Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2025 Ran by SYSTEM on MININT-G6ADBPI (04-11-2025 13:20:19) Running from F:\\FRST64.exe Platform: Windows 11 Version 25H2 26200.6584 (X64) Language: English (United States) -> English (United States) Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [120824 2022-07-25] (Intel(R) CherryTrail Windows -> Intel Corporation) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1725920 2016-09-23] (GlavSoft LLC -> GlavSoft LLC.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088840 2025-11-03] (Bitdefender SRL -> Bitdefender) HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [501424 2025-03-20] (Bitdefender SRL -> Bitdefender) HKLM-x32\...\Run: [TeamsMachineInstaller] => %ProgramFiles%\Teams Installer\Teams.exe --checkInstall --source=PROPLUS (No File) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [112973080 2024-06-22] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation) HKLM\...\RunOnce: [*Restore] => C:\WINDOWS\system32\rstrui.exe [335872 2025-09-09] (Microsoft Windows -> Microsoft Corporation) HKLM\...\RunOnce: [PbrReturnToOldOS] => C:\Windows\System32\ResetEngine.exe [42368 2025-09-09] (Microsoft Windows -> Microsoft Corporation) HKLM\...\RunOnce: [RollbackOnline] => %SystemDrive%\$WINDOWS.~BT\Sources\SetupPlatform.exe /rollbackonlineuser (No File) HKU\chetand\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4735888 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) HKU\chetand\...\Run: [MicrosoftEdgeAutoLaunch_27750887E90F3304F3E0C613180BF7EF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253224 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) HKU\chetand\...\Run: [com.squirrel.Teams.Teams] => C:\Users\chetand\AppData\Local\Microsoft\Teams\Update.exe [2593856 2024-05-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\chetand\...\Run: [org.whispersystems.signal-desktop] => C:\Users\chetand\AppData\Local\Programs\signal-desktop\Signal.exe [202137968 2025-05-28] (Signal Messenger, LLC -> Signal Messenger, LLC) HKU\chetand\...\Run: [Discord] => C:\Users\chetand\AppData\Local\Discord\Update.exe [1526552 2024-06-18] (Discord Inc. -> GitHub) HKU\chetand\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2020-04-16] (OpenVPN Inc. -> ) HKU\chetand\...\Run: [com.squirrel.slack.slack] => C:\Users\chetand\AppData\Local\slack\slack.exe [307560 2025-10-21] (Slack Technologies, LLC -> Slack Technologies Inc.) HKU\chetand\...\Run: [EasySettingBox] => C:\Program Files\Samsung\Easy Setting Box\EasySettingBox.exe [5975040 2024-05-09] () HKU\chetand\...\Run: [GoogleChromeAutoLaunch_CC1229E710AB82ED98C02E1D7BA80CB2] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3382936 2025-10-21] (Google LLC -> Google LLC) HKU\chetand\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe [699840 2022-06-20] (Microsoft Corporation -> Microsoft Corporation) HKU\chetand\...\RunOnce: [Application Restart #6] => C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe [699840 2022-06-20] (Microsoft Corporation -> Microsoft Corporation) HKU\chetand\...\RunOnce: [Application Restart #7] => C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe [699840 2022-06-20] (Microsoft Corporation -> Microsoft Corporation) HKU\crdod\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4735888 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) HKU\crdod\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2020-04-16] (OpenVPN Inc. -> ) HKU\crdod\...\Run: [MicrosoftEdgeAutoLaunch_8EE5871E58D5BCCDCFD02E090C4AEDE6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253224 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) HKU\crdod\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41579480 2025-09-29] (Adobe Inc. -> Adobe Systems Incorporated) HKU\crdod\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.194.1005.0003\OneDrive.Sync.Service.exe [951184 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) HKU\crdod\...\Run: [Teams] => C:\Users\crdod\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teams.exe [0 0] () [symlink -> ] HKU\crdod\...\Run: [com.squirrel.slack.slack] => C:\Users\chetand\AppData\Local\slack\slack.exe [307560 2025-10-21] (Slack Technologies, LLC -> Slack Technologies Inc.) HKU\crdod\...\Run: [GoogleChromeAutoLaunch_C848C81D990E86B882C7A8CBCBF68FE1] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3382936 2025-10-21] (Google LLC -> Google LLC) HKU\Default\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4735888 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) HKU\shiva\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2020-04-16] (OpenVPN Inc. -> ) HKU\shiva\...\Run: [MicrosoftEdgeAutoLaunch_6132023B89889B35D5F13E32FCCA596E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253224 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) HKU\shiva\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4735888 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) HKU\shiva\...\Run: [GoogleChromeAutoLaunch_B70A4187D89541ECED09BD63D500E0FE] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3382936 2025-10-21] (Google LLC -> Google LLC) HKU\shiva\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --restore-last-session --restart [3382936 2025-10-21] (Google LLC -> Google LLC) HKLM\...\Windows x64\Print Processors\Canon G4010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEH.DLL [506368 2023-06-15] (CANON INC.) HKLM\...\Windows x64\Print Processors\Canon GM2000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFN.DLL [482816 2019-02-20] (CANON INC.) HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [218112 2016-03-07] (Bullzip) HKLM\...\Print\Monitors\Canon BJ Language Monitor GM2000 series: C:\WINDOWS\system32\CNMLMFN.DLL [1309696 2019-02-20] (CANON INC.) HKLM\...\Print\Monitors\Virtual Port Monitor: C:\WINDOWS\system32\VirtualMon.dll [212992 2025-09-09] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\Windows\system32\credprovs.dll [2025-09-09] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\Windows\system32\credprovs.dll [2025-09-09] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}] -> C:\Windows\system32\credprovs.dll [2025-09-09] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\Windows\system32\credprovs.dll [2025-09-09] (Microsoft Corporation) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (All) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {5C2A4590-B252-41B2-AE09-5AB19AE5313D} - \Microsoft\Windows\Shell\UndockedFlightingUpdate -> No File <==== ATTENTION Task: {6E4D2838-C02A-46F2-B0F3-2278D546F369} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.) Task: {B744A8C6-BE04-4203-936D-1DBE26DA7F05} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1129953341-909748901-444229093-2362 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [40960 2025-09-09] (Microsoft Corporation) Task: {3AF43139-5601-4233-93AC-CDC33037BAF7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2022-07-25] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {5FD37D1C-18E4-45E2-A29B-8F31BDBEF98F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.14\WatchDog.exe [1168792 2025-06-04] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.14\repair Task: {FA20BCE9-D04B-42A7-BD5D-D5E789A3B51E} - System32\Tasks\Easy Connection to Screen => C:\Program Files\Samsung\Easy Connection to Screen\Ui.exe [1623488 2024-01-17] (Samsung Electronics CO., LTD. -> ) Task: {AB92CFD2-B87C-40E9-9808-31CA0CBC5ACB} - System32\Tasks\G2MUpdateTask-S-1-5-21-1129953341-909748901-444229093-2362 => C:\Users\chetand\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-12] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {3EC3808F-B4C2-415C-86F4-6EB5E495EE99} - System32\Tasks\G2MUploadTask-S-1-5-21-1129953341-909748901-444229093-2362 => C:\Users\chetand\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-12] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {37F3A33A-5CEE-4B20-B15F-6B2F676619BA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{984F1452-53D7-43D2-95FC-1FBCE2626817} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC) Task: {ED2D2941-48E4-470A-B04D-2AD3785E87D1} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [11388760 2025-11-01] (Microsoft Corporation -> Microsoft Corporation) Task: {D46D4CAF-C5A3-446D-B6ED-3245AC654C5F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29173168 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) Task: {D55074BC-8D82-4797-8347-4A4DD8EC2CD4} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [61272 2025-11-01] (Microsoft Corporation -> Microsoft Corporation) Task: {06F8E6E5-AB8A-494C-986B-F1B0EED801C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29173168 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) Task: {99154153-E062-4494-B227-E1331BB49089} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [226592 2025-11-01] (Microsoft Corporation -> Microsoft Corporation) Task: {53A38282-9B20-4DB8-8D08-9DE9B59E4223} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [226592 2025-11-01] (Microsoft Corporation -> Microsoft Corporation) Task: {2E03E614-A400-4EDA-B62F-3645F07A5126} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4644352 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) Task: {F0D28629-9279-474F-B822-8417A0EE0E6D} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [256440 2025-10-15] (Microsoft Corporation -> Microsoft) Task: {09B75BFE-4FDF-47B3-A7FD-899A092F9899} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [24096 2025-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {01612C27-6C74-4BA7-A9FC-F7D32415C0D4} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [24096 2025-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {A089E292-F4B9-4EB5-A09E-0C4BF448E005} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [24096 2025-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {C4BB3D7E-BF6E-42EE-B532-1E0832DA3EA9} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [24096 2025-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {0EB53B92-2398-4695-A300-690C510DC067} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\Windows\system32\AccountHealth.dll [237568 2025-09-09] (Microsoft Corporation) Task: {1A8080D1-F23D-4CF3-9F59-A4578B9D9E19} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [593920 2025-09-09] (Microsoft Corporation) Task: {F98BFCBD-867D-4734-B2CD-E9D72A80F093} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [593920 2025-09-09] (Microsoft Corporation) Task: {37077CCA-5981-49D0-8EAD-5A328E208C61} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager => {DECA92E0-AF85-439E-9204-86679978DA08} C:\Windows\System32\AppLockerCsp.dll [368640 2025-09-09] (Microsoft Corporation) Task: {CD644B8B-7297-4AA8-96A4-F4EC1FD24615} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [155648 2025-09-09] (Microsoft Corporation) Task: {C33F4607-C279-4257-9039-34FF9FE1F21A} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific => {9F2B0085-9218-42A1-88B0-9F0E65851666} Task: {F65E78D2-6CBA-464C-921F-C03CAD0A1A91} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [49152 2025-09-09] (Microsoft Corporation) Task: {61012F9B-FFD6-4E36-BD45-42CE5AC83FC1} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc Task: {61012F9B-FFD6-4E36-BD45-42CE5AC83FC1} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun Task: {61012F9B-FFD6-4E36-BD45-42CE5AC83FC1} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData Task: {3047C197-66F1-4523-BA92-6C955FEF9E4E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\sc.exe [102400 2025-09-09] (Microsoft Corporation) -> start InventorySvc Task: {A0C71CB8-E8F0-498A-901D-4EDA09E07FF4} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp => C:\Windows\system32\compattelrunner.exe [186736 2025-09-09] (Microsoft Corporation -> Microsoft Corporation) -> -m:appraiser.dll -f:DoScheduledTelemetryRun express Task: {35D12C9C-8E73-4391-AFC0-21177B23BE1D} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaPatchSdbTask Task: {B86F17B7-0298-4679-9BEA-3567E58A7D51} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\Windows\system32\sdbinst.exe [299008 2025-09-09] (Microsoft Corporation) Task: {DB351805-180A-4A8A-A7FB-048D230942B2} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> Startupscan.dll,SusRunTask Task: {2D5F15D5-9A58-444A-B969-DE789BD44978} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [139264 2025-09-09] (Microsoft Corporation) Task: {9C8F22F7-E6C2-403A-B779-9125A0AA4159} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [139264 2025-09-09] (Microsoft Corporation) Task: {BEBB7728-850C-4618-BB88-D50757EB0EB4} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {1734B5C2-376F-40C4-9E48-E0284BFF7450} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [40960 