[SOLVED] Win 10 Home does not boot

[DR M]

Please read my post #16, item 4.

Right. I missed it.

Well, let's try something else, to see at least if we can diagnose the cause of this issue.


1. Find some necessary stuff

1. An empty USB flash drive
2. A working computer (either yours or a friend's)

2. Download FRST tool

Download the right version of FRST for your system, and save it on your USB drive.

• FRST 32-bit
• FRST 64-bit

Note: If you don't know which one to download, download and save both on your USB drive. Only the right version will run on your system, the other will throw an error message. The one that works is the one you should be using from now on.


3. Enter Recovery Environment

Using the faulty computer:

• Go Advanced Options, as you did before.
• Select Command Prompt.

Run FRST from the Command Prompt

1. In the black window that will open, called command prompt, type notepad and press on Enter.
2. Notepad will open. Click on the File menu and select Open.
3. Click on Computer, find the letter for your USB Flash Drive, then close the window and Notepad.
4. In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe) and press on Enter. As I told you before, run both of them if you are unsure about the architecture (x32 or x64) of your computer. Only the right one will run. IMPORTANT: Replace the letter e with the drive letter of your USB Flash Drive.
5. FRST will open.
6. Click on Yes to accept the disclaimer.
7. Click on the Scan button and wait for the scan to complete.
8. A log called FRST.txt will be saved on your USB Flash Drive.

4. Provide the FRST.txt

Using the working computer:

Insert the USB drive, open the FRST.txt, copy its content and paste it here, in your next reply.

 

[amic_2023]

