All browsers "managed by organization," adding randomly named extensions and messing with sync etc

Status
Not open for further replies.
J

jasonjasonjason4

New Member
Thread author
May 30, 2024
3
had a random extension named some weird name for a few weeks, now its named FairyCubor (Version 5.8.3.1, ID klbldkkfmkmoaedladckafiinafpkhff not sure if this info is relevant but included it anyway)
stopped syncing my google account and passwords etc
honestly have no idea how to get rid of it
tried deleting similarly named files, redownloading chrome, but found out the extension is downloaded in bing as well under a different name, NymphEllipor (version 5.8.3.1, ID iejebdfnglkomhcphkihdciehkhmoldd)
both less than 1mb
both have given themselves permission to "Read and change all your data on all websites" and "Manage your apps, extensions, and themes"
haven't tried third party removal

dont even know where to start any help appreciated 🙏
 
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,599
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

In order to give you sound advice I need more information from your system.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Let me know what problems persists.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
if the download was from the site I provided you should restore the program from the Quarantine folder. It's SAFE.
====
 
J

jasonjasonjason4

New Member
Thread author
May 30, 2024
3
hi, thanks for your response
below is the pasted FRST log
attached is also the addition log


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.05.2024
Ran by (administrator) on (LENOVO 90RS0003US) (01-06-2024 10:29:53)
Running from C:\Users\jason\OneDrive\Desktop\FRST64.exe
Loaded Profiles:
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(A-Volute SAS -> A-Volute) C:\Users\jason\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.251.1.1\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.251.1.1\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.251.1.1\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <7>
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Discord Inc. -> Discord Inc.) C:\Users\jason\AppData\Local\Discord\app-1.0.9147\Discord.exe <6>
(drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\23.10.0.18\x64\MessagingPlugin.exe
(drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\23.10.0.18\x64\SystemNotificationPlugin.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\jason\AppData\Local\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Grammarly, Inc. -> Grammarly) C:\Users\jason\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(explorer.exe ->) (LITE-ON TECHNOLOGY CORP. -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(Lenovo -> Lenovo) C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_5fd99370bf1df8d2\Intel_PIE_Service.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_4\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvleig.inf_amd64_078fba7d34ea4479\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe <2>
(sihost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Dell Technologies) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
(svchost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Dell Technologies) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2\AWCC.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2405.1001.6.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2405.1001.6.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.3191.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\jason\AppData\Local\Microsoft\OneDrive\24.091.0505.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3522_none_e93c247a42e7cbb6\TiWorker.exe
(svchost.exe ->) (Spotify AB -> ) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Lenovo Fundamental USB Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe [2644472 2017-04-10] (LITE-ON TECHNOLOGY CORP. -> Lenovo)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe [1343072 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12698816 2022-05-28] (SteelSeries ApS -> SteelSeries ApS)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [544248 2024-04-25] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4379496 2024-05-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [Discord] => C:\Users\jason\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37426152 2024-03-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3593992 2024-05-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [PTOneClick] => C:\Users\jason\AppData\Local\WebEx\WebEx\Applications\ptoneclk.exe [7803728 2021-09-30] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\jason\AppData\Local\WebEx\WebexHost.exe [8083040 2023-12-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\jason\AppData\Local\slack\slack.exe [309568 2021-09-29] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1831432 2024-05-28] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe [85416 2024-02-18] (Lenovo -> Lenovo)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [72121616 2024-05-28] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [CiscoSpark] => C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1483 2024-02-06] () [File not signed]