2025-09-09] (Microsoft Corporation) Task: {C5B41A1D-9B4A-40B1-90E2-576692C9043D} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [118784 2025-09-09] (Microsoft Corporation) Task: {8D51FC39-7A4E-40C3-BA08-FD4D2289F857} - System32\Tasks\Microsoft\Windows\AppListBackup\BackupNonMaintenance => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [118784 2025-09-09] (Microsoft Corporation) Task: {6A01B4F2-D8CE-4587-B742-02D396C40DAC} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\AppInstallerUpdater => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,ScheduleAppInstallerBackgroundUpdate Task: {6B00C177-C019-4C00-B0B6-C74E993BC9AA} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {4C15DAD2-FCFA-40CF-8C21-3E6BB41CB2AC} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\Windows\system32\UCPDMgr.exe [185344 2025-09-09] (Microsoft Corporation) Task: {30E6DB3D-C3AA-44DA-8E88-9DB52D84975E} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations Task: {F449940A-F863-4436-87DD-962B5295EB2F} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [139264 2025-09-09] (Microsoft Corporation) Task: {730947A5-753E-4D67-8F64-4AC1FEA62B46} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [139264 2025-09-09] (Microsoft Corporation) Task: {D8F53FD3-75B7-4BCB-AFC9-EFCDE6268034} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\WINDOWS\system32\BthUdTask.exe [69632 2025-09-09] (Microsoft Corporation) Task: {61014571-FEE0-459A-99D6-DE84F00D0DF9} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask => {E984D939-0E00-4DD9-AC3A-7ACA04745521} Task: {B8DEC486-8231-41C5-9109-D7ACDA5A5692} - System32\Tasks\microsoft\windows\capabilityaccessmanager\maintenancetasks => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance Task: {E72F1464-A3F9-406D-BF09-57DE4D764406} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [245760 2025-09-09] (Microsoft Corporation) Task: {44CF38D1-7912-4AF5-85E0-B5B6A8A8709F} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [245760 2025-09-09] (Microsoft Corporation) Task: {7235AFD9-C139-458E-AA61-F6FD579A198F} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [245760 2025-09-09] (Microsoft Corporation) Task: {3821ECEF-67ED-4990-95B6-50C6DF64719D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [110592 2025-09-09] (Microsoft Corporation) Task: {24D897BB-FCA1-4D52-B199-9254D8D47895} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [110592 2025-09-09] (Microsoft Corporation) Task: {2A8B3A75-27C9-41C5-935E-5B4575E6E059} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [110592 2025-09-09] (Microsoft Corporation) Task: {DFDFAAE9-EA5E-4F25-ADD2-A3FE05CBE085} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [40960 2024-04-01] (Microsoft Corporation) Task: {2273CC53-20C0-46E1-87CE-1DA662FDABDB} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [282624 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir% /sysrepair Task: {663DC9C2-27C5-406B-AC21-14E3725608CB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [1129488 2025-09-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {86255691-E232-4AA9-952C-7304286A0713} - System32\Tasks\Microsoft\Windows\Clip\LicenseImdsIntegration => C:\Windows\system32\fclip.exe [484904 2025-09-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {72242617-4783-4FB8-A5CF-51FA4B2C1B76} - System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask => {E4544ABA-62BF-4C54-AAB2-EC246342626C} C:\Windows\System32\CloudExperienceHostBroker.exe [95648 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {0BBF3682-133A-42B2-821A-CCC8BEFB4635} - System32\Tasks\Microsoft\Windows\CloudRestore\Backup => {722D0F89-B69C-4700-AE8C-4A44350E4876} C:\Windows\System32\CloudRestoreLauncher.dll [1626112 2025-09-09] (Microsoft Corporation) Task: {DB11BBBD-3DB2-4B56-8F25-534671846D5A} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\Windows\system32\CloudRestoreLauncher.dll [1626112 2025-09-09] (Microsoft Corporation) Task: {745A8730-6CF3-4E22-B6D1-DA046059FD3E} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82AA0895-198A-4C1B-B2D1-C16894218AFB} C:\Windows\System32\unifiedconsent.dll [540672 2025-09-09] (Microsoft Corporation) Task: {5DFE4C09-9CDC-4CA0-BBD3-29F42D75E189} - System32\Tasks\Microsoft\Windows\Containers\CmCleanup => {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4} C:\Windows\System32\cmcleanup.dll [87352 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {93446A40-5203-4921-AD6A-C438D2B764AC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe [369976 2020-06-27] (Microsoft Windows -> Microsoft Corporation) Task: {E4FED5BC-D567-4044-9642-2EDADF7DE108} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [86016 2024-04-01] (Microsoft Corporation) Task: {FD607F42-4541-418A-B812-05C32EBA8626} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {C27F6B1D-FE0B-45E4-9257-38799FA69BC8} C:\Windows\System32\usbceip.dll [135168 2025-09-09] (Microsoft Corporation) Task: {0A18F0F5-0A91-4636-A2B5-0D88BFC4B1C3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [356352 2025-09-09] (Microsoft Corporation) Task: {1EA5FD1B-E4CF-4471-A78C-2FF0BFD6554F} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [356352 2025-09-09] (Microsoft Corporation) Task: {058FF498-213D-4A09-88C1-001C8A8FF1DB} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [356352 2025-09-09] (Microsoft Corporation) Task: {48D3327B-19F2-41AA-837B-A189B51CDCB9} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [241664 2025-09-09] (Microsoft Corp.) Task: {E0897054-7E67-42E8-A5C0-290FE1BDB0BA} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [148888 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {1AC60082-C248-420C-9CBC-FCD612BDA90F} - System32\Tasks\Microsoft\Windows\Device Information\Device User => C:\Windows\system32\devicecensus.exe [148888 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {41761B9D-2EE3-474C-A24A-A2A4E9B595C2} - System32\Tasks\Microsoft\Windows\Device Setup\Driver Recovery on Reboot => {452F6DDC-7930-4B57-8794-19CD7420241D} C:\Windows\System32\DeviceSetupManagerAPI.dll [118784 2025-09-09] (Microsoft Corporation) Task: {23713248-F0F1-436C-9DFF-BABCB2879EFC} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh => {23C1F3CF-C110-4512-ACA9-7B6174ECE888} C:\Windows\System32\DeviceSetupManagerAPI.dll [118784 2025-09-09] (Microsoft Corporation) Task: {68766063-A2C4-4B25-ABBD-0F2131DFA45C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {A5B0F702-FE3C-4E59-9261-DF5381421B49} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {69268C01-9811-426E-8087-4433A05BF16B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {96E05586-64F9-4006-8269-B67332D73115} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {F374D396-6F94-4A15-AF12-7E1990515D48} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {59AEFCC9-9F0A-438A-9DCE-05BECFF49233} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {0F9B213A-8671-4C1E-A5C7-A9E22E67FEE9} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {5D3FCEA5-5A78-46A1-9AE7-582AEBFE47AF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {222B1E40-DFB7-4001-B965-BB6BFDB425F9} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {B63B8F61-C8B2-4891-A366-119945CAA236} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {BA7DC4D4-0A2E-4219-A542-9674DD78EBA8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {8C5F073D-4391-4D09-B411-560B09F3228B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [327680 2025-09-09] (Microsoft Corporation) Task: {E9FDE5C7-06DA-4076-AEC7-02A5487C4DA3} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\Windows\System32\MitigationClient.dll [565248 2025-09-09] (Microsoft Corporation) Task: {F38F5944-B27C-41ED-8DC0-2A828A68B1A0} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\Windows\System32\sdiagschd.dll [102400 2025-09-09] (Microsoft Corporation) Task: {D1211565-C8D3-4652-94F0-E7177DB88C70} - System32\Tasks\Microsoft\Windows\Diagnosis\UnexpectedCodepath => C:\Windows\system32\UCConfigTask.exe [57344 2025-09-09] () Task: {DB668C31-1324-4A15-85EA-0405D4E765DD} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\Windows\system32\directxdatabaseupdater.exe [176128 2025-09-09] (Microsoft Corporation) Task: {F49854D8-60F3-475E-8F40-E85C4EC04138} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [131072 2025-09-09] (Microsoft Corporation) Task: {46C68EA4-F9F7-40E2-84D3-FCE5F3AEBE31} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [307200 2025-09-09] (Microsoft Corporation) -> /autocleanstoragesense /d %systemdrive% Task: {36A1CD88-920A-4A62-BEF3-68538A8ACF6B} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> dfdts.dll,DfdGetDefaultPolicyAndSMART Task: {A01CBA68-8954-4C51-BEFF-37A017DAA227} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [77824 2025-09-09] (Microsoft Corporation) Task: {065878B2-62BA-48EC-9033-06E00B0E3945} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [98304 2025-09-09] (Microsoft Corporation) Task: {32B4915D-E6EF-432D-BD9C-D3FE6F9B3A69} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => {AB2A519B-03B0-43CE-940A-A73DF850B49A} C:\Windows\system32\StorageUsage.dll [335872 2025-09-09] (Microsoft Corporation) Task: {A4059604-7FC9-4F69-9ADD-7D66F2CD2A1F} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [77824 2025-09-09] (Microsoft Corporation) Task: {FEE6FEFC-0124-4367-8B6E-CF4E8671FCD7} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [139264 2025-09-09] (Microsoft Corporation) Task: {75CFEFFD-AD00-4CA7-9271-F710151BCFA2} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [139264 2025-09-09] (Microsoft Corporation) Task: {5B059E26-35C9-42E7-A9B2-80B5AFFE86B7} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [139264 2025-09-09] (Microsoft Corporation) Task: {A00416EE-51A9-4A19-845A-5E6B88662E70} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [139264 2025-09-09] (Microsoft Corporation) Task: {B99FC784-B1E6-4A24-8751-39985E56C794} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [176128 2025-09-09] (Microsoft Corporation) Task: {0EEE7F7C-5414-4CA7-A534-C2F2E0A8738F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh => {711001CD-CC1D-4470-9B7E-1EF73849C79E} C:\Windows\System32\MitigationConfiguration.dll [131072 2025-09-09] (Microsoft Corporation) Task: {4D8B7A8B-0E1C-45A9-8A64-27E4DFD546BE} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [172032 2025-09-09] (Microsoft Corporation) Task: {7285636E-5715-48F0-A8FF-3CFB5893A966} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [172032 2025-09-09] (Microsoft Corporation) Task: {9502BA57-83E9-4A49-BE40-6159EAC53B62} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync => {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B} C:\Windows\System32\srmclient.dll [1179648 2025-09-09] (Microsoft Corporation) Task: {385EB27E-5315-4FC5-8EF9-ED1851D7A49C} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) => {89917B7C-A1A6-11DF-8BF6-18A90531A85A} C:\Windows\System32\fhtask.dll [81920 2025-09-09] (Microsoft Corporation) Task: {F9EAF992-7E23-45E2-A3F6-6F97EBC416E2} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting => {D759C938-B375-41CB-A2A2-E6D866A767F4} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {83982224-1ED8-4AF6-B76F-202675F3094C} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\GovernedFeatureUsageProcessing => {866F38A9-0302-4926-A36F-E4BAABAAE116} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {AB2EC0ED-5C56-4742-9CD7-A4242FDE648A} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs => {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {6380E331-61FC-4BC0-8723-7ECB2272478A} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => {59EECBFE-C2F5-4419-9B99-13FE05FF2675} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {6BD72692-AE1C-40A4-BD97-6E37732A3F35} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing => {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {F7A4F7D4-986E-4A2D-B3C3-A0A0DD001964} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver => {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {ECCE7327-0E42-4D19-999E-B5B0151ADD38} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting => {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} C:\Windows\System32\fcon.dll [794624 2025-09-09] (Microsoft Corporation) Task: {E5DAFE8A-DA05-457C-8C66-DB5A71445323} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache => {E07647F7-AED2-48D9-9720-939BC24A8A3C} C:\Windows\System32\wosc.dll [471040 2025-09-09] (Microsoft Corporation) Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [200704 2025-09-09] () Task: {21D037AB-3AA8-4E0F-8FF1-04CA57EF7F25} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\Windows\system32\cmd.exe [344064 2025-09-09] (Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd Task: {024CA416-69DD-4124-AD81-1BEC21AD367C} - System32\Tasks\Microsoft\Windows\Input\InputSettingsRestoreDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {D7FC35C7-34C3-4D0D-B255-CAADE9C2E090} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {434296AC-B938-42FE-8871-7AB1F1E8BEE2} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {5020877C-FCA4-4A49-B02D-926501FDB77B} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {050CB3E1-BFE8-4468-9285-ED1E66E0E3B8} - System32\Tasks\Microsoft\Windows\Input\RemoteMouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {A30BB986-63D7-4477-A106-ECA2C5215750} - System32\Tasks\Microsoft\Windows\Input\RemotePenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {2FB5B95B-24A6-44DC-AE8E-CA75E516E6A0} - System32\Tasks\Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {386A631A-CAE3-48DE-ACFE-3137D4CD1C61} - System32\Tasks\microsoft\windows\input\syncpensettings => {3ECEE215-83F5-4123-A592-74F1FE4C3D59} C:\Windows\System32\SettingsHandlers_Pen.dll [516096 2025-09-09] (Microsoft Corporation) Task: {EBC1FBF2-3E90-4E57-B53C-33C6ACB435FB} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [311296 2025-09-09] (Microsoft Corporation) Task: {497E1A38-F975-4158-A775-2A3EB053F644} - System32\Tasks\Microsoft\Windows\InstallService\RestoreDevice => {7F019157-05C8-473F-8664-2BA04A090DC8} C:\Windows\System32\InstallServiceTasks.dll [421888 2025-09-09] (Microsoft Corporation) Task: {B2301A61-DA96-4438-AF41-9B8864D59F67} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates => {A558C6A5-B42B-4C98-B610-BF9559143139} C:\Windows\System32\InstallServiceTasks.dll [421888 2025-09-09] (Microsoft Corporation) Task: {53F72FF9-4DB7-4FAB-BB8A-A635EB34E10F} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser => {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} C:\Windows\System32\InstallServiceTasks.dll [421888 2025-09-09] (Microsoft Corporation) Task: {086B6188-FDC7-406C-9AC7-C9B32B6E7716} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry => {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} C:\Windows\System32\InstallServiceTasks.dll [421888 2025-09-09] (Microsoft Corporation) Task: {D4CAFB46-93D5-4E18-AA3D-20DE8826C425} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates => {0DC331EE-8438-49D5-A721-E10B937CE459} C:\Windows\System32\InstallServiceTasks.dll [421888 2025-09-09] (Microsoft Corporation) Task: {053354A1-BDC4-419C-89B7-EC01731AF165} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates => {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} C:\Windows\System32\InstallServiceTasks.dll [421888 2025-09-09] (Microsoft Corporation) Task: {824A786C-8D14-4BD5-AE7C-61CCDB4CEEFE} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [249352 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {863CD78A-0758-4D73-9995-73195045DAEE} - System32\Tasks\Microsoft\Windows\Kernel\La57Cleanup => C:\Windows\system32\la57setup.exe [40960 2025-09-09] (Microsoft Corporation) Task: {8B909FCF-7BD6-4374-98B7-F5E4513BB8EB} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [258048 2025-09-09] (Microsoft Corporation) Task: {023A6A90-6810-4BBD-8F9E-AFF9981BD6A4} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources => {D0582E3B-3126-4CAA-9155-AC37C912A489} Task: {3268D6FE-574B-44F4-816D-BBDCA47D058E} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [258048 2025-09-09] (Microsoft Corporation) Task: {1D65E5D8-2D83-4025-B8B3-0FC2192972B2} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange => {77646A68-AD14-4D53-897D-7BE4DDE5F929} C:\Windows\System32\TempSignedLicenseExchangeTask.dll [98304 2025-09-09] (Microsoft Corporation) Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File) Task: {D65186C7-C4E4-43DF-A485-050BBF1DBBF0} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [106496 2025-09-09] (Microsoft Corporation) Task: {731E952A-D01C-4D49-A37F-C8F1396F13B7} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [417792 2025-09-09] (Microsoft Corporation) Task: {EA454F25-D763-42A3-B501-5F741CAA5BB8} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [221184 2025-09-10] (Microsoft Corporation) Task: {B385CC07-5D33-4329-847E-1231807E3A1A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [221184 2025-09-10] (Microsoft Corporation) Task: {0F79111A-3C39-48C3-9A5E-B9BD89E8D385} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [114688 2025-09-09] (Microsoft Corporation) Task: {17C2E7E1-51B3-4F45-8EA8-3D8334DB66CF} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [114688 2025-09-09] (Microsoft Corporation) Task: {33633593-08C9-463E-B57F-0DABB42098C5} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\Windows\system32\MdmDiagnosticsTool.exe [90112 2025-09-09] (Microsoft Corporation) Task: {BAA6BFA5-88F3-4108-BD13-401B4C431121} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry => C:\Windows\system32\ProvTool.exe [114688 2025-09-09] (Microsoft Corporation) Task: {D1B5BFAC-8670-441D-9D56-45F4AFAD548E} - System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot => C:\Windows\system32\ProvTool.exe [114688 2025-09-09] (Microsoft Corporation) Task: {D52A78FD-0791-4BF2-8602-D6C4777A145D} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask => {9885AEF2-BD9F-41E0-B15E-B3141395E803} C:\Windows\System32\mapstoasttask.dll [81920 2025-09-09] (Microsoft Corporation) Task: {3618F5DB-17E6-4B70-BD4A-D3F82EC3B63E} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask => {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} C:\Windows\System32\mapsupdatetask.dll [77824 2025-09-09] (Microsoft Corporation) Task: {61EF9E94-033F-49C8-B7A7-C66594D11217} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\AutomaticOfflineMemoryDiagnostic => {44f6c389-604a-4363-b09a-f38da08e6079} C:\Windows\System32\MemoryDiagnostic.dll [176128 2025-09-09] (Microsoft Corporation) Task: {74C97C1D-BE52-4B8E-9A19-489685365D26} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents => {8168e74a-b39f-46d8-adcd-7bed477b80a3} C:\Windows\System32\MemoryDiagnostic.dll [176128 2025-09-09] (Microsoft Corporation) Task: {0BAEFF30-405C-4272-B1F9-CCDEA22C2169} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic => {8168e74a-b39f-46d8-adcd-7bed477b80a3} C:\Windows\System32\MemoryDiagnostic.dll [176128 2025-09-09] (Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File) Task: {8974D66A-7871-4688-9C1C-161573A419A4} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [131072 2025-09-09] (Microsoft Corporation) Task: {1C88B08F-C544-4B23-869D-D5050316AC18} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [147456 2025-09-09] (Microsoft Corporation) Task: {E6010D43-6AE7-4B59-8E67-EC78FD8E8E96} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler => {5AA199A0-1CED-43A5-9B85-3226086738A3} Task: {B8AE930D-D1A3-4BE8-A42B-51308A375CB8} - System32\Tasks\Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies => {706B965A-8308-4CD4-9900-87C2D79C121B} C:\Windows\System32\netprofm.dll [438272 2025-09-09] (Microsoft Corporation) Task: {5B35F89B-B670-40F3-8121-E0D9D51579A6} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [185776 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {CC5D5C7D-D21E-4C3E-BD09-05E110B1DD4C} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\Windows\System32\cscui.dll [831488 2025-09-09] (Microsoft Corporation) Task: {4A7C5D3A-8448-4522-A142-F93828759984} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\Windows\System32\cscui.dll [831488 2025-09-09] (Microsoft Corporation) Task: {60EC1D56-6592-40F9-8CBC-4FEBB1546FF5} - System32\Tasks\Microsoft\Windows\PCRPF\PCR Prediction Framework Firmware Update Task => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\pcrpf.dll,NotifyFirmwareUpdateStaged Task: {412C1F63-7B83-45B3-9962-D3C2DCFC4BD2} - System32\Tasks\Microsoft\Windows\PerformanceTrace\RequestTrace => {9efeb182-2ee3-4af9-affa-521410d110d1} C:\Windows\system32\PerformanceTraceHandler.dll [147456 2025-09-09] (Microsoft Corporation) Task: {E3602202-81C0-4F1C-88F8-5BBFB5113545} - System32\Tasks\Microsoft\Windows\PerformanceTrace\WhesvcToast => {c34546ad-2e37-41d9-8e23-277837b7a234} C:\Windows\system32\PerformanceTraceHandler.dll [147456 2025-09-09] (Microsoft Corporation) Task: {9CCA4E3A-F32F-4D63-B2DB-883A94140DA9} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\Windows\system32\SecureBootEncodeUEFI.exe [95232 2024-05-23] (Microsoft Corporation) Task: {0833C7CE-6C4D-489D-9947-80C63834EF00} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [581632 2025-09-09] (Microsoft Corporation) Task: {6F8479BF-FB21-4CD2-8CE9-36C373303667} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [581632 2025-09-09] (Microsoft Corporation) Task: {32223710-817E-4F06-B592-FC3E9148C7B6} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy => {60400283-B242-4FA8-8C25-CAF695B88209} C:\Windows\System32\pnppolicy.dll [90112 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {C37138D9-47FB-429C-B098-33C5BE461E3E} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required => {48794782-6A1F-47B9-BD52-1D5F95D49C1B} C:\Windows\System32\pnpui.dll [77824 2024-04-01] (Microsoft Windows -> Microsoft Corporation) Task: {E98AFDFB-4B5D-4DC1-9DCF-5DD16ED4B901} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => {DEF03232-9688-11E2-BE7F-B4B52FD966FF} Task: {BC910DFC-AF38-44AE-80B7-36504BAE7749} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [438272 2025-09-09] (Microsoft Corporation) Task: {6A53E0A1-B356-4014-BAB2-012091BE1BE6} - System32\Tasks\Microsoft\Windows\Pluton\Pluton-Ksp-Provisioning => {997E11E1-0EFF-40BD-9B25-8DA694816600} C:\Windows\system32\PlutonTasks.dll [102400 2025-09-09] (Microsoft Corporation) Task: {F3475DC3-625B-48EA-B471-DDB64F03977D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE} C:\Windows\System32\energytask.dll [53248 2024-04-01] (Microsoft Corporation) Task: {89CB1F37-7249-46BB-8136-2A842FD64BCE} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [143360 2025-09-09] (Microsoft Corporation) Task: {5297A9C1-50B4-4FAF-B986-96493046DA3F} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [159744 2025-09-09] (Microsoft Corporation) Task: {694CFE9E-EF92-4F44-880A-613DBB5A32F1} - System32\Tasks\Microsoft\Windows\Printing\PrintJobCleanupTask => {8ABCE260-32B6-476C-AE13-B34D0C91292D} C:\Windows\System32\PrinterCleanupTask.dll [159744 2025-09-09] (Microsoft Corporation) Task: {9350A8AF-7118-43D4-951C-6D9B9CD6C6BD} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => C:\Windows\system32\sc.exe [102400 2025-09-09] (Microsoft Corporation) -> start pushtoinstall login Task: {88B9FE11-97A9-4B2F-9FA7-A85642B0AFED} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => C:\Windows\system32\sc.exe [102400 2025-09-09] (Microsoft Corporation) -> start pushtoinstall registration Task: {C90F18E7-745C-44E7-9D02-463B6BE97450} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {C463A0FC-794F-4FDF-9201-01938CEACAFA} C:\Windows\system32\rasmbmgr.dll [90112 2024-04-01] (Microsoft Windows -> Microsoft Corporation) Task: {35F07B74-3228-49B0-AFAA-1AAA5AD480A7} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047} C:\Windows\System32\ReAgentTask.dll [40960 2025-09-09] (Microsoft Corporation) Task: {FD953D65-B217-4C79-946C-40F34EA51665} - System32\Tasks\Microsoft\Windows\ReFsDedupSvc\Initialization => {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} C:\Windows\System32\ReFsDedupSvc.exe [2191360 2025-09-09] (Microsoft Corporation) Task: {81A02E60-1890-47D6-AA36-4416EDF073FE} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {CA767AA8-9157-4604-B64B-40747123D5F2} C:\Windows\System32\regidle.dll [40960 2025-09-09] (Microsoft Corporation) Task: {76BDF487-DB81-45B2-8D85-7BE3A77647B9} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [159744 2025-09-09] (Microsoft Corporation) -> %windir%\/offerraupdate Task: {CB23898C-07ED-45A2-8529-F6A8F8235967} - System32\Tasks\Microsoft\Windows\Servicing\OOBEFodSetup => C:\Windows\system32\OOBEFodSetup.exe [40960 2025-09-09] (Microsoft Corporation) Task: {3103A74F-970C-4D84-A348-24D2450F72A3} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => {752073A1-23F2-4396-85F0-8FDB879ED0ED} C:\Windows\servicing\TrustedInstaller.exe [247168 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {6E9522D4-5ECB-478B-90ED-91561B8D4524} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => {7750564D-D61C-4557-8A9D-7DF56BDCFF96} Task: {9E61170E-82C0-4506-9499-699611AE7BF9} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask => {990A9F8F-301F-45F7-8D0E-68C5952DBA43} C:\Windows\system32\shell32.dll [7703576 2025-09-10] (Microsoft Windows -> Microsoft Corporation) Task: {1577E872-F23F-41CA-9935-97CC72D6A015} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [1224552 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {3F29C71B-509E-45C9-B4B0-CC08875EA007} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask => {C844C79D-AED8-4DCE-AB25-4D359BED84F8} C:\Windows\System32\WpcRefreshTask.dll [1073152 2025-09-09] (Microsoft Corporation) Task: {CB3FE234-86FD-480D-B99F-8D64B8CD2FCA} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance => {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} C:\Windows\System32\srchadmin.dll [311296 2025-09-09] (Microsoft Corporation) Task: {BAAD3A4A-D43E-4282-8FF8-DB4C1FE0D633} - System32\Tasks\Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState => {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} C:\Windows\System32\Windows.UI.Immersive.dll [1359872 2025-09-09] (Microsoft Corporation) Task: {623E8262-63F5-4D54-B90B-09D21A347C4B} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [184320 2025-09-09] (Microsoft Corporation) Task: {1ADC697A-24A7-4976-BDF2-26642DD9EDFF} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1359872 2025-09-09] (Microsoft Corporation) Task: {EBBD491B-D054-4669-AB31-07F0B5970A6F} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [655360 2025-09-09] (Microsoft Corporation) Task: {5FFBF5D5-77BD-42D7-A505-01FCE106375A} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [655360 2025-09-09] (Microsoft Corporation) Task: {9B410F40-12C4-4D00-9590-9F7837C2FE4E} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [655360 2025-09-09] (Microsoft Corporation) Task: {5D30627B-A7A3-4C57-9B4D-05976FBC73CF} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [229376 2025-09-09] (Microsoft Corporation) Task: {DB50AD04-05BC-474F-93EB-C341D19BC4DB} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [112024 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {E6C7550D-E55B-4429-B9DF-F0802C7E96F1} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [217088 2025-09-09] (Microsoft Corporation) Task: {E514D19D-6BC0-4298-A90D-AA41B59396A1} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks Task: {D8BCE74A-1F26-46E6-9D24-84BF4ABBA4D3} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [348160 2025-09-09] (Microsoft Corporation) Task: {8937A0CF-1957-42EF-BC56-4A45225A53CB} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\Windows\system32\defrag.exe [241664 2025-09-09] (Microsoft Corp.) Task: {7ABCD538-1551-433D-9E08-91FBFB4ED04B} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [144792 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {3027F416-0269-4A3B-AE59-51303BE43E9D} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [144792 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {6B549F30-9F73-486A-9FFB-D9A4B9B0B516} - System32\Tasks\Microsoft\Windows\Sustainability\PowerGridForecastTask => {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} C:\Windows\system32\PowerGridForecastTask.dll [331776 2025-09-09] (Microsoft Corporation) Task: {ACDAAFB1-FB38-4565-9A19-E9E8412A1641} - System32\Tasks\Microsoft\Windows\Sustainability\SustainabilityTelemetry => {6EE41D75-D091-4FB7-9AD5-018760DD25D4} C:\Windows\system32\EcoScoreTask.dll [69632 2025-09-09] (Microsoft Corporation) Task: {A6CC9955-DA1C-40A6-AADF-620FAF810BA6} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => {17C82257-654E-4C47-8E23-DCA24EAA76A0} C:\Windows\system32\sysmain.dll [1007616 2025-09-09] (Microsoft Corporation) Task: {7793D1DA-8479-4F54-9C92-B8A43BDF293F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} C:\Windows\system32\sysmain.dll [1007616 2025-09-09] (Microsoft Corporation) Task: {0A3D2698-8228-462D-A139-FA1DD68CE37D} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync => {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} C:\Windows\system32\sysmain.dll [1007616 2025-09-09] (Microsoft Corporation) Task: {A49BC374-394E-43D1-A5A7-2B1EE849351E} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> sysmain.dll,PfSvWsSwapAssessmentTask Task: {B757E9B6-9B2B-44AF-B8AD-2BBD5CFB1671} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [81920 2024-04-01] (Microsoft Corporation) Task: {B9DBE743-6F45-488B-AF39-2CD4016D60A7} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855FEC53-D2E4-4999-9E87-3414E9CF0FF4} C:\Windows\system32\wdc.dll [806912 2025-09-09] (Microsoft Corporation) Task: {6E2FF6C7-5CB1-44F3-B28F-54ED797AC95B} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} C:\Windows\system32\MsCtfMonitor.dll [102400 2025-09-09] (Microsoft Corporation) Task: {BE34C44D-1192-446D-AE35-7C9214A07A0A} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime => {A31AD6C2-FF4C-43D4-8E90-7101023096F9} C:\Windows\system32\TimeSyncTask.dll [45056 2025-09-09] (Microsoft Corporation) Task: {B4EC4778-2619-41D7-A0EF-A5558FFF1ADC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => C:\Windows\system32\sc.exe [102400 2025-09-09] (Microsoft Corporation) -> start w32time task_started Task: {2A17D950-8899-44EB-89E5-405C0B59D9C2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [236032 2025-09-09] (Microsoft Corporation) Task: {D3CA477E-892F-4934-A84F-B7330FA554F7} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [581632 2025-09-09] (Microsoft Corporation) Task: {DEB60991-AFDF-4734-B157-EF79367C1ACA} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [581632 2025-09-09] (Microsoft Corporation) Task: {FAD42263-467A-4AC1-A7EB-244928313A8D} - System32\Tasks\Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [581632 2025-09-09] (Microsoft Corporation) Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [463232 2024-05-23] (Microsoft Windows -> Microsoft Corporation) Task: {225E1AAD-E5E1-4224-8C78-3971950A447E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe [514496 2020-11-10] (Microsoft Corporation -> Microsoft Corporation) Task: {C5A6D30E-582F-415F-B504-CE74EE3341E7} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [514496 2020-11-10] (Microsoft Corporation -> Microsoft Corporation) Task: {4A728C2A-C911-43F0-823E-0F84040B68AB} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [514496 2020-11-10] (Microsoft Corporation -> Microsoft Corporation) Task: {5459D568-3745-4D60-BD81-F1073E7C85BC} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [514496 2020-11-10] (Microsoft Corporation -> Microsoft Corporation) Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {9A8079F7-B452-430E-9BC2-C625CC7D877F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File) Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe Reboot (No File) Task: {60466A32-EDAE-44A3-8DDB-3C004681397C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File) Task: {40E6281F-7C4C-45BD-AEF4-1F63A0EF4ED2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File) Task: {EC2A03E8-2F81-4030-A3A7-53DAC1DB0E2D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {2D978B40-B4E9-4A09-B736-C8991B990FED} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {0F95DB85-8F35-4B2A-93DE-E4A31A713F54} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {46A2186D-816F-4382-9980-DA8AC1A1B2D7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {F0CADDA9-BCC8-4116-8307-7EF72FD649A5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {0AF6A994-1B3A-4B10-B485-9753CE6DF6A4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Start Oobe Expedite Work => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {EDC62534-48CF-4D30-A263-32780ED68B57} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {DD6E2608-767B-4449-BB55-45CAD83FADA4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScanAfterUpdate => C:\Windows\system32\usoclient.exe [86016 2025-09-09] (Microsoft Corporation) Task: {A080E9C1-B700-4F98-9D03-57EAAF659480} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator => C:\Windows\system32\UIEOrchestrator.exe [443808 2025-09-09] (Microsoft Windows -> ) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe Display (No File) Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe ReadyToReboot (No File) Task: {AE889AF2-B6E2-4941-8C89-FCD4EB658F9B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task => C:\Windows\System32\MLEngineStub.exe [86016 2025-09-09] (Microsoft Corporation) Task: {6CA8B686-3177-4FF3-86AB-EA5ECCAE64E3} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => C:\WINDOWS\system32\sc.exe [102400 2025-09-09] (Microsoft Corporation) -> config upnphost start= auto Task: {C4976E90-6B5C-45B9-ACA5-7F5CC2044584} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications => {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} C:\Windows\System32\UsbTask.dll [90112 2025-09-09] (Microsoft Corporation) Task: {25D10847-F3F9-4477-8F94-B56D3179716D} - System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask => {BA677074-762C-444B-94C8-8C83F93F6605} C:\Windows\system32\profsvc.dll [577536 2025-09-10] (Microsoft Corporation) Task: {D2E8BEB4-6AC1-4881-8DAD-33150CE72101} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {2C0B586A-AC15-4863-A89E-664DEF94EC3F} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [185776 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {4C63A334-2548-434D-8B00-16514798798F} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} C:\Windows\System32\wdi.dll [126976 2025-09-09] (Microsoft Corporation) Task: {6FD85B93-7A13-4DCA-B793-1D7D18FEAC39} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [300440 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {70EA4628-714E-4EA6-A8A7-FA417104A9CA} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\WINDOWS\system32\rundll32.exe [98304 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> bfe.dll,BfeOnServiceStartTypeChange Task: {589D23F3-61C5-4B62-A632-93429265A34F} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [98304 2025-09-09] (Microsoft Corporation) Task: {59E1EA28-1592-4122-BFB1-FD430B47E673} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\InitialConfiguration => {709FD5EF-7296-4154-BD3A-E9830FCFA60A} C:\Windows\system32\ShellConfigTask.dll [294912 2025-09-09] (Microsoft Corporation) Task: {B6E6A732-ACDA-4259-8A5B-549B0C3FAD07} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration => {0BE6820D-B667-4CB6-931B-C153A77DA895} C:\Windows\system32\ShellConfigTask.dll [294912 2025-09-09] (Microsoft Corporation) Task: {B7E72381-0572-4F3E-8389-155A911EF76C} - System32\Tasks\Microsoft\Windows\WindowsAI\Settings\InitialConfiguration => {2886e5fb-4f01-4a89-9a0e-5d6a9c8048ac} C:\Windows\system32\SettingsConfigTask.dll [221184 2025-09-09] (Microsoft Corporation) Task: {47280794-6FA6-4302-8DA5-F7AD59555015} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490D-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [807176 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {95425085-1A14-4B85-9028-E50D0FC160B4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [139672 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {883B8686-2EB3-4F38-B6F6-157C3A8ED509} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe [383360 2025-06-06] (Microsoft Windows -> Microsoft Corporation) Task: {A0FB6F87-FEC5-46F8-843B-B58DD5E06AD6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\System32\sc.exe [102400 2025-09-09] (Microsoft Corporation) -> start wuauserv Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [549104 2025-09-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {624E1293-9271-4BE0-B2E5-41A4A5154081} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358B920-0AC7-461F-98F4-58E32CD89148} C:\Windows\system32\wininet.dll [2674864 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {0C9E24B1-FA69-4154-B7F3-041454657229} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync => {B0D2B535-12E1-439F-86B3-BADA289510F0} C:\Windows\System32\WiFiCloudStore.dll [376832 2025-09-09] (Microsoft Corporation) Task: {67121E94-8B59-4246-A2CE-D5C90ED9C316} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [843776 2025-09-09] (Microsoft Corporation) Task: {AE665074-4E1F-4D1D-B252-890ED81B1180} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [57344 2025-09-09] (Microsoft Corporation) Task: {AE8101F4-C89A-40AD-AAC9-D25F6E8AABAA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [57344 2025-09-09] (Microsoft Corporation) Task: {C95FFAF4-B1AC-4629-8092-1BDE3AD92803} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => {97D47D56-3777-49FB-8E8F-90D7E30E1A1E} C:\Windows\System32\WorkFoldersShell.dll [233472 2025-09-09] (Microsoft Corporation) Task: {397322B5-D595-4F1E-BD03-8692D5FF4C29} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} C:\Windows\System32\WorkFoldersShell.dll [233472 2025-09-09] (Microsoft Corporation) Task: {ABE99E23-4D6E-4AB2-B67C-0E57C1BC2D10} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [524288 2025-09-09] (Microsoft Corporation) Task: {34302CB6-1B34-4AC0-B652-672CDD164780} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync => {C662D912-E4D6-44A3-89A0-20550514951D} C:\Windows\System32\dsregtask.dll [77824 2025-09-09] (Microsoft Corporation) Task: {A47C623F-DBF2-42C4-887A-4BFE7AAAEC6D} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [524288 2025-09-09] (Microsoft Corporation) Task: {73EA68AF-816A-4184-9D0D-BD9F95777E69} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [185776 2025-09-09] (Microsoft Windows -> Microsoft Corporation) Task: {D6202CD9-DA83-4CCD-8770-2D23C3500179} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [585728 2025-09-09] (Microsoft Corporation) Task: {08096759-0895-4572-A56D-BF687397A9DF} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [61440 2025-09-09] (Microsoft Corporation) Task: {67DF16E5-F055-4805-A86A-8C8ED7C6212B} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8a017ba0c4326 => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [214952 2021-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {D7BD65B9-707A-4536-9CD9-8CA08F51E805} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [214952 2021-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {36DBFA4F-6DC1-44DB-AE16-60F49489D35D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {428F16F4-46BE-4312-948F-7BEF2C72F509} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1129953341-909748901-444229093-2362 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {4E3CD861-9788-42C6-B921-0893B7BB65FB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-59491961-3473679235-3982899818-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {7FBE5F24-5898-4C3B-9D51-17A5152B0B21} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-59491961-3473679235-3982899818-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {9E3B2073-A81B-4BB5-A023-3EE30DEABB93} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-59491961-3473679235-3982899818-1007 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {AE396E89-5D14-4809-ACAD-0EE50A176FCB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1129953341-909748901-444229093-2362 => C:\Program Files\Microsoft OneDrive\25.155.0811.0002\OneDriveLauncher.exe /startInstances (No File) Task: {D57D12B2-2D1D-4D15-BF16-3C7E96068EBB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-59491961-3473679235-3982899818-1001 => C:\Program Files\Microsoft OneDrive\25.155.0811.0002\OneDriveLauncher.exe /startInstances (No File) Task: {9F353AF5-FB90-4212-B7C8-BFD543745EBB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-59491961-3473679235-3982899818-1006 => C:\Program Files\Microsoft OneDrive\25.194.1005.0003\OneDriveLauncher.exe [725864 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {116333A8-44CB-4CFF-A111-CCED8D228919} - System32\Tasks\OneDrive Startup Task-S-1-5-21-59491961-3473679235-3982899818-1007 => C:\Program Files\Microsoft OneDrive\25.194.1005.0003\OneDriveLauncher.exe [725864 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) Task: {D825D931-250A-45A3-A729-56FD4DB0546A} - System32\Tasks\RemoteDesktop\ChetanD\Remote Desktop Feed Refresh Task => C:\Users\chetand\AppData\Local\Apps\Remote Desktop\msrdcw.exe [9511496 2025-07-15] (Microsoft Corporation -> Microsoft) Task: {6D5AA65F-6CF6-4593-A87D-75AAA067B856} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {553E0C3C-2995-468A-AEF2-23652DE568AF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1DFB5273-30E7-4A87-9494-9060D2734011} - System32\Tasks\User_Feed_Synchronization-{56B6591F-0D07-40BC-B627-791940F8AFA0} => C:\WINDOWS\System32\msfeedssync.exe [36864 2025-09-09] (Microsoft Corporation) Task: {49E5D3B6-63C8-4E3B-AB4F-2F18952868FB} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1129953341-909748901-444229093-2362 => C:\Users\chetand\AppData\Roaming\Zoom\bin\Zoom.exe [451504 2025-08-27] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) Task: {5E1E595B-893B-4490-AF68-2964BBE0C3E1} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-59491961-3473679235-3982899818-1007 => C:\Users\crdod\AppData\Roaming\Zoom\bin\Zoom.exe [462776 2025-09-29] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1129953341-909748901-444229093-2362.job => C:\Users\chetand\AppData\Local\GoToMeeting\19992\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1129953341-909748901-444229093-2362.job => C:\Users\chetand\AppData\Local\GoToMeeting\19992\g2mupload.exe ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.) S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5631928 2025-10-30] (AnyDesk Software GmbH -> AnyDesk Software GmbH) S2 AsHidService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2022-07-25] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S2 ASLDRService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2022-07-25] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851704 2025-11-03] (Bitdefender SRL -> Bitdefender) S2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2025-11-03] (Bitdefender SRL -> Bitdefender) S2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2025-11-03] (Bitdefender SRL -> Bitdefender) S2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966176 2023-07-20] (Bitdefender SRL -> Bitdefender) S2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender) S2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851704 2025-11-03] (Bitdefender SRL -> Bitdefender) S2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [516928 2025-03-20] (Bitdefender SRL -> Bitdefender) S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13366704 2025-10-30] (Microsoft Corporation -> Microsoft Corporation) S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [129016 2022-07-25] (Intel(R) CherryTrail Windows -> Intel Corporation) S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [132600 2022-07-25] (Intel(R) CherryTrail Windows -> Intel Corporation) S2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [463808 2024-01-17] (Samsung Electronics CO., LTD. -> ) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.194.1005.0003\FileSyncHelper.exe [3604880 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2023-10-26] (Huawei Technologies Co., Ltd. -> ) S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446360 2022-04-27] (Canon Inc. -> ) S2 logi_lamparray_service; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-17] (Logitech Inc -> Logitech, Inc.) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-02-27] (Microsoft Windows Publisher -> Microsoft Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.194.1005.0003\OneDriveUpdaterService.exe [3888488 2025-10-29] (Microsoft Corporation -> Microsoft Corporation) S2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project) S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project) S2 PasswordManagerSDKService; C:\Program Files (x86)\GZ Systems\PureVPN\PasswordManagerService\PasswordManager.Service.exe [149848 2025-04-24] (GZ Systems Limited -> PasswordManager.Service) S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [764808 2025-06-04] (Bitdefender SRL -> Bitdefender) S2 PureVPN Service; C:\Program Files (x86)\GZ Systems\PureVPN Service\Atom.SDK.WindowsService.exe [201720 2025-03-17] (GZ Systems Limited -> ) S2 QualysAgent; C:\Program Files\Qualys\QualysAgent\QualysAgent.exe [15783800 2025-08-11] (Qualys, Inc. -> Qualys, Inc.) S2 RedgateClient; C:\Program Files (x86)\Common Files\Red Gate\Shared Client\RedGate.Client.Service.exe [298312 2023-10-30] (Red Gate Software Ltd -> Red Gate Software Ltd) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [918456 2025-09-09] (Microsoft Windows Publisher -> Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [553472 2025-09-09] () S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16119104 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1725920 2016-09-23] (GlavSoft LLC -> GlavSoft LLC.) S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [303648 2025-11-03] (Bitdefender SRL -> Bitdefender) S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [43432 2025-10-15] (Microsoft Corporation -> Microsoft) S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2025-11-03] (Bitdefender SRL -> Bitdefender) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [163456 2025-08-12] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-02-27] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-02-27] (Microsoft Windows Publisher -> Microsoft Corporation) S2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvamsig.inf_amd64_e4c3c4c1c8a25084\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvamsig.inf_amd64_e4c3c4c1c8a25084\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S2 postgresql-x64-17; "D:\Program Files\PostgreSQL\17\bin\pg_ctl.exe" runservice -N "postgresql-x64-17" -D "D:\Program Files\PostgreSQL\17\data" -w ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [61440 2025-09-09] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\System32\DriverStore\FileRepository\acpipmi.inf_amd64_3ced06eb61dcc792\acpipmi.sys [53248 2025-09-09] (Microsoft Corporation) S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [745472 2025-09-09] (Microsoft Corporation) S1 afunix; C:\Windows\system32\drivers\afunix.sys [90112 2025-09-09] (Microsoft Corporation) S1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [37376 2025-09-09] (Microsoft Corporation) S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [376832 2025-09-09] (Microsoft Corporation) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [57344 2025-09-09] (Microsoft Corporation) S3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) S1 atc; C:\Windows\System32\drivers\atc.sys [8502344 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA) S1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2022-07-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S1 avpndriver; C:\Windows\System32\drivers\avpndriver.sys [116760 2025-03-17] (GZ Systems Limited -> Windows (R) Win 7 DDK provider) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2024-04-01] (Windows (R) Win 7 DDK provider) S2 BdDci4; C:\Windows\system32\DRIVERS\bddci4.sys [972848 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [24568 2023-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) S3 bdprivmon; C:\Windows\System32\drivers\bdprivmon.sys [49208 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 bduefiscan; C:\Windows\System32\drivers\bduefiscan.sys [53808 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S1 Beep; C:\Windows\System32\Drivers\Beep.sys [40960 2024-04-01] (Microsoft Corporation) S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [172032 2025-09-09] (Microsoft Corporation) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [602112 2025-09-09] (Microsoft Corporation) S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [147456 2025-09-09] (Microsoft Corporation) S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [126976 2025-09-09] (Microsoft Corporation) S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [204800 2025-09-09] (Microsoft Corporation) S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [155648 2025-09-09] (Microsoft Corporation) S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [86016 2025-09-09] (Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [114688 2025-09-09] (Microsoft Corporation) S3 BthPan; C:\Windows\System32\drivers\bthpan.sys [159744 2025-09-09] (Microsoft Corporation) S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [2314240 2025-09-09] (Microsoft Corporation) S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [139264 2025-09-09] (Microsoft Corporation) S3 CDD; C:\Windows\System32\cdd.dll [339968 2025-09-10] (Microsoft Corporation) S3 circlass; C:\Windows\System32\drivers\circlass.sys [90112 2025-09-09] (Microsoft Corporation) S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [589824 2025-09-09] (Microsoft Corporation) S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [94208 2025-09-09] (Microsoft Corporation) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 DisplayMux; C:\Windows\System32\DriverStore\FileRepository\displaymux.inf_amd64_da65a70f0c3ce0f3\DisplayMux.sys [57344 2025-09-09] (Microsoft Corporation) S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [250360 2022-07-25] (Intel(R) CherryTrail Windows -> Intel Corporation) S1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [94208 2025-09-09] (Microsoft Corporation) S1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1793112 2025-08-25] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA) S3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [204800 2025-09-09] (Microsoft Corporation) S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [155648 2025-09-09] (Microsoft Corporation) S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [122880 2025-09-09] (Microsoft Corporation) S3 HidIr; C:\Windows\System32\drivers\hidir.sys [81920 2025-09-09] (Microsoft Corporation) S3 HidSpiCx; C:\Windows\System32\drivers\HidSpiCx.sys [131072 2025-09-09] (Microsoft