Here is the content of the FRST.txt file as per your previous indication:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2023
Ran by SYSTEM on MININT-CUP1S1T (25-08-2023 16:58:06)
Running from F:\\FRST64.exe
Platform: Windows 10 Home Version 21H2 19044.1826 (X64) Language: English (United States) -> English (United States)
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16690424 2016-08-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM\...\RunOnce: [*Restore] => C:\WINDOWS\system32\rstrui.exe [274432 2022-07-30] (Microsoft Corporation)
HKU\antonc\...\Run: [NetDrive2] => C:\Program Files\NetDrive2\NetDrive2.exe [17318544 2018-02-20] (Bdrive Inc. -> Bdrive Inc)
HKU\antonc\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6519064 2016-10-16] (Crystal Rich Ltd -> Crystal Rich Ltd)
HKU\antonc\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2135904 2018-08-28] (Sony Mobile Communications AB -> Sony)
HKU\antonc\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\antonc\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2014-04-26] (Spotify AB -> Spotify Ltd)
HKU\antonc\...\Run: [Boxoft Tools] => "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun (No File)
HKU\antonc\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Corporation)
HKU\cia\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [154624 2019-12-07] (Microsoft Corporation)
HKLM\...\Print\Monitors\R8E6AM Language Monitor: C:\WINDOWS\system32\R8E6AM.DLL [39936 2012-12-18] ()
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\WSPDFelementMonitor.dll [271360 2017-10-19] (Wondershare Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk [2018-07-11]
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
Startup: C:\Users\antonc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deep Learning Studio Manager.lnk [2019-08-01]
ShortcutTarget: Deep Learning Studio Manager.lnk -> C:\windows\system32\config\systemprofile\AppData\Local\Programs\DeepLearningStudio\manager\deep-learning-studio-manager.exe (No File)
Startup: C:\Users\antonc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2022-03-11]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (All) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006FBD30-09E3-43F9-B442-930F657EF7D7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {077CF0D2-A68E-4FF2-B156-953041DDC8C3} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {0FCBADE1-8450-4C4D-BA2E-FB4AE180B0F7} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {1BCDBCD7-FE27-465D-BEA7-6D11E9867D9F} - \WPD\SqmUpload_S-1-5-21-2862995291-4010358840-3514252635-1001 -> No File <==== ATTENTION
Task: {1CDA546A-D3DB-4134-B661-92BD12D98D83} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {31889071-DDED-4EC9-86F5-A38A53C0386E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3AE61CBF-3109-46CE-A53B-5856A1E93D0B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3E816531-1895-411F-BF37-450136762A58} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4D352803-0A48-40ED-8976-9D875974E51F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4F84D132-C0E0-49BF-86F7-560A88C16FF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {558E123D-4F04-4D35-827A-D364719B6CB1} - \WPD\SqmUpload_S-1-5-21-2862995291-4010358840-3514252635-1017 -> No File <==== ATTENTION
Task: {6D94B5D9-EF2C-4FAE-97F1-F2E7E69341E1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6EC2EA8A-AEEF-44EC-81DC-E64A0C0B71ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {76969E90-5FE0-4319-9844-21DFE9A227A3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {795BB56C-8EDC-483D-9978-C0B4B13FC966} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7ACF7C6D-4F33-40E2-B01D-7FA1130ADA08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {88DFD1D9-13DD-43C1-9EA9-F48434401709} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {BC5B069A-FED5-416D-A7EC-B47E500D71B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E4B64DB4-6DD4-4ABA-9478-D486EC6AEBD3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {84A7CF9D-1BCD-44CF-B720-ADBD9991EA18} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {44064917-3F2A-4744-B950-187D6E987291} - System32\Tasks\Agent Activation Runtime\S-1-5-21-2862995291-4010358840-3514252635-1017 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2022-07-30] ()
Task: {C13B5BD5-0455-4ADE-B7E6-57B84A7175BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {529869E2-5C1C-4F06-B616-31F69E2370EE} - System32\Tasks\AVG_SYS_TASK_0615tb_DELETE => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe /CMPID=0615tb /CMPN_DELETE_ALL (No File)
Task: {2D0463EF-BB5A-4EC4-8BE1-8B133FC6D5AE} - System32\Tasks\AVG-Secure-Search-Update_0615tb_rel => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe --RELAUNCH=1 --CMPID=0615tb (No File)
Task: {DB50DD0A-64D2-403C-A81D-8742FA58E626} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {32571CE0-D069-49BA-A07D-2607A1617C7F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "6c3642eb-ca40-47c7-af1d-32ce557aa9bd" --version "6.13.10517" --silent
Task: {D9113058-9CC1-415F-B793-BB648E51D45F} - System32\Tasks\CCleanerSkipUAC - antonc => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EE33DCDE-D6FD-466F-A5FE-692864A5AD23} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (No File)
Task: {E9E9A735-39F8-473C-8C9E-990208FEF6E5} - System32\Tasks\ETW Host Service Updater v16 => C:\Program Files\JetBrains\ETW Host\16\Updater\EtwHostServiceUpdater.exe [184320 2021-12-03] (JetBrains s.r.o.)
Task: {74099510-6165-4D00-BAE0-1EF06C8C317B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-07] (Google Inc -> Google Inc.)
Task: {15492CFF-E703-4865-9A87-9BD85804DB7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-07] (Google Inc -> Google Inc.)
Task: {BAF4B9A8-1B02-4B38-B231-7EA97230256B} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [30184 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5A9F0F2-D7CA-4A2B-8871-C67F2CBEADF1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [30184 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D44DA44-C6A2-454A-AD76-389CB7AB7B77} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [30184 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B750F9BA-94F7-495C-9AA5-9E0BFB0E1F63} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [30184 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F346D1E4-9974-4A5D-9E35-FE7079A30555} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [570368 2019-12-07] (Microsoft Corporation)
Task: {8E33F0A3-A31E-4E6C-AFF7-844A27E761B7} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [570368 2019-12-07] (Microsoft Corporation)
Task: {5B885149-AF43-451C-A12F-0CD1E0A34023} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager => {DECA92E0-AF85-439E-9204-86679978DA08} C:\Windows\System32\AppLockerCsp.dll [390144 2022-07-30] (Microsoft Corporation)
Task: {4EBE9A38-6BE4-429E-8588-B460327DB327} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [160768 2022-07-30] (Microsoft Corporation)
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific => {9F2B0085-9218-42A1-88B0-9F0E65851666}
Task: {7A27D6E9-CB10-42F6-B75D-A53F78486290} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [49664 2022-07-30] (Microsoft Corporation)
Task: {7A5AFDB2-56EC-4352-AB44-069E7BF253A8} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [160056 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {54B0DBC3-5767-440D-8C85-98EF6EC8CE68} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {73469C3A-0B60-4A11-AD8A-FC67A901B741} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [160056 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {3D363385-64B8-4207-AC46-3EE180DD87F2} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> Startupscan.dll,SusRunTask
Task: {B5108B49-C39A-43DE-AC49-06155873BAE9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [120320 2022-07-30] (Microsoft Corporation)
Task: {BA366117-6A44-44F3-9BAA-09C4ADA110CC} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [120320 2022-07-30] (Microsoft Corporation)
Task: {E003BEA4-7D11-4522-9834-25C3F9F93F53} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {F472261A-A57A-465B-A695-5F2E75E37782} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [13312 2022-07-30] (Microsoft Corporation)
Task: {3BD87901-A21D-458A-92A4-3292B2DB229B} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [92672 2022-07-30] (Microsoft Corporation)
Task: {C9ABE41C-5E65-4E52-8BAD-4F1BCA3B5715} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2022-07-30] (Microsoft Corporation)
Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2022-07-30] (Microsoft Corporation)
Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\WINDOWS\system32\BthUdTask.exe [40448 2019-12-07] (Microsoft Corporation)
Task: {077333D6-06BA-4EA4-BDF4-1CD1439558F2} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask => {E984D939-0E00-4DD9-AC3A-7ACA04745521}
Task: {F0BE4F3E-F4F0-4B98-88EE-57290DDF6CB2} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [256512 2022-07-30] (Microsoft Corporation)
Task: {F67BF9CD-2696-4F2D-9D78-BB8C84A53C1E} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [256512 2022-07-30] (Microsoft Corporation)
Task: {2F63CF7F-0537-4E2A-9F8A-B763EFE907F5} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [256512 2022-07-30] (Microsoft Corporation)
Task: {50DDDD38-168C-486B-966F-A23226488295} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation)
Task: {0EDEA23A-3DEC-41C3-B03E-BC7A3356D6BC} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation)
Task: {78FC1447-DCFF-4832-A268-0ABA89022F48} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation)
Task: {57C76B66-AD3C-4221-81FA-55045859B06F} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [16384 2019-12-07] (Microsoft Corporation)
Task: {3FC4BE91-4A96-48F5-8858-1628CB88EFB5} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [248320 2022-07-30] (Microsoft Corporation) -> %windir% /sysrepair
Task: {5B0ED9ED-6704-45F8-B8C1-93C5A3B5F4FF} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [1129616 2022-07-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {12514C9A-1DE5-40CE-B66C-D6838DA9A169} - System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask => {E4544ABA-62BF-4C54-AAB2-EC246342626C} C:\Windows\System32\CloudExperienceHostBroker.exe [68920 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\Windows\System32\BthTelemetry.dll [30208 2019-12-07] (Microsoft Corporation)
Task: {ED77AEE0-EAFB-4133-B544-9E7C5632D902} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [112640 2022-07-30] (Microsoft Corporation)
Task: {7572B7F9-BE9D-43BF-9A4E-F82023EDBD33} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {C27F6B1D-FE0B-45E4-9257-38799FA69BC8} C:\Windows\System32\usbceip.dll [119808 2019-12-07] (Microsoft Corporation)
Task: {304D2127-E6ED-4C82-B9B3-63B3B54A4D66} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [316928 2022-07-30] (Microsoft Corporation)
