] (Microsoft Corporation) S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Intel Wireless Display -> Windows (R) Win 7 DDK provider) S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [209920 2023-07-15] (Microsoft Corporation) S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation) S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Corporation) S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2023-07-15] (Microsoft Corporation) S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [42496 2023-04-12] (Microsoft Corporation) S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49664 2022-07-18] (Microsoft Corporation) S3 usbser; C:\Windows\System32\drivers\usbser.sys [81408 2022-10-12] (Microsoft Corporation) S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [39424 2023-07-15] (Microsoft Corporation) S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation) S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [29184 2019-12-07] (Microsoft Corporation) S1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [77824 2021-09-17] (Microsoft Corporation) S3 vwifimp; C:\Windows\System32\drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Corporation) S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [93184 2022-06-22] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [967168 2023-09-15] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) S3 WinNat; C:\Windows\System32\drivers\winnat.sys [261120 2022-02-17] (Microsoft Corporation) S1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2020-04-10] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 WINUSB; C:\Windows\System32\drivers\WinUsb.sys [107008 2019-12-07] (Microsoft Corporation) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) S3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [23552 2022-07-18] (Microsoft Corporation) S3 WSDScan; C:\Windows\System32\drivers\WSDScan.sys [26112 2022-07-18] (Microsoft Corporation) S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [136192 2023-07-15] (Microsoft Corporation) S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [323072 2023-07-15] (Microsoft Corporation) S3 WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [323072 2023-07-15] (Microsoft Corporation) S3 WUDFWpdMtp; C:\Windows\System32\drivers\WUDFRd.sys [323072 2023-07-15] (Microsoft Corporation) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [332288 2022-02-17] (Microsoft Corporation) S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Intel Wireless Display -> Windows (R) Win 7 DDK provider) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [58368 2023-06-15] (Microsoft Corporation) UpperFilters: [{71A27CDD-812A-11D0-BEC7-08002BE2092F}] -> [volsnap EUBKMON EUBAKUP] UpperFilters: [{4D36E96B-E325-11CE-BFC1-08002BE10318}] -> [ETD aswKbd kbdclass] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (All) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-11-09 15:08 - 2023-11-09 15:08 - 000000000 ____D C:\FRST 2023-11-09 15:05 - 2023-11-09 15:05 - 000000000 _____ C:\Recovery.txt 2023-11-09 14:21 - 2023-11-09 14:21 - 000000000 ___HD C:\$SysReset 2023-11-09 12:07 - 2023-11-09 12:09 - 000629760 _____ C:\Windows\System32\UserMgrLog.etl 2023-11-09 12:07 - 2023-11-09 12:09 - 000027648 _____ C:\Windows\System32\umstartup.etl 2023-11-09 11:27 - 2023-11-09 13:16 - 001442786 _____ C:\Windows\ntbtlog.txt 2023-11-09 11:27 - 2023-11-09 11:43 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2023-11-09 10:24 - 2023-11-09 10:24 - 000015704 _____ C:\cc_20231109_102406.reg 2023-11-06 10:41 - 2023-11-06 10:42 - 000000000 ____D C:\Users\Marek\Documents\40plus 2023-11-06 10:00 - 2023-11-06 10:01 - 000000103 _____ C:\Users\Marek\Desktop\.htaccess 2023-11-04 16:27 - 2023-11-06 08:16 - 000000000 ____D C:\Users\Marek\Documents\Lynx 2023-11-03 18:27 - 2023-11-03 18:27 - 000000000 ___HD C:\$WinREAgent 2023-11-03 18:26 - 2023-10-17 06:58 - 000497664 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe 2023-11-03 18:26 - 2023-10-17 05:06 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2023-11-02 09:33 - 2023-11-02 09:33 - 000131234 _____ C:\Users\Marek\Downloads\Oferta - 2023-11-02T093351.777.pdf 2023-11-02 09:32 - 2023-11-02 09:32 - 000131336 _____ C:\Users\Marek\Downloads\Oferta - 2023-11-02T093211.981.pdf 2023-11-02 09:30 - 2023-11-02 09:30 - 000126898 _____ C:\Users\Marek\Downloads\Oferta - 2023-11-02T093050.140.pdf 