Corporation) S3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34488 2022-08-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) S3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [81920 2025-09-09] (Microsoft Corporation) S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [61440 2025-09-09] (Microsoft Corporation) S2 Ignisv2; C:\Windows\System32\drivers\ignisv2.sys [848456 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [94208 2025-09-09] (Microsoft Corporation) S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [65536 2025-09-09] (Microsoft Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [122880 2025-09-09] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [253952 2025-09-09] (Microsoft Corporation) S2 lltdio; C:\Windows\System32\drivers\lltdio.sys [106496 2025-09-09] (Microsoft Corporation) S3 logi_lamparray; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-17] (Logitech Inc -> Logitech, Inc.) S2 luafv; C:\Windows\system32\drivers\luafv.sys [188416 2025-09-09] (Microsoft Corporation) S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [491520 2025-09-10] (Microsoft Corporation) S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [122880 2025-09-09] (Microsoft Corporation) S3 Modem; C:\Windows\System32\drivers\modem.sys [81920 2025-09-09] (Microsoft Corporation) S3 monitor; C:\Windows\System32\drivers\monitor.sys [122880 2025-09-09] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [196608 2025-09-09] (Microsoft Corporation) S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [163840 2025-09-09] (Microsoft Corporation) S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [49152 2025-09-09] (Microsoft Corporation) S2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [106496 2025-09-09] (Microsoft Corporation) S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [856064 2025-09-09] (Microsoft Corporation) S1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [86016 2025-09-09] (Microsoft Corporation) S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [167936 2025-09-09] (Microsoft Corporation) S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [253952 2025-09-09] (Microsoft Corporation) S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [253952 2025-09-09] (Microsoft Corporation) S2 Ndu; C:\Windows\System32\drivers\Ndu.sys [192512 2025-09-09] (Microsoft Corporation) S2 NetworkPrivacyPolicy; C:\Windows\System32\DriverStore\FileRepository\networkprivacypolicy.inf_amd64_e73c465ec80e3c65\NetworkPrivacyPolicy.sys [118784 2025-09-10] () S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [77824 2025-09-09] (Microsoft Corporation) S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [868352 2025-09-09] (Microsoft Corporation) S3 PktMonApi; C:\Windows\System32\drivers\PktMonApi.sys [61440 2025-09-09] (Microsoft Corporation) S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [53248 2025-09-09] (Microsoft Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [90112 2025-09-09] (Microsoft Corporation) S3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [57344 2025-09-09] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [208896 2025-09-09] (Microsoft Corporation) S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [249856 2025-09-09] (Microsoft Corporation) S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [143360 2025-09-09] (Microsoft Corporation) S3 RoutePolicy; C:\Windows\System32\drivers\RoutePolicy.sys [118784 2025-09-10] (Microsoft Corporation) S2 rspndr; C:\Windows\System32\drivers\rspndr.sys [122880 2025-09-09] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [77824 2025-09-09] (Microsoft Corporation) S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [274432 2025-09-09] (Microsoft Corporation) S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [86016 2025-09-09] (Microsoft Corporation) S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [1019904 2025-09-10] (Microsoft Corporation) S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [401408 2025-09-10] (Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [86016 2025-09-10] (Microsoft Corporation) S2 Trufos; C:\Windows\System32\drivers\Trufos.sys [630320 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [98304 2025-09-09] (Microsoft Corporation) S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [69632 2025-09-09] (Microsoft Corporation) S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [163840 2025-09-09] (Microsoft Corporation) S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [167936 2025-09-09] (Microsoft Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [221184 2025-09-09] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [217088 2025-09-09] (Microsoft Corporation) S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [77824 2025-09-09] (Microsoft Corporation) S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [196608 2025-09-09] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [401408 2025-09-09] (Microsoft Corporation) S1 uiomap; C:\Windows\System32\DriverStore\FileRepository\uiomap.inf_amd64_30a8c41a2a11d155\uiomap.sys [73728 2025-09-09] (Microsoft Corporation) S3 usb-platformdetection; C:\Windows\System32\DriverStore\FileRepository\usb-platformdetection.inf_amd64_9f32641513a2b598\usb-platformdetection.sys [53248 2025-09-09] () S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [294912 2025-09-09] (Microsoft Corporation) S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [401408 2025-09-09] (Microsoft Corporation) S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [147456 2025-09-09] (Microsoft Corporation) S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [69632 2025-09-09] (Microsoft Corporation) S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [110592 2025-09-09] (Microsoft Corporation) S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [73728 2025-09-09] (Microsoft Corporation) S3 vhf; C:\Windows\System32\drivers\vhf.sys [90112 2025-09-09] (Microsoft Corporation) S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_4dd0e6d66a75bb7e\vrd.sys [53248 2025-09-09] (Microsoft Corporation) S0 vlflt; C:\Windows\System32\drivers\vlflt.sys [1445936 2025-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 vwifibus; C:\Windows\System32\DriverStore\FileRepository\netvwifibus.inf_amd64_ab4e111fe8221178\vwifibus.sys [65536 2025-09-09] (Microsoft Corporation) S1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [122880 2025-09-09] (Microsoft Corporation) S3 vwifimp; C:\Windows\System32\DriverStore\FileRepository\netvwifimp.inf_amd64_f582fa38c522282e\vwifimp.sys [90112 2025-09-09] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2025-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2025-02-27] (Microsoft Windows -> Microsoft Corporation) S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [1126400 2025-09-09] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2025-02-27] (Microsoft Windows -> Microsoft Corporation) S3 Wificx; C:\Windows\System32\drivers\WifiCx.sys [1171456 2025-09-09] (Microsoft Corporation) S3 WINUSB; C:\Windows\System32\drivers\WinUsb.sys [139264 2025-09-09] (Microsoft Corporation) S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [61440 2025-09-09] (Microsoft Corporation) S3 WSDPrintDevice; C:\Windows\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-09-09] (Microsoft Corporation) S3 WSDScan; C:\Windows\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-09] (Microsoft Corporation) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [417792 2025-09-09] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [102400 2025-09-09] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (All) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2025-11-04 13:20 - 2025-11-04 13:20 - 000000000 ____D C:\FRST 2025-11-04 10:54 - 2025-11-04 10:54 - 000000000 ___HD C:\$SysReset 2025-11-04 10:02 - 2023-07-17 12:03 - 000000232 _____ C:\Users\Public\Desktop\Canon G4010 series Online Manual.url 2025-11-04 09:50 - 2025-11-04 09:57 - 000000000 ____D C:\$Windows.~BT 2025-11-04 02:07 - 2025-11-04 02:07 - 001581386 _____ C:\Windows\Minidump\110425-11859-01.dmp 2025-11-04 01:47 - 2025-11-04 01:47 - 001588762 _____ C:\Windows\Minidump\110425-9093-01.dmp 2025-11-04 01:43 - 2025-11-04 01:43 - 001588434 _____ C:\Windows\Minidump\110425-8875-01.dmp 2025-11-04 01:17 - 2025-11-04 01:17 - 001583258 _____ C:\Windows\Minidump\110425-12578-01.dmp 2025-11-04 01:01 - 2025-11-04 01:01 - 001586170 _____ C:\Windows\Minidump\110425-12546-01.dmp 2025-11-04 00:54 - 2025-11-04 00:54 - 001609282 _____ C:\Windows\Minidump\110425-12125-01.dmp 2025-11-04 00:47 - 2025-11-04 00:47 - 001583098 _____ C:\Windows\Minidump\110425-13421-01.dmp 2025-11-03 22:17 - 2025-11-04 10:02 - 008388608 ___SH C:\tmpgfile.sys 2025-11-03 21:41 - 2025-11-04 13:01 - 000000000 _____ C:\Recovery.txt 2025-11-03 16:41 - 2025-11-03 16:41 - 001596074 _____ C:\Windows\Minidump\110425-9015-01.dmp 2025-11-03 14:24 - 2025-11-03 14:24 - 001582370 _____ C:\Windows\Minidump\110325-8890-01.dmp 2025-11-03 13:44 - 2025-11-03 13:44 - 001587418 _____ C:\Windows\Minidump\110325-12812-01.dmp 2025-11-03 13:37 - 2025-11-03 13:37 - 001586122 ____N C:\Windows\Minidump\110325-14359-01.dmp 2025-11-03 13:32 - 2025-11-03 13:32 - 001582962 _____ C:\Windows\Minidump\110325-12531-01.dmp 2025-11-03 12:48 - 2025-11-03 12:48 - 001595336 _____ C:\Windows\Minidump\110325-12921-01.dmp 2025-11-03 10:33 - 2025-11-03 10:33 - 001585906 _____ C:\Windows\Minidump\110325-8968-01.dmp 2025-11-03 10:23 - 2025-11-03 10:23 - 001599258 _____ C:\Windows\Minidump\110325-8875-01.dmp 2025-11-03 10:22 - 2025-11-03 10:22 - 000351466 _____ C:\Windows\ntbtlog.txt 2025-11-03 10:20 - 2025-11-03 10:20 - 001595682 _____ C:\Windows\Minidump\110325-11484-01.dmp 2025-11-03 09:33 - 2025-11-03 09:33 - 001600250 _____ C:\Windows\Minidump\110325-13656-01.dmp 2025-11-03 09:31 - 2025-11-03 09:31 - 001603266 _____ C:\Windows\Minidump\110325-15718-01.dmp 2025-11-03 09:23 - 2025-11-03 09:23 - 000000000 _____ C:\Windows\Minidump\110325-13921-01.dmp 2025-11-03 09:13 - 2025-11-03 09:13 - 001595674 _____ C:\Windows\Minidump\110325-14125-01.dmp 2025-11-03 08:58 - 2025-11-03 08:58 - 001586626 _____ C:\Windows\Minidump\110325-10171-01.dmp 2025-11-03 06:41 - 2025-11-03 06:41 - 003215662 ____N C:\Windows\Minidump\110325-10140-01.dmp 2025-11-03 06:16 - 2025-11-03 06:16 - 003767758 ____N C:\Windows\Minidump\110325-10078-01.dmp 2025-11-03 05:19 - 2025-11-03 05:19 - 003919298 ____N C:\Windows\Minidump\110325-10796-01.dmp 2025-11-03 04:40 - 2025-11-03 04:40 - 000000406 _____ C:\Users\crdod\Downloads\calendar - 2025-11-03T124044.334.ics 2025-11-03 04:05 - 2025-11-03 04:05 - 000005361 _____ C:\Users\crdod\Downloads\Microsoft Tech Brief_ Microsoft Fabric, The Data Platform for the AI Frontier – Highlights from FabCon Europe.ics 2025-11-03 03:05 - 2025-11-02 10:45 - 275933630 _____ C:\Users\crdod\Downloads\Shri Tulja Bhavani Arts Catalogue.pdf 2025-11-03 00:40 - 2025-11-03 00:40 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Mythicsoft 2025-11-03 00:37 - 2025-11-03 00:37 - 003386896 _____ C:\Users\crdod\Downloads\Docs NHS Job 2022.zip 2025-11-02 10:37 - 2025-11-02 10:37 - 003559752 ____N C:\Windows\Minidump\110225-10109-01.dmp 2025-10-31 06:37 - 2025-10-31 06:37 - 003810296 ____N C:\Windows\Minidump\103125-10734-01.dmp 2025-10-31 04:05 - 2025-10-31 04:05 - 003860304 ____N C:\Windows\Minidump\103125-15125-01.dmp 2025-10-31 03:31 - 2025-10-31 03:31 - 000264219 _____ C:\Users\crdod\Downloads\G4kdpA6aIAAEi7l.jpeg 2025-10-30 05:23 - 2025-10-27 03:17 - 001638232 _____ C:\Users\crdod\Downloads\Scanned Document 2.pdf 2025-10-30 05:19 - 2025-10-30 05:19 - 000057211 _____ C:\Users\crdod\Downloads\KZNVIP_Guard_20251030.pdf 2025-10-30 05:14 - 2025-10-30 04:40 - 000005409 _____ C:\Users\crdod\Downloads\Tax Invoice SD003182.PDF 2025-10-30 03:54 - 2025-11-04 10:57 - 000000000 ____D C:\Windows\CbsTemp 2025-10-30 03:18 - 2025-10-30 03:19 - 297344500 _____ C:\Users\crdod\Downloads\DeepRacerTraining.mp4 2025-10-29 03:20 - 2025-10-29 03:20 - 000193322 _____ C:\Users\crdod\Downloads\G4Zd5saXYAANFx_.jpeg 2025-10-28 08:30 - 2025-10-28 08:30 - 000201403 _____ C:\Users\crdod\Downloads\G4UuitQXQAALmr8.jpeg 2025-10-28 06:41 - 2025-10-28 06:41 - 000319357 _____ C:\Users\crdod\Downloads\G4UulEMXAAAHXL2.jpeg 2025-10-28 03:06 - 2025-10-28 03:06 - 007646391 _____ C:\Users\crdod\Downloads\MOD Corsham AWS Deep Racer Drop In Session Materials.zip 2025-10-28 03:06 - 2025-10-28 03:06 - 005341590 _____ C:\Users\crdod\Downloads\MOD DeepRacer L200 2025.pdf 2025-10-28 02:51 - 2025-10-28 00:36 - 015781811 _____ C:\Users\crdod\Downloads\VID-20251028-WA0022.mp4 2025-10-28 02:51 - 2025-10-28 00:36 - 012999264 _____ C:\Users\crdod\Downloads\VID-20251028-WA0021.mp4 2025-10-28 02:51 - 2025-10-28 