Task: {90F68E39-00DE-4159-BCDB-5C5759A5CF53} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [316928 2022-07-30] (Microsoft Corporation)
Task: {EAD9ED20-AC69-4E97-8CCB-E8F62CA707B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [316928 2022-07-30] (Microsoft Corporation)
Task: {9D65432A-41AC-4A4E-B481-A3F61411339E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [210432 2022-07-30] (Microsoft Corp.)
Task: {4F41B4A1-8822-4B02-90CD-202A0099FFAE} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [58736 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {F278A444-BDB4-4CD1-A2F0-7A2284C32800} - System32\Tasks\Microsoft\Windows\Device Information\Device User => C:\Windows\system32\devicecensus.exe [58736 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {082F4875-D88C-40EA-8706-87480962C446} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh => {23C1F3CF-C110-4512-ACA9-7B6174ECE888} C:\Windows\System32\DeviceSetupManagerAPI.dll [162816 2022-07-30] (Microsoft Corporation)
Task: {9D87DBE9-E563-4708-A9E9-1A6EE5951EC2} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {0016B09F-CFDA-4F5B-A70B-84A75599B89B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {61B4D08B-1B23-4CC8-869E-CF0B7996EF5F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {6AAEEF1D-9661-4720-B127-27C975871238} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {9ECD9F35-130A-4C0C-A551-9D3335B165D7} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {EA82AA60-4BB0-41D9-AA1A-D64D739F55DE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {5E0DF2C3-3D26-4759-9E02-FB7F4DCD159B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {114EC267-55F2-45DA-9AB6-B98CA9DC0D01} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {AF73DAAA-53AE-4CC8-8671-BE29D886B057} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {C660D735-E9F2-4190-9B4E-97ADF1AFFA16} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {13330D5B-C9EE-41F4-8444-A40D914FE604} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {A2FFCE6E-7F06-494A-8C84-6EFCAEB075BB} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2022-07-30] (Microsoft Corporation)
Task: {6A71F30F-0D3D-43DA-B16D-2D444CDE4DFE} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\Windows\System32\MitigationClient.dll [487936 2022-07-30] (Microsoft Corporation)
Task: {C3944556-15CF-467E-89E2-29D4BFD3EC5A} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\Windows\System32\sdiagschd.dll [53248 2019-12-07] (Microsoft Corporation)
Task: {55B1C85E-5BEF-4EDB-ADD0-ECEAEF261E7C} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\Windows\system32\directxdatabaseupdater.exe [293888 2022-07-30] (Microsoft Corporation)
Task: {0CBABB27-6DFC-4155-BAE7-AE919B92FEF2} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [237056 2022-07-30] (Microsoft Corporation)
Task: {6AA2E298-C47C-45AE-BF6F-E2D9A555345C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [299008 2022-07-30] (Microsoft Corporation) -> /autoclean /d %systemdrive%
Task: {B97C7632-DD50-4F07-8E4E-F1450795BF78} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {3A4032F6-6063-4D54-BAE3-F8A4A5110CDA} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [54784 2019-12-07] (Microsoft Corporation)
Task: {C9EC268B-1D36-4AF0-A1EB-2C1BC3B455D9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [85504 2022-07-30] (Microsoft Corporation)
Task: {117E2D01-1275-4560-90E9-A34BB4EE69A3} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => {AB2A519B-03B0-43CE-940A-A73DF850B49A} C:\Windows\system32\StorageUsage.dll [161792 2022-07-30] (Microsoft Corporation)
Task: {69D15B8E-729C-4C1C-A0E7-6DCA5E963E60} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [40960 2019-12-07] (Microsoft Corporation)
Task: {EF4B8F07-FA4B-4CD0-84BC-4A758127E3DD} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2022-07-30] (Microsoft Corporation)
Task: {3789A597-BD62-4A2F-8F57-AE2D504E0E98} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2022-07-30] (Microsoft Corporation)
Task: {0E2DCCB3-7B11-40CF-B973-90F22732E317} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2022-07-30] (Microsoft Corporation)
Task: {66A3F618-0C70-4F70-9BBA-735CCDB43A09} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2022-07-30] (Microsoft Corporation)
Task: {B9E96119-515B-4D19-8357-D54B747395AD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [155648 2022-07-30] (Microsoft Corporation)
Task: {18378A23-BD62-48A2-A11B-D003C5F1879D} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE}
Task: {AF329214-C674-40CA-91DD-692A8F71B2D1} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92}
Task: {F8FEDA28-6261-4385-844A-684E6C988577} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh => {711001CD-CC1D-4470-9B7E-1EF73849C79E} C:\Windows\System32\MitigationConfiguration.dll [86528 2022-07-30] (Microsoft Corporation)
Task: {92FFE795-C628-4324-AB97-06F804352DB6} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [120320 2022-07-30] (Microsoft Corporation)
Task: {7617E03F-109E-435B-9B4C-0282CD5BE4A9} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [120320 2022-07-30] (Microsoft Corporation)
Task: {2EE7F450-D2B6-4D5E-AFE0-A8699149E79E} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) => {89917B7C-A1A6-11DF-8BF6-18A90531A85A} C:\Windows\System32\fhtask.dll [61952 2022-07-30] (Microsoft Corporation)
Task: {1F2FD712-B0FE-4535-AF06-E32E54345300} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => {59EECBFE-C2F5-4419-9B99-13FE05FF2675} C:\Windows\System32\fcon.dll [265728 2022-07-30] (Microsoft Corporation)
Task: {9EC7AA6C-2A8D-4CEB-A554-38D64FB520D1} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing => {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} C:\Windows\System32\fcon.dll [265728 2022-07-30] (Microsoft Corporation)
Task: {04E4CF94-015C-4E30-AD89-24D3095FE7E0} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting => {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} C:\Windows\System32\fcon.dll [265728 2022-07-30] (Microsoft Corporation)
Task: {4F2030CE-BA8E-4122-B9A8-29AA5858973E} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache => {E07647F7-AED2-48D9-9720-939BC24A8A3C} C:\Windows\System32\wosc.dll [273920 2022-07-30] (Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [510976 2022-07-30] ()
Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - System32\Tasks\Microsoft\Windows\IME\SQM data sender => {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} C:\Windows\System32\IME\shared\imecfm.dll [222008 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [154112 2022-07-30] (Microsoft Corporation)
Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [154112 2022-07-30] (Microsoft Corporation)
Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [154112 2022-07-30] (Microsoft Corporation)
Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [154112 2022-07-30] (Microsoft Corporation)
Task: {A08D6A77-C926-4E78-9ED0-09836E2769AE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates => {A558C6A5-B42B-4C98-B610-BF9559143139} C:\Windows\System32\InstallServiceTasks.dll [231936 2022-07-30] (Microsoft Corporation)
Task: {A2FADBDF-6855-42F7-BDFC-F0C510EDA9BC} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser => {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} C:\Windows\System32\InstallServiceTasks.dll [231936 2022-07-30] (Microsoft Corporation)
Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry => {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} C:\Windows\System32\InstallServiceTasks.dll [231936 2022-07-30] (Microsoft Corporation)
Task: {9B29B882-A95C-438B-BF91-E7C31B1D82D1} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates => {0DC331EE-8438-49D5-A721-E10B937CE459} C:\Windows\System32\InstallServiceTasks.dll [231936 2022-07-30] (Microsoft Corporation)
Task: {EC3EFE4E-A2E4-4C66-975C-CA2EFD0D42CD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates => {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} C:\Windows\System32\InstallServiceTasks.dll [231936 2022-07-30] (Microsoft Corporation)
Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [215896 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {7A7B60AA-BA42-409F-BC97-7BCFEFAD6308} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [181248 2019-12-07] (Microsoft Corporation)
Task: {A499FA48-7057-4AC1-9702-44C6FD924058} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources => {D0582E3B-3126-4CAA-9155-AC37C912A489}
Task: {9520602D-5D35-49BC-B397-5251EC6364E8} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [181248 2019-12-07] (Microsoft Corporation)
Task: {A28E2F31-2C6D-426C-A2AC-2F9F6952D916} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange => {77646A68-AD14-4D53-897D-7BE4DDE5F929} C:\Windows\System32\TempSignedLicenseExchangeTask.dll [74752 2022-07-30] (Microsoft Corporation)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [71168 2019-12-07] (Microsoft Corporation)
Task: {E32B86AB-ABAA-45A7-9BE7-9BB2E6B7837D} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [62464 2022-07-30] (Microsoft Corporation)
Task: {6F063424-E8AD-40FA-92B9-CD047EC2A92A} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [377344 2022-07-30] (Microsoft Corporation)
Task: {E38739C8-A84F-4F9B-8913-DCA75BC35C79} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [87040 2022-07-30] (Microsoft Corporation)
Task: {80436C26-BC19-4930-9051-F06F0E0BA960} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [87040 2022-07-30] (Microsoft Corporation)
Task: {2AD5F8AE-8128-49DD-AB67-7D9052D0C609} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry => C:\Windows\system32\ProvTool.exe [87040 2022-07-30] (Microsoft Corporation)
Task: {E91D1CC3-09DF-45F0-8208-474AEE6B0A16} - System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot => C:\Windows\system32\ProvTool.exe [87040 2022-07-30] (Microsoft Corporation)
Task: {701473A3-4C61-4063-AAC6-871E22A29FE7} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask => {9885AEF2-BD9F-41E0-B15E-B3141395E803} C:\Windows\System32\mapstoasttask.dll [53760 2019-12-07] (Microsoft Corporation)
Task: {E577C99D-E5DD-43E8-9E9F-2D291B431572} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask => {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} C:\Windows\System32\mapsupdatetask.dll [45568 2019-12-07] (Microsoft Corporation)
Task: {78E96733-DDEF-4FB9-AD45-FC553EFC4CFD} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents => {8168E74A-B39F-46D8-ADCD-7BED477B80A3} C:\Windows\System32\MemoryDiagnostic.dll [33792 2019-12-07] (Microsoft Corporation)
Task: {29903646-8B95-441C-AE59-CC43C0C76FF5} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic => {8168E74A-B39F-46D8-ADCD-7BED477B80A3} C:\Windows\System32\MemoryDiagnostic.dll [33792 2019-12-07] (Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [119296 2019-12-07] (Microsoft Corporation)