2023-10-31 14:23 - 2023-10-31 14:23 - 000059245 _____ C:\Users\Marek\Downloads\2024-1300428688.pdf 2023-10-31 14:22 - 2023-10-31 14:22 - 000059244 _____ C:\Users\Marek\Downloads\2024-1300428691.pdf 2023-10-24 16:27 - 2023-10-24 16:31 - 002409182 _____ C:\Users\Marek\Documents\ang Jas.pdf 2023-10-18 10:56 - 2023-10-18 10:56 - 000216745 _____ C:\Users\Marek\Documents\skrócenie urlopu wychowawczego.pdf 2023-10-18 10:18 - 2023-10-18 10:18 - 000132306 _____ C:\Users\Marek\Downloads\Praca_Wniosek_O_Przerwanie_Urlopu_Wychowawczego_WZOR.pdf 2023-10-12 11:58 - 2023-10-12 11:58 - 000000000 ____D C:\ProgramData\PLUG 2023-10-12 09:57 - 2023-10-12 09:57 - 000483615 _____ C:\Users\Marek\Downloads\OWU_WARTA_Dom_Komfort_C7184 (1).pdf 2023-10-12 09:51 - 2023-10-12 09:51 - 000483615 _____ C:\Users\Marek\Downloads\OWU_WARTA_Dom_Komfort_C7184.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-11-09 15:04 - 2022-06-08 12:22 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Samsung Magician 2023-11-09 15:04 - 2020-06-19 23:48 - 000000000 ____D C:\Users\Marek\AppData\Local\CrashDumps 2023-11-09 15:04 - 2020-06-19 23:05 - 000000000 ____D C:\ProgramData\Avast Software 2023-11-09 15:04 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\System32\config\BBI 2023-11-09 15:04 - 2016-10-27 11:52 - 000065536 _____ C:\Windows\System32\spu_storage.bin 2023-11-09 15:03 - 2023-05-29 13:45 - 000000000 ____D C:\Users\Marek\AppData\Local\AvastAntiTrackPremium 2023-11-09 15:03 - 2022-09-08 16:38 - 000000000 ____D C:\ProgramData\boost_interprocess 2023-11-09 15:03 - 2021-12-28 11:05 - 000000000 ____D C:\Windows\SystemTemp 2023-11-09 15:03 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-11-09 15:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2023-11-09 15:02 - 2016-07-17 13:54 - 000000000 __SHD C:\Users\Marek\IntelGraphicsProfiles 2023-11-09 15:02 - 2013-09-29 16:39 - 000000000 ____D C:\Program Files (x86)\Google 2023-11-09 14:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-09 14:31 - 2020-11-06 09:44 - 001956416 _____ C:\Windows\System32\PerfStringBackup.INI 2023-11-09 14:31 - 2019-12-07 16:08 - 000785594 _____ C:\Windows\System32\perfh015.dat 2023-11-09 14:31 - 2019-12-07 16:08 - 000152454 _____ C:\Windows\System32\perfc015.dat 2023-11-09 14:31 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2023-11-09 14:26 - 2020-11-06 10:25 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2023-11-09 14:26 - 2020-11-06 10:25 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update 2023-11-09 14:24 - 2023-05-29 13:46 - 000004028 _____ C:\Windows\System32\Tasks\Avast SecureLine VPN Update 2023-11-09 14:24 - 2020-06-19 10:14 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2023-11-09 14:24 - 2015-07-28 21:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2023-11-09 14:23 - 2020-11-06 10:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-11-09 14:23 - 2020-11-06 09:06 - 000008192 ___SH C:\DumpStack.log.tmp 2023-11-09 14:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2023-11-09 13:58 - 2013-04-12 08:07 - 000000000 ____D C:\ProgramData\WinClon 2023-11-09 13:46 - 2022-08-16 15:06 - 000004188 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1660658779 2023-11-09 12:20 - 2020-11-06 09:06 - 003669336 _____ C:\Windows\System32\FNTCACHE.DAT 2023-11-09 12:16 - 2019-12-07 16:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-11-09 12:16 - 2019-12-07 16:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-11-09 12:16 - 2019-12-07 16:08 - 000000000 ____D C:\Windows\SysWOW64\pl 2023-11-09 12:16 - 2019-12-07 16:08 - 000000000 ____D C:\Windows\System32\pl 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\System32\UNP 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\System32\F12 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\System32\DiagSvcs 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\WinMetadata 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\WinBioPlugIns 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\SystemResetPlatform 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\Sysprep 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\ShellExperiences 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\setup 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\PerceptionSimulation 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\oobe 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\migwiz 