00:36 - 012950300 _____ C:\Users\crdod\Downloads\VID-20251028-WA0024.mp4 2025-10-28 02:51 - 2025-10-28 00:36 - 008028078 _____ C:\Users\crdod\Downloads\VID-20251028-WA0023.mp4 2025-10-28 02:51 - 2025-10-28 00:35 - 039305889 _____ C:\Users\crdod\Downloads\VID-20251028-WA0020.mp4 2025-10-28 02:51 - 2025-10-28 00:34 - 028208657 _____ C:\Users\crdod\Downloads\VID-20251028-WA0019.mp4 2025-10-28 02:03 - 2025-10-27 09:04 - 075965847 _____ C:\Users\crdod\Downloads\ePaper Phoenix Tabloid 28 October 2025.pdf 2025-10-28 01:49 - 2025-10-28 01:49 - 003760568 ____N C:\Windows\Minidump\102825-9906-01.dmp 2025-10-28 01:34 - 2025-10-28 01:34 - 000175825 _____ C:\Users\crdod\Downloads\G4Tss8ZXIAA8uUd.jpeg 2025-10-27 08:18 - 2025-10-27 08:18 - 003922622 ____N C:\Windows\Minidump\102725-10171-01.dmp 2025-10-27 07:53 - 2025-10-27 07:53 - 001625769 _____ C:\Users\crdod\Downloads\No-1.pdf 2025-10-27 06:43 - 2025-10-27 05:34 - 005214225 _____ C:\Users\crdod\Downloads\WhatsApp Video 2025-10-26 at 15.21.05_7279598e.mp4 2025-10-27 06:41 - 2025-10-27 05:34 - 008306420 _____ C:\Users\crdod\Downloads\WhatsApp Video 2025-10-26 at 15.54.26_6bb24e00.mp4 2025-10-27 06:30 - 2025-10-27 06:30 - 003871992 ____N C:\Windows\Minidump\102725-10890-01.dmp 2025-10-24 00:23 - 2025-10-24 00:37 - 000011073 _____ C:\Users\crdod\Documents\Yash_Project.txt 2025-10-23 10:49 - 2025-10-23 10:49 - 003569224 ____N C:\Windows\Minidump\102325-10125-01.dmp 2025-10-23 09:29 - 2025-10-23 09:29 - 473965456 _____ (Nikon Corporation) C:\Users\crdod\Downloads\S-NXSTDO-010901WF-ALLIN-ALL___ (1).exe 2025-10-23 09:28 - 2025-10-23 09:28 - 473965456 _____ (Nikon Corporation) C:\Users\crdod\Downloads\S-NXSTDO-010901WF-ALLIN-ALL___.exe 2025-10-23 00:44 - 2025-10-23 00:44 - 000053566 _____ C:\Users\crdod\Downloads\appcrashview.zip 2025-10-23 00:44 - 2025-10-23 00:44 - 000000000 ____D C:\Program Files (x86)\NirSoft 2025-10-23 00:43 - 2025-10-23 00:43 - 000141864 _____ C:\Users\crdod\Downloads\bluescreenview_setup.exe 2025-10-23 00:43 - 2025-10-23 00:43 - 000085380 _____ C:\Users\crdod\Downloads\bluescreenview-x64.zip 2025-10-23 00:43 - 2025-10-23 00:43 - 000067310 _____ C:\Users\crdod\Downloads\bluescreenview (1).zip 2025-10-22 10:00 - 2025-10-22 10:00 - 003713428 ____N C:\Windows\Minidump\102225-10906-01.dmp 2025-10-22 05:57 - 2025-10-22 05:57 - 000067310 _____ C:\Users\crdod\Downloads\bluescreenview.zip 2025-10-22 05:57 - 2025-10-22 05:57 - 000000000 ____D C:\ProgramData\Whesvc 2025-10-22 05:50 - 2025-10-22 05:50 - 000000685 _____ C:\Users\crdod\Downloads\windbg.appinstaller 2025-10-22 05:50 - 2025-10-22 05:50 - 000000000 ____D C:\Users\crdod\AppData\Local\IsolatedStorage 2025-10-22 05:47 - 2025-10-22 05:47 - 000731622 _____ C:\Users\crdod\Downloads\Procdump.zip 2025-10-22 05:42 - 2025-06-18 14:05 - 000027192 _____ (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll 2025-10-22 05:42 - 2025-06-18 14:05 - 000012856 _____ (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll 2025-10-22 05:42 - 2025-06-18 13:49 - 000024120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2025-10-22 05:42 - 2025-06-18 13:49 - 000012856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:49 - 000728096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:49 - 000437680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:49 - 000077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:35 - 000829976 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:35 - 000567328 _____ (Microsoft Corporation) C:\Windows\System32\msvcp140_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:35 - 000098848 _____ (Microsoft Corporation) C:\Windows\System32\vcruntime140_clr0400.dll 2025-10-22 05:42 - 2025-05-29 20:35 - 000038944 _____ (Microsoft Corporation) C:\Windows\System32\vcruntime140_1_clr0400.dll 2025-10-22 05:36 - 2025-10-22 05:36 - 003716114 ____N C:\Windows\Minidump\102225-10453-01.dmp 2025-10-22 02:53 - 2025-10-22 02:53 - 000000562 _____ C:\Users\crdod\Downloads\calendar - 2025-10-22T115340.901.ics 2025-10-22 02:52 - 2025-10-22 02:52 - 003832760 ____N C:\Windows\Minidump\102225-15109-01.dmp 2025-10-22 02:22 - 2025-10-22 02:22 - 000000609 _____ C:\Users\crdod\Downloads\calendar - 2025-10-22T112229.262.ics 2025-10-22 02:22 - 2025-10-22 02:22 - 000000602 _____ C:\Users\crdod\Downloads\calendar - 2025-10-22T112213.004.ics 2025-10-22 02:22 - 2025-10-22 02:22 - 000000570 _____ C:\Users\crdod\Downloads\calendar - 2025-10-22T112256.497.ics 2025-10-21 05:31 - 2025-10-21 05:31 - 003909532 ____N C:\Windows\Minidump\102125-11218-01.dmp 2025-10-21 05:07 - 2025-10-21 05:07 - 001349070 _____ C:\Users\crdod\Downloads\menu (1).pdf 2025-10-21 05:03 - 2025-10-21 05:03 - 001349070 _____ C:\Users\crdod\Downloads\menu.pdf 2025-10-21 03:53 - 2025-10-21 04:53 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Slack 2025-10-20 10:21 - 2025-10-20 10:21 - 003710906 ____N C:\Windows\Minidump\102025-10343-01.dmp 2025-10-20 00:18 - 2025-10-20 00:18 - 000421656 _____ C:\Users\crdod\Downloads\Grok _ X.html 2025-10-20 00:18 - 2025-10-20 00:18 - 000000000 ____D C:\Users\crdod\Downloads\Grok _ X_files 2025-10-17 08:30 - 2025-10-17 08:29 - 003760516 ____N C:\Windows\Minidump\101725-11453-01.dmp 2025-10-17 00:34 - 2025-10-17 00:34 - 003564934 ____N C:\Windows\Minidump\101725-12453-01.dmp 2025-10-16 23:15 - 2025-10-16 23:15 - 000187456 _____ C:\Users\crdod\Downloads\G3bE7ecWsAA466D.jpeg 2025-10-16 23:05 - 2025-10-16 23:05 - 000731261 _____ C:\Users\crdod\Downloads\2025-10-15-0461900987-18480900.pdf 2025-10-16 12:54 - 2025-10-16 12:54 - 001104952 _____ (Microsoft Corporation) C:\Users\crdod\Downloads\Samsung Flow Installer.exe 2025-10-16 12:54 - 2025-10-16 12:54 - 001104952 _____ (Microsoft Corporation) C:\Users\crdod\Downloads\Samsung Flow Installer (2).exe 2025-10-16 12:54 - 2025-10-16 12:54 - 001104952 _____ (Microsoft Corporation) C:\Users\crdod\Downloads\Samsung Flow Installer (1).exe 2025-10-16 12:51 - 2024-10-16 18:53 - 000175824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\System32\Drivers\ssudbus2.sys 2025-10-16 11:25 - 2025-10-23 13:02 - 000000000 ____D C:\Users\crdod\AppData\Local\GitKrakenCLI 2025-10-16 11:25 - 2025-10-16 11:25 - 000000000 ____D C:\Users\crdod\AppData\Local\gk 2025-10-16 10:07 - 2025-10-16 10:07 - 003268316 ____N C:\Windows\Minidump\101625-10390-01.dmp 2025-10-16 09:46 - 2025-10-16 09:46 - 003916756 ____N C:\Windows\Minidump\101625-10046-01.dmp 2025-10-16 05:22 - 2025-10-16 05:22 - 000000036 _____ C:\Users\crdod\test.py 2025-10-16 05:21 - 2025-10-24 06:43 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Code 2025-10-16 05:18 - 2025-10-16 05:18 - 003476104 ____N C:\Windows\Minidump\101625-10015-01.dmp 2025-10-15 02:39 - 2025-10-15 02:39 - 000193699 _____ C:\Users\crdod\Downloads\G3QuPeGXcAA566b.jpeg 2025-10-15 01:28 - 2025-10-15 01:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2025-10-14 23:18 - 2025-10-08 20:10 - 000651264 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe 2025-10-14 23:18 - 2025-10-08 17:59 - 000508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2025-10-14 05:42 - 2025-10-14 05:42 - 000001251 _____ C:\Users\crdod\Downloads\20251113-Mastering-Parameter-Sniffing.ics 2025-10-14 05:42 - 2025-10-14 05:42 - 000001246 _____ C:\Users\crdod\Downloads\20251114-Mastering-Server-Tuning.ics 2025-10-14 05:41 - 2025-10-14 05:41 - 000001245 _____ C:\Users\crdod\Downloads\20251112-Mastering-Query-Tuning.ics 2025-10-14 05:41 - 2025-10-14 05:41 - 000001245 _____ C:\Users\crdod\Downloads\20251111-Mastering-Index-Tuning.ics 2025-10-13 23:24 - 2025-10-13 23:13 - 000000460 _____ C:\Users\crdod\Downloads\WhatsApp Chat with +91 84324 91111.zip 2025-10-13 02:20 - 2025-10-13 02:20 - 000124234 _____ C:\Users\crdod\Downloads\VirginMEdia_eContract_112025.pdf 2025-10-12 23:50 - 2025-10-12 23:50 - 000173518 _____ C:\Users\crdod\Downloads\Gy5AD80WEAAZtYm.jpeg 2025-10-12 23:15 - 2025-10-12 23:15 - 000172945 _____ C:\Users\crdod\Downloads\G3GbZa6XkAArXtj.jpeg 2025-10-11 11:18 - 2025-10-11 11:24 - 000794745 _____ C:\Users\crdod\Downloads\Broadband Speed Test – Check Download, Upload, Latency _ Virgin Media_20251011.pdf 2025-10-11 10:40 - 2025-10-11 10:40 - 000101238 _____ C:\Users\crdod\Downloads\Booking.com_ Confirmation.pdf 2025-10-11 07:42 - 2025-10-11 07:42 - 000115021 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-10-11 at 1.17.52 PM.jpeg 2025-10-11 07:41 - 2025-10-11 07:41 - 000111062 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-10-11 at 1.17.53 PM.jpeg 2025-10-11 03:52 - 2025-10-11 03:52 - 000123441 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-10-04 at 12.22.46 PM.jpeg 2025-10-11 03:52 - 2025-10-11 03:52 - 000022924 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-10-04 at 12.24.36 PM.jpeg 2025-10-11 03:51 - 2025-10-11 03:51 - 000064864 _____ C:\Users\crdod\Downloads\SandP ee.pdf 2025-10-11 03:50 - 2025-10-11 03:50 - 000518644 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-09-27 at 12.41.28 PM (1).jpeg 2025-10-11 03:50 - 2025-10-11 03:50 - 000201629 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-09-27 at 12.41.28 PM.jpeg 2025-10-11 03:50 - 2025-10-11 03:50 - 000149114 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-09-27 at 12.42.01 PM.jpeg 2025-10-11 03:50 - 2025-10-11 03:50 - 000127860 _____ C:\Users\crdod\Downloads\WhatsApp Image 2025-09-27 at 12.41.28 PM (2).jpeg 2025-10-11 03:50 - 2025-10-11 03:50 - 000063560 _____ C:\Users\crdod\Downloads\Sandp U.pdf 2025-10-11 03:47 - 2025-10-11 03:47 - 001373024 _____ C:\Users\crdod\Downloads\svara-varna-aura-unaki-matra-hindi-swar-and-matra-worksheet_ver_1[843].pdf 2025-10-11 03:26 - 2025-10-11 03:26 - 065838923 _____ C:\Users\crdod\Downloads\Cardiff Mandir - Diwali 2025-1 (1).pdf 2025-10-10 03:43 - 2025-10-10 03:43 - 000337234 _____ C:\Users\crdod\Downloads\G21N3qzXcAAibR6.jpeg 2025-10-10 02:58 - 2025-10-10 02:58 - 000606756 _____ C:\Users\crdod\Downloads\213-Division-A-7464447-A_Pharmacy Data Analyst JD and Personal Spec.pdf 2025-10-07 09:04 - 2025-10-07 09:04 - 065838923 _____ C:\Users\crdod\Downloads\Cardiff Mandir - Diwali 2025-1.pdf 2025-10-07 06:48 - 2025-10-07 06:48 - 000011554 _____ C:\Users\crdod\Documents\New_Cadet_Uniform_202509.xlsx 2025-10-07 04:48 - 2025-10-07 04:48 - 001527418 _____ C:\Users\crdod\Downloads\Broadband Speed Test – Check Download, Upload, Latency _ Virgin Media.pdf 2025-10-07 02:18 - 2025-10-07 02:18 - 001434388 _____ C:\Users\crdod\Downloads\G2jcVFdW0AAre3Q.jpeg 2025-10-06 23:41 - 2025-10-06 23:41 - 000180414 _____ C:\Users\crdod\Downloads\Inventoria-Backup-2025-10-03.zip 2025-10-06 23:41 - 2025-10-06 23:41 - 000016943 _____ C:\Users\crdod\Downloads\Sample_Stock_23092025.csv 2025-10-06 02:05 - 2025-10-06 02:05 - 000077384 _____ C:\Users\crdod\Downloads\G2f79BxWUAAqVV_.jpeg 2025-10-05 23:35 - 2025-10-05 23:35 - 000265089 _____ C:\Users\crdod\Downloads\G2fnqzbXwAAQN8v.jpeg 2025-10-05 23:29 - 2025-10-05 23:29 - 000271935 _____ C:\Users\crdod\Downloads\G2fDG_eXEAA-7a-.jpeg 2025-10-05 02:01 - 2025-10-05 02:01 - 000172822 _____ C:\Users\crdod\Downloads\G2d0q-NaUAAOCbP.jpeg ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2025-11-04 10:06 - 2025-09-08 06:51 - 000000000 ___DC C:\Windows\Panther 2025-11-04 10:04 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\WinBioDatabase 2025-11-04 10:04 - 2022-07-25 02:32 - 000000000 ____D C:\Windows\CSC 2025-11-04 02:14 - 2025-09-08 23:34 - 000000000 ____D C:\Windows\System32\SleepStudy 2025-11-04 02:07 - 2025-09-17 03:03 - 000000000 ____D C:\Windows\Minidump 2025-11-04 02:04 - 2022-07-25 03:14 - 000012288 ___SH C:\DumpStack.log.tmp 2025-11-04 00:53 - 2025-09-09 00:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2025-11-03 22:17 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\oobe 2025-11-03 17:08 - 2025-09-09 08:17 - 000000000 ____D C:\Windows\System32\Drivers\en-GB 2025-11-03 17:08 - 2024-04-01 00:03 - 000000000 ____D C:\Windows\System32\Microsoft-Edge-WebView 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\UUS 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\SysWOW64\setup 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\SysWOW64\Dism 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\SystemResources 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\WinMetadata 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\setup 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\SecureBootUpdates 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\migwiz 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\HealthAttestationClient 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\Dism 2025-11-03 17:08 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\appraiser 2025-11-03 17:07 - 2024-04-01 00:03 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\ShellExperiences 