Task: {C994E053-3CDE-4757-AA03-4AF96E9AC346} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [745472 2022-07-30] (Microsoft Corporation)
Task: {6EE3AFA8-CBB1-4E6E-B0B4-ABFF3127206C} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [72704 2022-07-30] (Microsoft Corporation)
Task: {AE01CD77-E506-4750-8E4F-1F623D73D3D9} - System32\Tasks\Microsoft\Windows\MUI\Mcbuilder => C:\WINDOWS\System32\mcbuilder.exe [94208 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {9486DC81-1119-4559-9110-1A771DEC137A} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [90112 2022-07-30] (Microsoft Corporation)
Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler => {5AA199A0-1CED-43A5-9B85-3226086738A3}
Task: {3A6DB6F9-A355-420A-B6E0-7C54D12F4033} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [88781 2019-12-07] ()
Task: {C34E99FC-E9DA-45EE-AF9B-77AAD0B1B25F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [132408 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {AAE4A09B-2A9A-4459-8078-98FA6265AF7F} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [296960 2022-07-30] (Microsoft Corporation)
Task: {FB09E21D-A58E-4797-94AC-04234895966E} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [296960 2022-07-30] (Microsoft Corporation)
Task: {E31CAEDF-DA78-4CCC-AA40-B3FE29BE66B9} - System32\Tasks\Microsoft\Windows\PLA\MyDCS_2016-04-21 => C:\Windows\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> C:\Windows\system32\pla.dll,PlaHost "MyDCS_2016-04-21" "$(Arg0)"
Task: {C0467AB3-5004-4E13-BD2C-8DDF2AB880B5} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy => {60400283-B242-4FA8-8C25-CAF695B88209} C:\Windows\System32\pnppolicy.dll [63488 2022-07-30] (Microsoft Corporation)
Task: {4E3AEDFB-B76C-4C12-A54F-3BD72A10C434} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required => {48794782-6A1F-47B9-BD52-1D5F95D49C1B} C:\Windows\System32\pnpui.dll [49664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => {DEF03232-9688-11E2-BE7F-B4B52FD966FF}
Task: {DF27E6F5-E07E-4744-981B-BB5BC982261C} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [303104 2022-07-30] (Microsoft Corporation)
Task: {D9353C30-D505-4F11-8F95-55F3DDA1E214} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE} C:\Windows\System32\energytask.dll [26624 2022-07-30] (Microsoft Corporation)
Task: {35525E8D-FD60-47BF-8D11-FA4F778C57C3} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [100352 2019-12-07] (Microsoft Corporation)
Task: {421D2A6C-5593-403D-8232-65C236BD1316} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [86528 2022-07-30] (Microsoft Corporation)
Task: {A74EF9D1-6D6B-4566-8E25-782430F970E5} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start pushtoinstall login
Task: {4BCE6391-0B05-40B4-B642-910B37FB1CE6} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start pushtoinstall registration
Task: {C0E197F6-2E40-46FD-83DA-BE8704EF2CE5} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {C463A0FC-794F-4FDF-9201-01938CEACAFA} C:\Windows\system32\rasmbmgr.dll [61952 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {F0FCA53B-F391-48AD-91F6-D1994846E55E} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047} C:\Windows\System32\ReAgentTask.dll [13824 2019-12-07] (Microsoft Corporation)
Task: {00446CF1-8668-472D-BEDD-D0BB88DBA009} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {CA767AA8-9157-4604-B64B-40747123D5F2} C:\Windows\System32\regidle.dll [15872 2019-12-07] (Microsoft Corporation)
Task: {CC4F585B-EBBB-4AA6-9BDF-B28C489A9125} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [135168 2022-07-30] (Microsoft Corporation)
Task: {8627F38D-3BB5-45A5-AAE5-B8735A41B62D} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Task: {E51EADD7-C4F7-43E7-A9CB-FEC8EC1E204F} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncCore.dll [1129472 2022-07-30] (Microsoft Corporation)
Task: {7445D17B-89AB-43F3-B904-4DD68B19A6F2} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask => {A4173A49-F373-4475-9A0F-2D615204DC20} C:\Windows\system32\SettingSyncCore.dll [1129472 2022-07-30] (Microsoft Corporation)
Task: {8DB27523-093D-4B93-A00B-68F6317DFAE1} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {EC95F45C-0486-40E1-8938-20FE3E377E7D} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask => {990A9F8F-301F-45F7-8D0E-68C5952DBA43} C:\Windows\system32\shell32.dll [7647856 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {DFDC1B83-7FD3-4C77-8CD1-7391D1680ACA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [1173472 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask => {D2CBF5F7-5702-440B-8D8F-8203034A6B82}
Task: {CD0446AF-D5F6-4616-85CE-058C20FCE9EC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask => {C844C79D-AED8-4DCE-AB25-4D359BED84F8} C:\Windows\System32\WpcRefreshTask.dll [1034240 2022-07-30] (Microsoft Corporation)
Task: {BB494092-4D37-4EF7-96DB-78ECF4263AED} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {C483CE25-B1C5-4BEB-AA31-5CADC8C66692} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance => {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} C:\Windows\System32\srchadmin.dll [218112 2022-07-30] (Microsoft Corporation)
Task: {9A73E311-CA15-4700-8E55-8AB02CEB714A} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [141824 2022-07-30] (Microsoft Corporation)
Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1262080 2022-07-30] (Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {2DFC28A5-3035-4555-A9E6-CE6D44EB1DB3} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2022-07-30] (Microsoft Corporation)
Task: {892625FE-213B-4B60-95ED-A1CEFCAA365D} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2022-07-30] (Microsoft Corporation)
Task: {3AB082DC-B77E-4487-BB5D-5DCB3A6C2B3C} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2022-07-30] (Microsoft Corporation)
Task: {A9C498D6-046E-407B-A5B5-597DFC8756D9} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [165376 2022-07-30] (Microsoft Corporation)
Task: {AFEE5D15-0E83-432F-9DB0-58A2702115E1} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [80752 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [305664 2022-07-30] (Microsoft Corporation)
Task: {4D595DA6-BC59-47AE-A527-EC01FCE2E615} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [182272 2022-07-30] (Microsoft Corporation)
Task: {58CCC4DA-C86D-4E3D-8FAF-A7B24D8F3950} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {D777B567-BB3B-4111-881C-0CB741022B0C} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [326144 2022-07-30] (Microsoft Corporation)
Task: {FC3767EA-5307-4D11-BA38-EB21A39737D7} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\Windows\system32\defrag.exe [210432 2022-07-30] (Microsoft Corp.)
Task: {BD76146D-5506-4D93-AFD4-C6EFBF677F4F} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [152928 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {C0D40F39-515D-4FA6-A2A4-5F17794320DF} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [152928 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {64614AC8-EA46-476D-A71C-2C0B055C95CC} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => {17C82257-654E-4C47-8E23-DCA24EAA76A0} C:\Windows\system32\sysmain.dll [1005568 2022-07-30] (Microsoft Corporation)
Task: {236EEE35-EDD5-418B-BCD5-293F6FAD7966} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} C:\Windows\system32\sysmain.dll [1005568 2022-07-30] (Microsoft Corporation)
Task: {051DF697-AF10-4DB6-9B93-E1A4E35F00F7} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync => {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} C:\Windows\system32\sysmain.dll [1005568 2022-07-30] (Microsoft Corporation)
Task: {638672E6-20F1-499D-BFCC-9EA7935257C4} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> sysmain.dll,PfSvWsSwapAssessmentTask
Task: {20546688-8F7B-4B82-8429-7E7E4F537E96} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [59392 2022-07-30] (Microsoft Corporation)
Task: {7BE5585E-0190-458B-9CEC-F4076574C717} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855FEC53-D2E4-4999-9E87-3414E9CF0FF4} C:\Windows\system32\wdc.dll [739840 2019-12-07] (Microsoft Corporation)
Task: {88CE6B8C-B14B-499A-8D43-214F06116F07} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} C:\Windows\system32\MsCtfMonitor.dll [96256 2022-07-30] (Microsoft Corporation)
Task: {F5E862B9-98AE-458E-BC87-3ED25EFBB4D3} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime => {A31AD6C2-FF4C-43D4-8E90-7101023096F9} C:\Windows\system32\TimeSyncTask.dll [15360 2019-12-07] (Microsoft Corporation)
Task: {1FDAEDB1-C8AA-43FA-B046-3CDDDA12661E} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start w32time task_started
Task: {C4C11C95-C597-4541-B0FF-0FB2C761FC92} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [70144 2019-12-07] (Microsoft Corporation)
Task: {8A43AE7B-C54A-405B-913A-945A0AF2CA8F} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [296960 2022-07-30] (Microsoft Corporation)
Task: {15E69FB7-BC19-4737-A3DF-0700D3959249} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [296960 2022-07-30] (Microsoft Corporation)
Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [463200 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {EE59E679-9004-494F-A07E-528DE94F9B64} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {D1124826-81F0-45BE-97B6-64BB6D6FB700} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Backup Scan => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {E54307A9-7162-47D8-8248-3338B0B1FF91} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {FDD5F3E4-CE7E-41FA-97D9-F20176C08652} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\Windows\system32\MusNotification.exe [692736 2022-07-30] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [692736 2022-07-30] (Microsoft Corporation)
Task: {F3DF06FC-EDF1-4CEC-A841-B1EF6F8C85F2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\Windows\system32\MusNotification.exe [692736 2022-07-30] (Microsoft Corporation)
Task: {EF41525D-02DA-49AF-A632-A7BB38E5B557} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\Windows\system32\MusNotification.exe [692736 2022-07-30] (Microsoft Corporation)
Task: {70EA2999-165C-4933-9027-250FB8B772F8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {0B0C537D-17A7-4E43-AD09-9B9F95DF1494} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {309BA321-F7C8-46A4-BA50-5FAC484229CB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {17286582-C869-4CA0-97D7-59FE8BD5E21F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {D529D8BB-0226-4887-B9DA-43ED89CA2E9F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {CB673CE4-960F-462D-AAD7-CDA0CD9FE030} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask => C:\Windows\system32\usoclient.exe [90624 2022-07-30] (Microsoft Corporation)
Task: {3F42D0B8-2C18-4904-AB25-6BF34C7B29A0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [692736 2022-07-30] (Microsoft Corporation)