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\lv-LV 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\lt-LT 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\et-EE 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\es-MX 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\Dism 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\Com 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\appraiser 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\AdvancedInstallers 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-11-09 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-11-09 12:16 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing 2023-11-09 12:15 - 2019-12-07 16:11 - 000023552 _____ (Microsoft Corporation) C:\Windows\System32\OEMDefaultAssociations.dll 2023-11-09 12:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2023-11-09 12:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\System32\msclmd.dll 2023-11-09 11:10 - 2020-11-06 10:25 - 000004206 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0A555B5-3F25-46CE-93FE-1810BCA496E0} 2023-11-09 11:09 - 2016-05-02 10:13 - 000000000 ____D C:\Program Files\Microsoft Office 15 2023-11-09 11:08 - 2022-11-11 17:05 - 000000000 ____D C:\Windows\System32\Tasks\HP 2023-11-09 11:08 - 2022-11-11 17:04 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2023-11-09 11:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-09 11:08 - 2016-07-17 13:57 - 000000000 ____D C:\Users\Marek\AppData\Local\Publishers 2023-11-09 10:53 - 2022-09-20 19:39 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2023-11-09 10:52 - 2013-09-29 17:19 - 000000000 ____D C:\Users\Marek\Documents\Pliki programu Outlook 2023-11-09 10:23 - 2021-07-18 12:55 - 000000000 ____D C:\Windows\Minidump 2023-11-09 10:23 - 2020-06-20 19:33 - 000000000 ____D C:\Program Files\CCleaner 2023-11-09 10:23 - 2017-01-31 16:30 - 000000000 ____D C:\Users\Marek\AppData\Local\PDFCreator 2023-11-08 16:31 - 2020-11-06 09:07 - 000000000 ____D C:\Windows\System32\SleepStudy 2023-11-08 15:04 - 2013-10-08 13:35 - 000000000 ____D C:\Users\Marek\Documents\KASTER 2023-11-08 14:58 - 2013-09-29 17:18 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Excel 2023-11-08 14:54 - 2013-09-29 17:13 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Word 2023-11-08 13:18 - 2023-09-18 10:35 - 000002426 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration_Plus 2023-11-08 13:18 - 2023-09-07 08:16 - 000002804 _____ C:\Windows\System32\Tasks\AMD RELAUNCHER 2023-11-08 13:18 - 2022-10-24 09:33 - 000002712 _____ C:\Windows\System32\Tasks\SetGoIoPackageUpdater 2023-11-08 13:18 - 2022-09-20 19:39 - 000003048 _____ C:\Windows\System32\Tasks\CCleanerCrashReporting 2023-11-08 13:18 - 2022-06-08 12:22 - 000002534 _____ C:\Windows\System32\Tasks\SamsungMagician 2023-11-08 13:18 - 2021-08-19 09:40 - 000002254 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC - Marek 2023-11-08 13:18 - 2020-11-06 10:25 - 000003760 _____ C:\Windows\System32\Tasks\AMD Updater 2023-11-08 13:18 - 2020-11-06 10:25 - 000003506 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2023-11-08 13:18 - 2020-11-06 10:25 - 000003492 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-11-08 13:18 - 2020-11-06 10:25 - 000003482 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2023-11-08 13:18 - 2020-11-06 10:25 - 000003282 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2023-11-08 13:18 - 2020-11-06 10:25 - 000003268 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-11-08 13:18 - 2020-11-06 10:25 - 000002670 _____ C:\Windows\System32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series 2023-11-08 13:18 - 2020-11-06 10:25 - 000002524 _____ C:\Windows\System32\Tasks\Settings 2023-11-08 13:18 - 2020-11-06 10:25 - 000002460 _____ C:\Windows\System32\Tasks\Norton WSC Integration 2023-11-08 13:18 - 2020-11-06 10:25 - 000002318 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask 2023-11-08 13:18 - 2020-11-06 10:25 - 000002262 _____ C:\Windows\System32\Tasks\advRecovery 2023-11-08 13:18 - 2020-11-06 10:25 - 000002174 _____ C:\Windows\System32\Tasks\RTKCPL 2023-11-08 13:18 - 2020-11-06 10:25 - 000002154 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2023-11-08 13:18 - 2020-11-06 10:25 - 000002128 _____ C:\Windows\System32\Tasks\SAgent 2023-11-08 13:18 - 2020-11-06 10:25 - 000002128 