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\ShellComponents 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\Provisioning 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\PolicyDefinitions 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\BrowserCore 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\bcastdvr 2025-11-03 17:07 - 2024-03-31 23:26 - 000000000 ____D C:\ProgramData\USOPrivate 2025-11-03 17:07 - 2024-03-31 23:24 - 000000000 ____D C:\Windows\INF 2025-11-03 17:07 - 2024-03-31 23:21 - 000000000 ____D C:\Windows\servicing 2025-11-03 10:23 - 2024-03-31 23:21 - 001572864 _____ C:\Windows\System32\config\BBI 2025-11-03 10:22 - 2025-09-08 23:34 - 000473520 _____ C:\Windows\System32\FNTCACHE.DAT 2025-11-03 08:58 - 2025-09-08 23:35 - 000000000 ____D C:\users\crdod 2025-11-03 08:58 - 2022-10-14 01:25 - 000000000 ____D C:\ProgramData\AnyDesk 2025-11-03 08:18 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\SystemTemp 2025-11-03 08:11 - 2024-03-31 23:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-11-03 06:46 - 2025-09-08 23:45 - 000842272 _____ C:\Windows\System32\PerfStringBackup.INI 2025-11-03 06:42 - 2025-09-08 06:28 - 000000000 ____D C:\Users\crdod\AppData\Local\CrashDumps 2025-11-03 06:42 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\AppReadiness 2025-11-03 06:42 - 2024-02-28 01:05 - 000000000 _RDJL C:\Users\crdod\OneDrive 2025-11-03 06:41 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\ServiceState 2025-11-03 06:41 - 2024-02-28 01:06 - 000000000 __SHD C:\Users\crdod\IntelGraphicsProfiles 2025-11-03 06:41 - 2022-10-13 23:32 - 000000000 ____D C:\Program Files\TeamViewer 2025-11-03 06:41 - 2022-07-25 03:14 - 000000000 ____D C:\ProgramData\NVIDIA 2025-11-03 06:41 - 2022-07-25 03:14 - 000000000 ____D C:\Intel 2025-11-03 06:17 - 2025-09-08 23:40 - 000005694 _____ C:\Windows\System32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2025-11-03 02:11 - 2024-02-28 01:06 - 000000000 ____D C:\Users\crdod\AppData\Local\Packages 2025-11-03 02:01 - 2024-03-31 23:26 - 000000000 ___HD C:\Program Files\WindowsApps 2025-11-03 01:59 - 2025-02-27 12:18 - 001445936 _____ (Bitdefender) C:\Windows\System32\Drivers\vlflt.sys 2025-11-03 01:59 - 2025-02-27 12:18 - 000630320 _____ (Bitdefender) C:\Windows\System32\Drivers\Trufos.sys 2025-11-03 01:58 - 2025-02-27 12:18 - 008502344 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\System32\Drivers\atc.sys 2025-11-03 01:58 - 2025-02-27 12:18 - 000972848 _____ (Bitdefender) C:\Windows\System32\Drivers\bddci4.sys 2025-11-03 01:58 - 2025-02-27 12:18 - 000053808 _____ (Bitdefender) C:\Windows\System32\Drivers\bduefiscan.sys 2025-11-03 01:58 - 2025-02-27 12:18 - 000049208 _____ (Bitdefender) C:\Windows\System32\Drivers\bdprivmon.sys 2025-11-03 01:58 - 2025-02-27 12:17 - 000848456 _____ (Bitdefender) C:\Windows\System32\Drivers\Ignisv2.sys 2025-11-03 00:06 - 2025-09-09 00:07 - 000003534 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-11-03 00:06 - 2025-09-09 00:07 - 000003438 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8a017ba0c4326 2025-11-02 10:12 - 2022-07-25 03:14 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-11-01 05:13 - 2022-07-29 13:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2025-10-31 04:05 - 2024-03-31 23:21 - 000032768 _____ C:\Windows\System32\config\ELAM 2025-10-31 04:05 - 2022-09-29 01:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2025-10-30 03:13 - 2022-10-14 01:25 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2025-10-29 03:17 - 2025-09-10 01:48 - 000003540 _____ C:\Windows\System32\Tasks\OneDrive Startup Task-S-1-5-21-59491961-3473679235-3982899818-1006 2025-10-29 03:17 - 2025-09-09 00:07 - 000003588 _____ C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-59491961-3473679235-3982899818-1007 2025-10-29 03:17 - 2025-09-09 00:07 - 000003588 _____ C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-59491961-3473679235-3982899818-1006 2025-10-29 03:17 - 2025-09-09 00:07 - 000003540 _____ C:\Windows\System32\Tasks\OneDrive Startup Task-S-1-5-21-59491961-3473679235-3982899818-1007 2025-10-29 03:17 - 2025-09-09 00:07 - 000003194 _____ C:\Windows\System32\Tasks\OneDrive Per-Machine Standalone Update Task 2025-10-27 09:25 - 2024-02-28 01:08 - 000000000 ____D C:\Users\crdod\AppData\Local\D3DSCache 2025-10-24 05:55 - 2022-07-25 03:17 - 000000000 ____D C:\ProgramData\Packages 2025-10-24 05:53 - 2025-09-10 03:17 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Notepad++ 2025-10-23 14:31 - 2022-12-07 08:48 - 000001408 _____ C:\Users\chetand\Desktop\Telegram.lnk 2025-10-23 14:31 - 2022-12-07 08:48 - 000000000 ____D C:\Users\chetand\AppData\Roaming\Telegram Desktop 2025-10-23 13:50 - 2022-07-25 04:40 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2025-10-23 13:09 - 2025-09-08 23:35 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Microsoft\Windows 2025-10-22 05:54 - 2024-02-28 01:06 - 000000000 ____D C:\Users\crdod\AppData\Local\DBG 2025-10-21 03:53 - 2025-09-08 07:29 - 000002438 _____ C:\Users\crdod\Desktop\Slack.lnk 2025-10-21 03:53 - 2024-03-19 05:36 - 000000000 ____D C:\Users\chetand\AppData\Local\slack 2025-10-20 09:40 - 2023-07-17 11:57 - 000000000 ____D C:\ProgramData\CanonIJPLM 2025-10-20 09:38 - 2025-09-08 07:09 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Microsoft\Word 2025-10-16 12:55 - 2024-02-29 12:54 - 000000000 ____D C:\Users\crdod\AppData\Local\PlaceholderTileLogoFolder 2025-10-16 04:37 - 2022-07-25 02:30 - 003788664 _____ C:\Windows\Minidump\101625-8406-01.dmp 2025-10-15 05:44 - 2022-07-25 02:30 - 003819350 _____ C:\Windows\Minidump\101525-7484-01.dmp 2025-10-15 02:12 - 2022-07-25 03:00 - 000000000 ____D C:\Windows\System32\MRT 2025-10-15 02:07 - 2024-03-31 23:26 - 000000000 ____D C:\Windows\System32\SecurityHealth 2025-10-15 02:07 - 2022-07-25 03:00 - 214534944 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2025-10-15 01:30 - 2025-09-08 09:03 - 000000000 ____D C:\Users\Default\.dotnet 2025-10-15 01:30 - 2022-12-25 06:45 - 000000000 ____D C:\Program Files\dotnet 2025-10-15 01:29 - 2024-09-16 06:22 - 000000000 ____D C:\Program Files (x86)\dotnet 2025-10-15 01:23 - 2022-08-03 01:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2025-10-15 01:22 - 2025-09-08 23:36 - 003276800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2025-10-14 09:49 - 2025-09-08 07:09 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Microsoft\Office 2025-10-11 07:43 - 2025-09-14 22:46 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Microsoft\UProof 2025-10-07 06:48 - 2025-09-18 01:18 - 000000000 ____D C:\Users\crdod\AppData\Roaming\Microsoft\Excel 2025-10-05 01:54 - 2022-10-12 13:10 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk ==================== KnownDLLs (Whitelisted) ========================= [2025-09-09 08:21] - [2025-09-09 08:21] - 000055216 _____ (Microsoft Corporation) C:\Windows\System32\wow64base.dll [2025-09-09 08:38] - [2025-09-09 08:38] - 000108912 _____ (Microsoft Corporation) C:\Windows\System32\wow64con.dll ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000954368 _____ (Microsoft Corporation) D0C2818DD012ED4208BAF9071F4083E5 C:\Windows\System32\wininit.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000790680 _____ (Microsoft Corporation) 65BF54F6D6CA97304BE17040CB6ED174 C:\Windows\explorer.exe [2025-09-09 08:37] - [2025-09-09 08:37] - 003067376 _____ (Microsoft Corporation) ACF9C0A69BC0B369F97A2466A80CB140 C:\Windows\SysWOW64\explorer.exe [2025-09-09 08:37] - [2025-09-09 08:37] - 002724584 _____ (Microsoft Corporation) AA4CFFEF92366A7BD2D58FE410EEAC2C C:\Windows\System32\svchost.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000088232 _____ (Microsoft Corporation) 7B88D0896FBF43469A9959D59824A514 C:\Windows\SysWOW64\svchost.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000053312 _____ (Microsoft Corporation) 0907534A5C32019BF9B3C8133D62B742 C:\Windows\System32\services.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000906400 _____ (Microsoft Corporation) C80E84B65A40061CA14018DC65B2259D C:\Windows\System32\User32.dll [2025-09-09 08:38] - [2025-09-09 08:38] - 001869120 _____ (Microsoft Corporation) 48CE59DAED041A6E2DD0A08D6E90D64E C:\Windows\SysWOW64\User32.dll [2025-09-10 00:04] - [2025-09-10 00:04] - 001847544 _____ (Microsoft Corporation) 27AB4E58AECE49B41AF5F6D817CE02AE C:\Windows\System32\userinit.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000143360 _____ (Microsoft Corporation) 854E144C28736DD9F888DEDED85810E4 C:\Windows\SysWOW64\userinit.exe [2025-09-09 08:38] - [2025-09-09 08:38] - 000089088 _____ (Microsoft Corporation) 26EC2F8F91F59FAA2AD25FA4C06EE61E C:\Windows\System32\rpcss.dll [2025-09-09 08:37] - [2025-09-09 08:37] - 001458176 _____ (Microsoft Corporation) FBC5B89EABD5BB4480B1F6B40D45F44E C:\Windows\System32\dnsapi.dll [2025-09-10 00:04] - [2025-09-10 00:04] - 001216248 _____ (Microsoft Corporation) 4EF644EC4BA41B72E150DAA9B71D375E C:\Windows\SysWOW64\dnsapi.dll [2025-09-10 00:04] - [2025-09-10 00:04] - 000901808 _____ (Microsoft Corporation) 13226A59277861E87AA3AD393FC9F1CD C:\Windows\System32\dllhost.exe => MD5 is legit C:\Windows\SysWOW64\dllhost.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2025-09-09 08:38] - [2025-09-09 08:38] - 000529792 _____ (Microsoft Corporation) 01321EB0009CB5544B5E24F4E96056CE ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {be4eb0a3-b93f-11f0-81cd-806e6f6e6963} {bootmgr} {bc6e0066-b9aa-11f0-8f7a-806e6f6e6963} {bc6e0067-b9aa-11f0-8f7a-806e6f6e6963} {bc6e0068-b9aa-11f0-8f7a-806e6f6e6963} timeout 0 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume3 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale inherit {globalsettings} default {default} resumeobject {b24bc62f-0c5e-11ed-a491-e952f9b88b83} displayorder {default} bootsequence {default} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {bc6e0066-b9aa-11f0-8f7a-806e6f6e6963} description UEFI:CD/DVD Drive Firmware Application (101fffff) ------------------------------- identifier {bc6e0067-b9aa-11f0-8f7a-806e6f6e6963} description UEFI:Removable Device Firmware Application (101fffff) ------------------------------- identifier {bc6e0068-b9aa-11f0-8f7a-806e6f6e6963} description UEFI:Network Device Firmware Application (101fffff) ------------------------------- identifier {be4eb0a3-b93f-11f0-81cd-806e6f6e6963} device partition=E: description UEFI: KingstonDataTraveler 2.0PMAP, Partition 1 Windows Boot Loader ------------------- identifier {b24bc624-0c5e-11ed-a491-e952f9b88b83} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{b24bc625-0c5e-11ed-a491-e952f9b88b83} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{b24bc625-0c5e-11ed-a491-e952f9b88b83} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {default} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale en-US inherit {bootloadersettings} recoverysequence {b24bc629-0c5e-11ed-a491-e952f9b88b83} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {b24bc626-0c5e-11ed-a491-e952f9b88b83} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {b24bc629-0c5e-11ed-a491-e952f9b88b83} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{b24bc62a-0c5e-11ed-a491-e952f9b88b83} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{b24bc62a-0c5e-11ed-a491-e952f9b88b83} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {b24bc62f-0c5e-11ed-a491-e952f9b88b83} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale inherit {resumeloadersettings} recoverysequence {b24bc629-0c5e-11ed-a491-e952f9b88b83} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {b24bc62a-0c5e-11ed-a491-e952f9b88b83} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 16238.66 MB Available physical RAM: 14273.18 MB Total Virtual: 16238.66 MB Available Virtual: 14444.23 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.45 GB) (Free:58.85 GB) (Model: KINGSTON SNVS500G) NTFS Drive e: (ESD-USB) (Removable) (Total:28.86 GB) (Free:23.18 GB) FAT32 Drive f: () (Removable) (Total:29.1 GB) (Free:16.35 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS Drive y: () (Fixed) (Total:931.39 GB) (Free:110.97 GB) (Model: ST1000LX015-1U7172) NTFS \\?\Volume{319e3804-268e-485f-b2cd-404644ac85fd}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS \\?\Volume{1caa43d2-097d-4808-b7c0-8bbdc7df2a16}\ () (Fixed) (Total:0.76 GB) (Free:0.1 GB) NTFS \\?\Volume{42e75081-9097-4235-99ee-1660f3ec0a0d}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B1B0BEFB) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 28.9 GB) (Disk ID: B6EA6475) Partition 1: (Active) - (Size=28.9 GB) - (Type=FAT32) ========================================================== Disk: 3 (Protective MBR) (Size: 29.1 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of FRST.txt ========================