Task: {4671B5C1-A383-4428-A45A-8D348E4CB873} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe [692736 2022-07-30] (Microsoft Corporation)
Task: {57FF06A5-1054-4791-9938-1C3E61F00B07} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> config upnphost start= auto
Task: {C5D47392-881C-422A-9BF8-E4916B55CD22} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications => {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} C:\Windows\System32\UsbTask.dll [55808 2022-07-30] (Microsoft Corporation)
Task: {3E51A991-10E2-4B16-B5B4-A2F051544BB9} - System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask => {BA677074-762C-444B-94C8-8C83F93F6605}
Task: {0CEC0B91-4AE9-4E8A-ACB2-3B4C811F442C} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {1E334E22-CBC0-4D9C-B830-F1CC1BD6DCFD} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [132408 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {4D36FC3F-B740-4739-9A9D-C43793F201B8} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} C:\Windows\System32\wdi.dll [105472 2019-12-07] (Microsoft Corporation)
Task: {76BE4F15-21DB-478C-9013-D528E286A190} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45C67F6A-2C0E-4AB7-9A46-1CEB6DB734E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {09E089F0-D9D2-42AB-8B4D-A59203D169B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1113455C-FC87-45F8-B1DC-4B81B93B5663} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {75A35C91-670A-4071-BB93-066651438E14} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [229712 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {86158314-60CF-4F3F-85B5-2399327EA496} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> bfe.dll,BfeOnServiceStartTypeChange
Task: {94A8A8FF-3293-4C91-A97A-662B2B5D792A} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [71168 2019-12-06] (Microsoft Corporation)
Task: {AA70A383-6F5D-470B-AA6B-B324620D9C75} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490D-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [708592 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {3E9B7329-34AE-40E7-A0FF-4A75A399F880} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall => {EFF7F153-1C97-417A-B633-FEDE6683A939}
Task: {6538D919-DCD1-47DE-8FA7-31D3132E21F8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall => {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Task: {44EFFD70-72A0-4840-B45D-7A04EFC214C8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect => {784E29F4-5EBE-4279-9948-1E8FE941646D}
Task: {F208D8E4-65B2-4605-9B4A-731B0B4A7981} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {2D222577-431D-4DA9-BB98-A0A65B1A8142} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {8FF5DE67-C947-4488-997B-4184221E7D50} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start wuauserv
Task: {F9EAD369-EF70-4E9A-A6F6-01B5D972ED1E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start wuauserv
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihpostreboot => C:\Windows\system32\sihclient.exe [387464 2022-07-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D85F83F5-ED09-49BC-A506-32C837CA0904} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358B920-0AC7-461F-98F4-58E32CD89148} C:\Windows\system32\wininet.dll [5038592 2022-07-30] (Microsoft Corporation)
Task: {5E351EE7-F0D4-4F41-A05C-907EB1A33CE8} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync => {B0D2B535-12E1-439F-86B3-BADA289510F0} C:\Windows\System32\WiFiCloudStore.dll [282624 2022-07-30] (Microsoft Corporation)
Task: {9CDE3277-EDDE-4D80-9796-4DF61CC8BC74} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [30720 2019-12-07] (Microsoft Corporation)
Task: {52CF1826-DD62-4655-A6D0-59AB074A33F9} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [30720 2019-12-07] (Microsoft Corporation)
Task: {F93E2A44-7E3E-49FE-9F66-12B1F4A037C0} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => {97D47D56-3777-49FB-8E8F-90D7E30E1A1E} C:\Windows\System32\WorkFoldersShell.dll [230400 2022-07-30] (Microsoft Corporation)
Task: {6440C5E0-A168-4A5F-B84E-F7C8C0A6E933} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} C:\Windows\System32\WorkFoldersShell.dll [230400 2022-07-30] (Microsoft Corporation)
Task: {4BDB5047-01B7-48D5-AE7E-720EDA7D2049} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [468992 2022-07-30] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {571A0A5E-B60E-4A25-BEFB-ABB3C6BB6B78} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync => {C662D912-E4D6-44A3-89A0-20550514951D} C:\Windows\System32\dsregtask.dll [23552 2022-07-30] (Microsoft Corporation)
Task: {35D4C945-33D4-43B6-83D3-99034D411E25} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [468992 2022-07-30] (Microsoft Corporation)
Task: {DF6A7742-913B-4025-B27A-CE65BB343A0D} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [132408 2022-07-30] (Microsoft Windows -> Microsoft Corporation)
Task: {281B2EA3-13A3-4523-BEE4-CC84E1D3BD9D} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [747008 2022-07-30] (Microsoft Corporation)
Task: {41F5FC9D-EE65-4CA4-A908-91B3587198E0} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [33792 2022-07-30] (Microsoft Corporation)
Task: {D74DBE75-0574-441E-BCC1-0A092BDDD72C} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [33792 2022-07-30] (Microsoft Corporation)
Task: {1ABAEBCD-27E1-4604-B69C-5695E9C3842B} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6948577-8B99-44C2-B380-9D264920EB6C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D42AFDE-161B-4CF9-914D-08D26B29BE54} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [686496 2023-07-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {19291617-1163-4CA6-83E0-E398EE445701} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {6D1B6B0E-9BFE-427C-8C6B-3F951F356E12} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start osppsvc
Task: {C3C39353-4612-47E7-883D-89599023E915} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2862995291-4010358840-3514252635-1017 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {5B64BEAA-ABCE-4ADA-ABF6-57992F3E0E17} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2862995291-4010358840-3514252635-1017 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {F8CF3A0C-0382-41EE-B9D6-2FFD841D8AB9} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2862995291-4010358840-3514252635-1019 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {0FCE2A7D-BFD7-49E9-94D0-E1DE77F2F0C5} - System32\Tasks\Opera scheduled assistant Autoupdate 1582788748 => C:\Program Files (x86)\Opera\launcher.exe [1906640 2022-08-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {76A072DC-146B-45F9-8F78-053AF5E2FFA2} - System32\Tasks\Opera scheduled Autoupdate 1432278973 => C:\Program Files (x86)\Opera\launcher.exe [1906640 2022-08-23] (Opera Norway AS -> Opera Software)
Task: {C28BF890-64C8-4BDF-B80A-D36CF74E0544} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2862995291-4010358840-3514252635-1001 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [669696 2022-07-30] (Microsoft Corporation)
Task: {B2ED2B21-AB5D-40F5-87D6-4F6F982C5384} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2862995291-4010358840-3514252635-1017 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [669696 2022-07-30] (Microsoft Corporation)
Task: {7F98D8E3-93B4-43E9-870A-D25C25D8ECE4} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2862995291-4010358840-3514252635-500 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [669696 2022-07-30] (Microsoft Corporation)
Task: {862BD937-639B-4F4A-BC64-E59CACAD044F} - System32\Tasks\Process Explorer-cia-itdevel-antonc => C:\USERS\ANTONC\DOCUMENTS\MC\M$\SYSTEMTOOLS\PROCESSEXPLORER\PROCEXP.EXE [2694816 2016-02-04] (Microsoft Corporation -> Sysinternals - www.sysinternals.com)
Task: {3C6963B4-E96F-4661-A850-7019EAEA2B7E} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe (No File)
Task: {4F65545F-59DE-439B-8C69-70FC0CF9D512} - System32\Tasks\S-1-5-21-2862995291-4010358840-3514252635-1017\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [176640 2022-07-30] (Microsoft Corporation)
Task: {D532537A-7CFA-4885-8777-818B8E61E9BC} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4401672 2018-03-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {2CF4EA6C-4A65-4275-9914-3B4DD5D93F5B} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471416 2013-12-24] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
Task: {AC628CE4-99D1-4BD4-95AF-E592EAE191D1} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [699496 2018-05-01] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {C2A2DA48-7051-48C5-955F-CF4A7AC66001} - System32\Tasks\User_Feed_Synchronization-{58994032-6D2A-448B-AC4E-9521E2295E58} => C:\Windows\system32\msfeedssync.exe [14848 2019-12-07] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0615tb_rel.job => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe
Task: C:\Windows\Tasks\AVG_SYS_TASK_0615tb_DELETE.job => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S2 ApacheMS4WWebServerort8090; C:\ms4w\Apache\bin\httpd.exe [36864 2018-04-30] (Apache Software Foundation)
S2 Digi Net Mobile. RunOuc; C:\Program Files (x86)\Digi Net Mobile\UpdateDog\ouc.exe [655712 2012-03-15] (HUAWEI Technologies Co., Ltd. -> )
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21328 2014-02-24] (DTS, Inc. -> )
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent Inc -> WildTangent)
S2 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [1175552 2005-07-08] (hMailServer)
S2 hMailServerMySQL; C:\Program Files (x86)\hMailServer\MySQL\Bin\mysqld-nt.exe [2252800 2004-07-06] ()
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] (HUAWEI Technologies Co., Ltd. -> )
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation)
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14280 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S2 JetBrainsEtwHost.16; C:\Program Files\JetBrains\ETW Host\16\JetBrains.Etw.Collector.Host.exe [1484752 2022-01-25] (JetBrains s.r.o. -> JetBrains s.r.o)
S3 joomlaApache; C:\Bitnami\joomla-2.5.28-0\apache2\bin\httpd.exe [20992 2014-07-19] (Apache Software Foundation)
S3 joomlaMySQL; C:\Bitnami\joomla-2.5.28-0\mysql\bin\mysqld.exe [8146944 2014-09-08] ()
S2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266352 2023-06-27] (Malwarebytes Inc. -> Malwarebytes)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-29] (Microsoft Corporation -> Microsoft Corporation)
S2 MSSQL$SQLEXPRESS_2K8; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS_2K8\MSSQL\Binn\sqlservr.exe [62382256 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S2 MSSQL$SQLEXPRESS_ADV_2; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS_ADV_2K8\MSSQL\Binn\sqlservr.exe [62382256 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 MSSQLFDLauncher$SQLEXPRESS_ADV_2; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS_ADV_2K8\MSSQL\Binn\fdlauncher.exe [42168 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62382256 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2019-04-14] (StagWare)