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2023-11-08 13:18 - 2020-11-06 10:25 - 000002126 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2023-11-08 13:18 - 2020-11-06 10:25 - 000002112 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2023-11-08 13:18 - 2020-11-06 10:25 - 000002110 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2023-11-08 13:18 - 2020-11-06 10:25 - 000002100 _____ C:\Windows\System32\Tasks\{22AFD03A-7220-407D-A501-4884E76E9494} 2023-11-08 13:18 - 2020-11-06 10:25 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2023-11-07 15:37 - 2013-10-01 09:26 - 000000000 ____D C:\export 2023-11-07 14:48 - 2019-12-07 16:10 - 000000000 ____D C:\Windows\System32\FxsTmp 2023-11-04 16:45 - 2018-02-06 09:52 - 000000000 ____D C:\Users\Marek\AppData\Local\Packages 2023-11-03 19:39 - 2023-01-16 09:51 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-11-03 17:59 - 2020-11-06 09:19 - 000000000 ____D C:\users\Marek 2023-11-03 12:22 - 2020-09-21 09:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-11-03 09:32 - 2023-05-29 13:45 - 000050048 _____ (Avast Software) C:\Windows\System32\icarus_rvrt.exe 2023-10-31 08:41 - 2018-08-02 23:32 - 000000000 ____D C:\Users\Marek\AppData\Local\D3DSCache 2023-10-27 09:12 - 2022-11-17 15:20 - 000000000 ____D C:\Users\Marek\AppData\Roaming\PDF Architect 9 2023-10-24 17:59 - 2013-09-29 17:19 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Outlook 2023-10-20 16:55 - 2013-10-08 13:35 - 000000000 ____D C:\Users\Marek\Documents\DOMEL 2023-10-20 15:26 - 2022-06-06 12:44 - 000000000 ____D C:\PULPITzgrany 2023-10-20 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration 2023-10-20 10:31 - 2013-10-08 13:36 - 000000000 ____D C:\Users\Marek\Documents\Krispol 2023-10-19 21:40 - 2013-10-08 13:59 - 000000000 ____D C:\Users\Marek\Documents\K-CARS 2023-10-18 10:07 - 2020-11-06 09:19 - 000000000 ____D C:\users\postgres 2023-10-18 09:12 - 2020-08-27 10:20 - 000004357 _____ C:\Users\Marek\Desktop\trombity 6774.txt 2023-10-17 09:09 - 2013-10-01 13:48 - 000000000 ____D C:\Program Files (x86)\HTC 2023-10-12 08:11 - 2013-09-29 15:51 - 000000000 ____D C:\Windows\System32\MRT 2023-10-12 07:53 - 2013-09-29 15:51 - 181553176 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2023-10-12 07:34 - 2022-11-14 08:39 - 000000000 ____D C:\Program Files\RUXIM 2023-10-11 11:23 - 2017-04-05 14:31 - 000000000 ____D C:\Users\Marek\Documents\DW DOMEL 2023-10-10 09:49 - 2017-10-13 09:27 - 000000000 ____D C:\Users\Marek\Documents\Credit Agricole ==================== KnownDLLs (Whitelisted) ========================= ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe [2023-08-28 15:37] - [2023-08-28 15:37] - 000905216 _____ (Microsoft Corporation) B2AD768FF9A9DE3D886825A59DEF307A C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe [2023-09-15 09:00] - [2023-09-15 09:00] - 005311304 _____ (Microsoft Corporation) 574AF6D80FE7CC6422A8592DE7A39F78 C:\Windows\SysWOW64\explorer.exe [2023-08-28 15:37] - [2023-08-28 15:37] - 004677464 _____ (Microsoft Corporation) 82547BE3AA1A6C7E5C4D3019C70A0737 C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll [2023-08-28 15:36] - [2023-08-28 15:36] - 001698912 _____ (Microsoft Corporation) 96C3909034563760C1CCE9C861EF09B2 C:\Windows\SysWOW64\User32.dll [2023-09-15 09:01] - [2023-09-15 09:01] - 001682880 _____ (Microsoft Corporation) 7F046ED9E2CD73D41BA0618403C75A51 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2023-08-09 15:18] - [2023-08-09 15:18] - 001324544 _____ (Microsoft Corporation) 47E9BCAEF5978A15A48A9ABC50E3CBC9 C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\dllhost.exe => MD5 is legit C:\Windows\SysWOW64\dllhost.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 8% Total physical RAM: 16270.88 MB Available physical RAM: 14904.43 MB Total Virtual: 16270.88 MB Available Virtual: 14994.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.22 GB) (Free:110.94 GB) (Model: Samsung SSD 870 EVO 1TB) NTFS Drive d: (ESD-USB) (Removable) (Total:14.44 GB) (Free:10.05 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS \\?\Volume{40c89af0-1ce2-4b0e-8ef6-1d00b0af9321}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 62A11A18) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 14.5 GB) (Disk ID: 1DE52B76) Partition 1: (Active) - (Size=14.5 GB) - (Type=FAT32) ErrorUnloadSoftware: 5 ==================== End of FRST.txt ========================