S2 NetDrive2_Service_NetDrive2; C:\Program Files\NetDrive2\nd2svc.exe [851112 2018-02-20] (Bdrive Inc. -> )
S2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [92672 2018-05-07] (PostgreSQL Global Development Group)
S2 ReportServer$SQLEXPRESS_ADV_2; c:\Program Files\Microsoft SQL Server\MSRS10_50.SQLEXPRESS_ADV_2K8\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2194096 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [13312 2014-02-27] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-29] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS_2K8; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS_2K8\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS_ADV_2; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS_ADV_2K8\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [382976 2022-07-30] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
S2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1705752 2016-10-16] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [748664 2022-07-19] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinSMTPService; C:\Program Files (x86)\WinSMTPServer\Windows SMTP Server\Service\WinSMTPServer.exe [37888 2010-05-10] (Microsoft)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2198016 2018-08-28] (Sony)
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Achernar; C:\Windows\System32\Drivers\Achernar.sys [34104 2019-08-26] (An Chen Computer Co., Ltd. -> NewSoft Technology Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Corporation)
S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [694272 2022-07-30] (Microsoft Corporation)
S1 afunix; C:\Windows\system32\drivers\afunix.sys [48128 2022-07-30] (Microsoft Corporation)
S1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [34304 2022-07-30] (Microsoft Corporation)
S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [292352 2022-07-30] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2022-07-30] (Microsoft Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Windows (R) Win 7 DDK provider)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [117760 2022-07-30] (Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [287232 2022-07-30] (Microsoft Corporation)
S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [113664 2022-07-30] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-07-30] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2022-07-30] (Microsoft Corporation)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [45568 2022-07-30] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\drivers\bthpan.sys [133632 2019-12-07] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [1555968 2022-07-30] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [110592 2022-07-30] (Microsoft Corporation)
S1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [422080 2015-10-04] (EldoS Corporation -> EldoS Corporation)
S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [175616 2022-07-30] (Microsoft Corporation)
S1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [93696 2022-07-30] ()
S3 circlass; C:\Windows\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Corporation)
S3 cxwmbclass; C:\Windows\System32\drivers\cxwmbclass.sys [131072 2022-07-30] (Microsoft Corporation)
S1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [152064 2022-07-30] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Corporation)
S3 FwLnk; C:\Windows\System32\drivers\FwLnk.sys [9216 2013-08-20] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)
S1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Corporation)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [430080 2022-07-30] (Microsoft Corporation)
S3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [134656 2022-07-30] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [120320 2022-07-30] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Corporation)
S3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [44032 2022-07-30] (Microsoft Corporation)
S3 huawei_enumerator; C:\Windows\System32\drivers\ew_jubusenum.sys [90112 2012-04-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [47104 2022-07-30] (Microsoft Corporation)
S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [95232 2022-07-30] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [230400 2022-07-30] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [140800 2022-07-30] (Microsoft Corporation)
S2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [386048 2022-07-30] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [53248 2022-07-30] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [47104 2022-07-30] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\drivers\monitor.sys [83968 2022-07-30] (Microsoft Corporation)
S3 MpKsl326f77bd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3fcfd9ba; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl864af0ac; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9e886b65; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslc37b398a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslc7def631; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle289e1d5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle398c2a1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfc28907f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80193A82-2716-4DA3-BC65-6B99997C1CAE}\MpKslDrv.sys [141576 2022-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [165888 2022-07-30] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [34816 2022-07-30] (Microsoft Corporation)
S2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [757760 2022-07-30] (Microsoft Corporation)
S1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [135168 2022-07-30] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [28672 2022-07-30] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [208384 2022-07-30] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [208384 2022-07-30] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [93696 2022-07-30] (Microsoft Corporation)
S2 Ndu; C:\Windows\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [210944 2022-07-30] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [341504 2022-07-30] (Microsoft Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [48640 2022-07-30] (Microsoft Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [825344 2022-07-30] (Microsoft Corporation)
S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Corporation)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [102400 2022-07-30] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [20480 2022-07-30] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [114176 2022-07-30] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [110080 2022-07-30] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [86016 2022-07-30] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [169984 2022-07-30] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S2 rspndr; C:\Windows\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [44032 2022-07-30] (Microsoft Corporation)
S3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [322560 2022-07-30] (Microsoft Corporation)
S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation)
S2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [788480 2022-07-30] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [323584 2022-07-30] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [6656 2022-07-30] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [54784 2019-12-07] (Microsoft Corporation)
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [47816 2019-04-29] (Dynabook Inc. -> Dynabook Inc.)
S3 tosrfec; C:\Windows\System32\drivers\tosrfec.sys [37808 2019-04-29] (Dynabook Inc. -> Dynabook Inc.)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [37888 2022-07-30] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [129024 2019-12-07] (Microsoft Corporation)
S0 TVALZ_O; C:\Windows\System32\drivers\TVALZ_O.SYS [46088 2019-04-29] (Dynabook Inc. -> Dynabook Inc.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [160256 2022-07-30] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [113152 2022-07-30] (Microsoft Corporation)
S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [205312 2022-07-30] (Microsoft Corporation)
S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [43008 2022-07-30] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [81408 2022-07-30] (Microsoft Corporation)
S1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [252560 2022-07-19] (Oracle Corporation -> Oracle Corporation)
S1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1081592 2022-07-19] (Oracle Corporation -> Oracle Corporation)
S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation -> Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [77824 2022-07-30] (Microsoft Corporation)
S2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2022-07-30] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2022-07-30] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [93184 2022-07-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [452856 2022-07-22] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [967168 2022-07-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-22] (Microsoft Windows -> Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [261120 2022-07-30] (Microsoft Corporation)
S1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2022-06-22] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [107008 2019-12-07] (Microsoft Corporation)
S3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [23552 2022-07-30] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [136192 2022-07-30] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [322560 2022-07-30] (Microsoft Corporation)
S3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [322560 2022-07-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [322560 2022-07-30] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [332288 2022-07-30] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [51712 2022-07-30] (Microsoft Corporation)
S1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-03-11] (Zemana Ltd. -> Zemana Ltd.)
S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-03-11] (Zemana Ltd. -> Zemana Ltd.)
S2 CldFlt; system32\drivers\cldflt.sys [X]
UpperFilters: [{4D36E96B-E325-11CE-BFC1-08002BE10318}] -> [SynTP kbdclass]
LowerFilters: [{4D36E96A-E325-11CE-BFC1-08002BE10318}] -> [Achernar]
LowerFilters: [{4D36E97B-E325-11CE-BFC1-08002BE10318}] -> [Achernar]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-28 11:39 - 2023-07-28 11:39 - 000036864 _____ C:\BCD_backup_new

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-25 16:57 - 2017-03-16 23:39 - 000000000 ____D C:\FRST
2023-08-25 16:52 - 2023-07-18 08:07 - 000000000 _____ C:\Recovery.txt
2023-08-01 11:35 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\CbsTemp
2023-07-28 12:06 - 2019-12-07 01:14 - 000028672 _____ C:\Windows\System32\config\BCD-Template

==================== KnownDLLs (Whitelisted) =========================


==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2022-07-30 09:48] - [2022-07-30 09:48] - 000908800 _____ (Microsoft Corporation) D2F9C970FA1AF5EC45128497AB00B809

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2022-07-30 09:44] - [2022-07-30 09:44] - 005126776 _____ (Microsoft Corporation) D8F2FFB4A0842831337778C1A5E4FFD5

C:\Windows\SysWOW64\explorer.exe
[2022-07-30 09:51] - [2022-07-30 09:51] - 004501280 _____ (Microsoft Corporation) F96763F60D01C18487FA60FB5EA9A76B

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll
[2022-07-30 09:52] - [2022-07-30 09:52] - 001682256 _____ (Microsoft Corporation) 1520242D5F9AD99A8F5F934900326F10

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION

==================== Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2023-07-08 09:10
Restore point date: 2023-07-08 09:11

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 16296.09 MB
Available physical RAM: 14665.61 MB
Total Virtual: 16296.09 MB
Available Virtual: 14749.96 MB

==================== Drives ================================

Drive c: (TI31328800C) (Fixed) (Total:917.5 GB) (Free:381.33 GB) (Model: TOSHIBA MQ01ABD100H) NTFS
Drive e: () (Fixed) (Total:0.96 GB) (Free:0.41 GB) (Model: TOSHIBA MQ01ABD100H) NTFS
Drive f: (KINGSTON) (Removable) (Total:3.75 GB) (Free:3.75 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS

\\?\Volume{a0f855ee-e925-11e3-b355-cd2a6613a4a4}\ (System) (Fixed) (Total:1 GB) (Free:0.44 GB) NTFS
\\?\Volume{be2a2b91-345d-11e4-ad8b-008cfa84e550}\ (Recovery) (Fixed) (Total:11.82 GB) (Free:0.98 GB) NTFS
\\?\Volume{a0f855f6-e925-11e3-b355-cd2a6613a4a4}\ () (Fixed) (Total:0.09 GB) (Free:0.02 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=FAT32)
ErrorUnloadSoftware: 5
==================== End of FRST.txt ========================

 

[DR M]

The system is configured to boot to Safe Mode <==== ATTENTION

Have you set this before the computer started to have problems?

And how many antivirus? McAfee, Zemana, AVG...

Anyway, I don't see something bad in the log that could cause this boot issue.

Let's see if we can do a SFC using FRST.


1. Using the working computer

Prepare the fix

Open a notepad window (Start > All Programs > Accessories > Notepad), copy and paste the following code in it, and name it as fixlist.txt. Change the Save as Type to All Files and save it in the USB drive where the FRST64 is. Be careful to select the whole content of the code below.

HKU\antonc\...\Run: [Boxoft Tools] => "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun (No File)
Startup: C:\Users\antonc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deep Learning Studio Manager.lnk [2019-08-01]
ShortcutTarget: Deep Learning Studio Manager.lnk -> C:\windows\system32\config\systemprofile\AppData\Local\Programs\DeepLearningStudio\manager\deep-learning-studio-manager.exe (No File)
Task: {006FBD30-09E3-43F9-B442-930F657EF7D7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {077CF0D2-A68E-4FF2-B156-953041DDC8C3} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {0FCBADE1-8450-4C4D-BA2E-FB4AE180B0F7} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {1BCDBCD7-FE27-465D-BEA7-6D11E9867D9F} - \WPD\SqmUpload_S-1-5-21-2862995291-4010358840-3514252635-1001 -> No File <==== ATTENTION
Task: {1CDA546A-D3DB-4134-B661-92BD12D98D83} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {31889071-DDED-4EC9-86F5-A38A53C0386E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3AE61CBF-3109-46CE-A53B-5856A1E93D0B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3E816531-1895-411F-BF37-450136762A58} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4D352803-0A48-40ED-8976-9D875974E51F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4F84D132-C0E0-49BF-86F7-560A88C16FF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {558E123D-4F04-4D35-827A-D364719B6CB1} - \WPD\SqmUpload_S-1-5-21-2862995291-4010358840-3514252635-1017 -> No File <==== ATTENTION
Task: {6D94B5D9-EF2C-4FAE-97F1-F2E7E69341E1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6EC2EA8A-AEEF-44EC-81DC-E64A0C0B71ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {76969E90-5FE0-4319-9844-21DFE9A227A3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {795BB56C-8EDC-483D-9978-C0B4B13FC966} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7ACF7C6D-4F33-40E2-B01D-7FA1130ADA08} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {88DFD1D9-13DD-43C1-9EA9-F48434401709} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {BC5B069A-FED5-416D-A7EC-B47E500D71B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E4B64DB4-6DD4-4ABA-9478-D486EC6AEBD3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {529869E2-5C1C-4F06-B616-31F69E2370EE} - System32\Tasks\AVG_SYS_TASK_0615tb_DELETE => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe /CMPID=0615tb /CMPN_DELETE_ALL (No File)
Task: {2D0463EF-BB5A-4EC4-8BE1-8B133FC6D5AE} - System32\Tasks\AVG-Secure-Search-Update_0615tb_rel => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe --RELAUNCH=1 --CMPID=0615tb (No File)
Task: {EE33DCDE-D6FD-466F-A5FE-692864A5AD23} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (No File)
Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\WINDOWS\system32\rundll32.exe [71680 2022-07-30] (Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations
Task: {57C76B66-AD3C-4221-81FA-55045859B06F} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [16384 2019-12-07] (Microsoft Corporation)
Task: {3FC4BE91-4A96-48F5-8858-1628CB88EFB5} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [248320 2022-07-30] (Microsoft Corporation) -> %windir% /sysrepair
Task: {9D65432A-41AC-4A4E-B481-A3F61411339E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [210432 2022-07-30] (Microsoft Corp.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {C3C39353-4612-47E7-883D-89599023E915} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2862995291-4010358840-3514252635-1017 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {5B64BEAA-ABCE-4ADA-ABF6-57992F3E0E17} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2862995291-4010358840-3514252635-1017 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {F8CF3A0C-0382-41EE-B9D6-2FFD841D8AB9} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2862995291-4010358840-3514252635-1019 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {3C6963B4-E96F-4661-A850-7019EAEA2B7E} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe (No File)
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0615tb_rel.job => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe
Task: C:\Windows\Tasks\AVG_SYS_TASK_0615tb_DELETE.job => C:\ProgramData\Avg_Update_0615tb\AVG-Secure-Search-Update_0615tb.exe
S2 CldFlt; system32\drivers\cldflt.sys [X]
RemoveProxy:
CMD: SFC /scannow

2. Using the unbootable computer

1. Go to Advanced Options as you did before.
2. Select Command Prompt.
3. Insert the usb drive with the FRST and the fixlist.txt in it.
4. In the black window that will open type notepad and press on Enter.
5. Notepad will open. Click on the File menu and select Open.
6. Click on Computer, find the letter for your USB Flash Drive, then close the window and Notepad.
7. In the command prompt, type e:\frst64.exe and press on Enter. IMPORTANT: Replace the letter e with the drive letter of your USB Flash Drive.
8. FRST will open.
9. Click on Yes to accept the disclaimer.
10. Click on the Fix button and wait for the scan to complete.
11. A log called fixlog.txt will be saved on your USB Flash Drive.

3. Using the working computer

Use the usb drive to post the fixlog.txt in your next reply.

 

[amic_2023]

>>> Have you set this before the computer started to have problems?
It was set after your post #15 item 2, and I forgot to delete value or revert to normal! Sorry!

>>> And how many antivirus? McAfee, Zemana, AVG..
These are very old installations: McAfee came preinstalled (if I remember correctly); I installed the other two for some forgotten reasons, and were almost not used.

Attached you'll find the resulting log file.
Thank you.

 

[DR M]

Unfortunately:

Windows Resource Protection could not perform the requested operation.

Well, I'll ask if any of my colleagues can take a look into this. I'm afraid that if the system is corrupted, the solution is a clean install.

 

[DR M]

Please do what JSntgRvr will ask you to do next.

 

[JSntgRvr]

Two cents:

Lets check the disk the right way:


Insert the Media Tool. Turn On the computer and tap on the key to access the boot menu. From the menu, select the USB device where the media tool is inserted.

1. Click “Next” on the main wizard screen.
2. Click on the “Repair your computer” link.
3. Choose “Troubleshoot.”
4. Select “Advanced options.”
5. Click on the “Command Prompt” option.

At the command prompt type the following and press Enter.

BCDEDIT | Find "osdevice"

Take note of the drive letter shown as the "osdevice", then type the following and press Enter:

CHKDSK X: /R

Replace the X with the osdevice letter and press Enter. Once completed take a photograph of that window and upload it for us to see.

 

[amic_2023]

Hello,
Please find attached, as per your request #27, photos (start and finish of CHKDSK scan) as well as the log of the command execution.
Thank you.

 

[JSntgRvr]

The hard drive has bad sectors. That is the reason it takes over 6 hours to complete. Once a drive starts having bad sectors and clusters, it is prompt to fail soon thereafter. At this time you should backup all your personal data and replace the disk.

Thanks for using Sysnative for your needs.