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [Grammarly] => C:\Users\jason\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [237664 2024-05-29] (Grammarly, Inc. -> Grammarly)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [MicrosoftEdgeAutoLaunch_73CCCB9940FA2BC03725E83190A0B55F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139976 2023-05-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Run: [GoogleUpdaterTaskUser127.0.6490.0] => C:\Users\jason\AppData\Local\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-80282135-2228444176-2881759982-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [180224 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3593992 2024-05-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-06-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (All) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {99317636-F663-4DD9-ACB9-1F75F468392C} - System32\Tasks\Agent Activation Runtime\S-1-5-21-80282135-2228444176-2881759982-1001 => C:\Windows\System32\AgentActivationRuntimeStarter.exe [36864 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F1D23307-47D9-4CFD-A9DA-57B7C3641916} - System32\Tasks\ArtificiusUpdater => C:\Program Files (x86)\Web Framework Solutions\Web Framework\ArtificiusUpdater.exe [1271296 2024-05-14] (Web Framework Solutions) [File not signed] -> C:\Program Files (x86)\Web Framework Solutions\Web Framework\\/silentall -nogui -nofreqcheck
Task: {AC7FB9EA-B5AC-43BF-8DA2-7418786E2289} - System32\Tasks\AWCC\Update => C:\Program Files (x86)\InstallShield Installation Information\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}\Update\IMSilentUpdate.exe [19888 2023-04-07] (Dell Inc -> )
Task: {98C95B82-641C-4D89-A816-C590ACE86309} - System32\Tasks\ChromsteraUpdater => C:\Program Files (x86)\Chromstera Browser Solutions\Chromstera Browser\ChromsteraUpdater.exe [1221432 2023-11-22] (Dragon Boss Solutions LLC -> Chromstera Browser Solutions)
Task: {0B028F37-C8BB-4A79-AF22-C78D3151F095} - System32\Tasks\GoogleUpdateTaskMachineCore{FA6D0910-7E09-4DF8-8CD8-FA96E7E855D9} => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c (No File)
Task: {4107D9C3-A9EA-435D-8AFF-50E9DE481B3A} - System32\Tasks\GoogleUpdateTaskMachineUA{AD2ECC2F-5EB4-4B3A-A1E0-0508F27458D5} => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler (No File)
Task: {6EE5C230-DEEC-4060-AA63-F990C7E397E1} - System32\Tasks\GoogleUser\GoogleUpdater\GoogleUpdaterTaskUser127.0.6490.0{12667B8C-2822-4A97-A122-F514F64CDD0A} => C:\Users\jason\AppData\Local\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {2BAC0FEE-B589-451D-8BDC-8860C43F9B5F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {ABB450D9-4560-4370-A448-75ED24A72A4D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {AFD9E13D-77F5-44CA-870C-4ED27A892503} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {17A00B85-3B84-49B2-ADA1-63BD33432EE8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\19066196-9c7f-476d-9250-f51f36642fa7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {001D6608-A26B-410D-A6D6-36A765981BC3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\579030ac-a459-4e5c-a19a-19c1670431f6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DABD0242-7568-46BD-B5AE-493B7D26676F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7c01b6b6-8d6d-44b2-b5a1-150d13384729 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {FAB14686-6E95-41A0-B14A-3FDF4EC28F8C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7d85661c-03e6-4bb3-afc6-68c42d7e13a3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {68699F8D-03AA-4DE6-A76C-175DD0FA5DD8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cbfce907-8313-4728-9efb-9dfbe4b06167 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5B0A2701-0464-41C8-93D0-73BA45A46885} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {4C7A474A-3E4B-4C8C-8BA4-7CD702A6EFAF} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90600 2023-11-02] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle
Task: {3F1E31B2-C6CB-498D-9067-739C6F8642A5} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {E63936F6-4B87-42A7-BE5B-4E8CC6B7C20E} - System32\Tasks\Lenovo\UDC\MessagingPlugin\a20bb5db-a6ad-46a9-ae1a-c1f48b0d7451 => C:\Windows\System32\drivers\Lenovo\udc\Service\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {7016C04F-9E8A-466D-9E26-97A8112DD945} - System32\Tasks\Lenovo\UDC\SystemNotificationPlugin\e06e92ee-b35f-4edb-b420-4ef64c60ed64 => C:\Windows\System32\drivers\Lenovo\udc\Service\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {CD559CDB-FE57-4095-AF22-40BA2B816CF6} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {8BEAF9A6-6ABE-4327-8551-3E2A3DCC13FF} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {27435277-20C5-4A5D-BAAF-69E9F556476F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {76A34384-C56D-4966-82D2-23D00473F7B2} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {35DF4239-5D01-4BB6-93B6-6207F4D23DE5} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {0B4A6999-8D7E-4CB9-900E-373F73B0E55F} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {9037AC8C-874B-4021-90C4-761163D3C3BA} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {334F61A6-0264-4F3D-8197-175F403BA23A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {E9536173-94DE-4C49-B2B3-493D8E32E016} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {B0390B8C-76EB-43D0-ADEE-E94500ADCB5B} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {FF55CD23-E962-45E0-B4C4-C8D71ECFAD51} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {55E5428E-AD42-4DBB-AE8B-688287E7C31A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {1E254DC2-8EA5-466D-BEC3-C71196FC2F9C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {995FC93C-FFA4-4DD5-9898-80B5346AB3FC} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {87FE94B1-2872-42E4-8B95-CBE1FFE9EDFD} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565040 2023-07-17] (McAfee, LLC -> McAfee, LLC)
Task: {5162ACAF-5CB7-4F37-A41C-F4AF3300ABEF} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.117\DADUpdater.exe [4098112 2024-05-22] (McAfee, LLC -> McAfee, LLC)
Task: {0EE0B927-8077-4F5C-B7CB-2BE3E419C7A5} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {47ACE546-E62B-430A-BBB6-7E9A655A0E03} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {3C385764-DD2F-4DF8-A463-97BE0FA38107} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {D7D6A611-6A2A-40EB-9745-D737257C28D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BF06F1C-9827-4B81-9FF8-7E47077016BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3156796-6065-4EA3-AC2B-E31BDC98ADDB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {65A7741C-2197-415F-8DB2-261CF7B92911} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F1359E2-2C10-4FE8-BDA5-4BA2B4F409E1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6BB5B741-69DE-4E52-914B-CBFFC52C404A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23968 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBFEDF74-1A17-48F0-B37A-7ADAED0914CF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23968 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC754107-B52C-48E5-8B29-01AD49F1647E} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23968 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CB045F6-5131-4640-AB74-D47DE86B8A3D} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23968 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5E83E2D-143E-49E6-B96C-971EC3C5BF4B} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\WINDOWS\system32\msdrm.dll [589824 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8552C3E2-2D12-40F2-B13A-FA42D29E5719} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} C:\WINDOWS\system32\msdrm.dll [589824 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E6AB4FB2-67BA-4583-B2B7-C52325DF9ABF} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager => {DECA92E0-AF85-439E-9204-86679978DA08} C:\WINDOWS\System32\AppLockerCsp.dll [368640 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {2253C553-D724-4CE8-A459-6BADDD6BD1A1} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\WINDOWS\system32\appidpolicyconverter.exe [155648 2024-02-15] (Microsoft Windows -> Microsoft Corporation)
Task: {31A64D24-2FE8-463A-B6F0-7C15089C6916} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\WINDOWS\system32\appidcertstorecheck.exe [77824 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {7B339E6E-DEBB-4B78-97CE-1B96E086DCD6} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {7B339E6E-DEBB-4B78-97CE-1B96E086DCD6} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {7B339E6E-DEBB-4B78-97CE-1B96E086DCD6} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start InventorySvc
Task: {33599088-5B26-470A-8CD9-ACC4E9A51940} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [212992 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {645AE3F4-2ABB-4B23-BBCC-8501D777B798} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> Startupscan.dll,SusRunTask
Task: {D55F099B-3763-4B18-9F78-B04FE5AFAA23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe [143360 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {54428BB2-CDBF-4F58-B1C7-4A2745A4D909} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe [143360 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {FB49BEA1-5957-4647-BCFE-2B83CDA4D9F1} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {0E869B11-147B-4795-98D3-649FE1E3A990} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe [36864 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8E714508-6CD1-4C0F-9912-7258D49DCD9C} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [122880 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {68840FE2-84C1-412D-8ACB-0BD360083004} - System32\Tasks\Microsoft\Windows\AppListBackup\BackupNonMaintenance => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [122880 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {97641BEA-ADC8-4A1D-9E72-83C15C2492AE} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {35ACBC88-ECAF-4F94-A9E0-E9DAE554F3BD} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [61440 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {87BF85F4-2CE1-4160-96EA-52F554AA28A2} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations
Task: {BD30B767-86C3-4867-8DDE-468207782635} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0D4BE8DF-7A6C-4556-BFF6-83F41962C96A} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BC0A6097-F752-4DF9-A567-0D788B2215D2} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [65536 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {668E3F45-47C5-4203-A02C-83DD53CFC71F} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask => {E984D939-0E00-4DD9-AC3A-7ACA04745521}
Task: {DBD4DF58-41C5-41B6-87F2-0570DC25513F} - System32\Tasks\microsoft\windows\capabilityaccessmanager\maintenancetasks => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance
Task: {C0FDF5FF-5EDB-4087-8D0B-F1B205BD1985} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\WINDOWS\system32\ngctasks.dll [208896 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8C2E9C62-8331-4C94-AEE5-AF03005EBB79} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\WINDOWS\system32\ngctasks.dll [208896 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8A9C643C-3D74-4099-B6BD-9C6D170898B1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\WINDOWS\system32\ngctasks.dll [208896 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {783B6DB9-F677-4B5D-B83D-A5BF02CFA79C} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\WINDOWS\system32\dimsjob.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CDAF9C56-11EF-4B4C-A1B1-BF1701698DF8} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\WINDOWS\system32\dimsjob.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {B0EF7ED7-B26A-4AF8-B38A-6ED43481B871} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\WINDOWS\system32\dimsjob.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7F60B74A-8CF4-48D0-91A2-7DCA116C055F} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [36864 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {16F7BCDB-6EF9-438D-AD58-C20706600F62} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [266240 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir% /sysrepair
Task: {D1871301-47D9-4F14-AC6B-B201181F1D14} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\WINDOWS\system32\ClipUp.exe [1133608 2024-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0AE55DFD-F51D-40DA-AB08-39B8EC339D10} - System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask => {E4544ABA-62BF-4C54-AAB2-EC246342626C} C:\Windows\System32\CloudExperienceHostBroker.exe [95600 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {12A8F0AB-43DD-4DAF-B563-B9E2754F9ABD} - System32\Tasks\Microsoft\Windows\CloudRestore\Backup => {722D0F89-B69C-4700-AE8C-4A44350E4876} C:\WINDOWS\System32\CloudRestoreLauncher.dll [1560576 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {C93A8F56-3118-4552-97A7-1E235AB30E77} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {b4bcfa6f-948d-46b8-bf27-e8b1117e23b3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [1560576 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {90522BD2-429A-42F6-94A9-E2B6130F9F72} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [339968 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {FC931F16-B50A-472E-B061-B6F79A71EF59} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\WINDOWS\System32\wsqmcons.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {6FAC31FA-4A85-4E64-BFD5-2154FF4594B3} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {C27F6B1D-FE0B-45E4-9257-38799FA69BC8} C:\WINDOWS\System32\usbceip.dll [135168 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {734A05CE-0032-469E-8138-CEA91DA79E32} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [348160 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8671A68F-C164-414A-A795-09B2F69A53F6} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [348160 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {784AF2C8-E51B-4A5E-96AB-15AA8D184C48} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [348160 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D2E0C8C0-68F3-4B54-BBC4-5F5B6F15B159} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\WINDOWS\system32\defrag.exe [245760 2022-05-07] (Microsoft Windows -> Microsoft Corp.)
Task: {A6A52288-35BE-4837-BE85-B761556430D7} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\WINDOWS\system32\devicecensus.exe [161136 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {EE2A7214-396B-4365-9626-042EC2D5A211} - System32\Tasks\Microsoft\Windows\Device Information\Device User => C:\WINDOWS\system32\devicecensus.exe [161136 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B7BA9F05-0DE2-48A0-8282-F3A6045DA118} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh => {23C1F3CF-C110-4512-ACA9-7B6174ECE888} C:\WINDOWS\System32\DeviceSetupManagerAPI.dll [77824 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {69AED3CF-EA05-4F8A-B1C9-61932D0D416A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {29EE7F89-D736-4C7B-91CF-768E8BFB5EBF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {47418E7A-3D8A-4404-8583-5FBD177E6B24} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B76559E7-75DF-43A9-9BFD-B7D55EDCEB5F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {7AD275CC-8B31-488D-9CD1-E9DB1AD6BED2} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8AD0C8A3-C7AC-4D34-B4C7-041DA757A671} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {4DD76740-A576-4329-9319-6E5B6B0C3022} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {49091D37-DABD-4CAD-8B70-D46897191FEA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B8D19533-CAD4-4AFA-8C17-FC1403200571} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F2E72BD-4C76-4B00-BC86-679E5342E6E2} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {4C19AA19-EA45-4B56-B072-789D50834329} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {C7261ACA-12F4-4801-B01F-BD4376FFB32E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\WINDOWS\system32\DeviceDirectoryClient.dll [360448 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {800AF3F2-FCAD-4C3A-8B30-207D1E199724} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\WINDOWS\System32\MitigationClient.dll [548864 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {3AF4D753-A89E-4A06-AF4E-C84241F0252D} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\WINDOWS\System32\sdiagschd.dll [81920 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {50FE9304-0CB0-421B-8E66-E49FF48945F1} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [180224 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D61BD1DD-BF28-45A8-9C95-85204916F70E} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [135168 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D9983D3D-AF4E-45C5-A192-F18785A04E3A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [299008 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> /autocleanstoragesense /d %systemdrive%
Task: {C68DEF50-9094-469B-8AE1-7B82DE1329FB} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {6376CE14-030D-4F53-8A24-89C55FF5240B} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\WINDOWS\system32\DFDWiz.exe [73728 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {987F6860-11F5-47B3-889B-0A3D064576EE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe [94208 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {78047350-A556-4C53-8578-7367082577BF} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => {AB2A519B-03B0-43CE-940A-A73DF850B49A} C:\WINDOWS\system32\StorageUsage.dll [315392 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {58C089C2-D45A-4181-98E8-A433A6EAA443} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\WINDOWS\System32\dusmtask.exe [94208 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {3DBFC239-EDC6-4114-B4A5-4AC2B63F657A} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {A40C01E9-DD2D-40A0-A4F1-A8D3085B97CC} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D664962D-5B5A-4F4D-8877-F3C4227A281F} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E4BFD560-AA57-4425-92CE-CB1F606E81F1} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\WINDOWS\System32\edptask.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {699BE337-B3D2-42EE-BAF4-4B9E9170D563} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\WINDOWS\system32\MDMAgent.exe [172032 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {61618F71-B230-4968-A79E-878D8A14D097} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh => {711001CD-CC1D-4470-9B7E-1EF73849C79E} C:\WINDOWS\System32\MitigationConfiguration.dll [131072 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {72D8350D-2AD9-4985-B7D5-20EB350C06E1} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe [163840 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {ED7855F7-43B3-4128-A7BE-BF01801AD0B1} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\WINDOWS\system32\dmclient.exe [163840 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CF83D93E-BA20-4111-9576-C96A14835C99} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) => {89917B7C-A1A6-11DF-8BF6-18A90531A85A} C:\WINDOWS\System32\fhtask.dll [77824 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1D1BEC57-7750-4100-A82C-4E870A8698E0} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => {59EECBFE-C2F5-4419-9B99-13FE05FF2675} C:\Windows\System32\fcon.dll [532480 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F38415AE-C6F9-4BA2-90EF-B5DD1C22894A} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing => {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} C:\Windows\System32\fcon.dll [532480 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {02FBC562-F033-4D52-82EE-2FDE09AA08F7} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting => {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} C:\Windows\System32\fcon.dll [532480 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {93C42387-B3EC-4109-A83E-FB2B7B7B85C3} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache => {E07647F7-AED2-48D9-9720-939BC24A8A3C} C:\Windows\System32\wosc.dll [409600 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [196608 2024-05-14] (Microsoft Windows -> )
Task: {CBD822DB-49DB-4CAD-86F2-EFEDB23BEA51} - System32\Tasks\Microsoft\Windows\Input\InputSettingsRestoreDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {11A80B81-D6FB-4428-A139-8EEB91070198} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {A3CE0E34-C299-4CFC-8EDB-7221738111D7} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8A964770-AC2F-4507-8454-1738424D0733} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9DAA5357-3BA9-4E7E-B855-BAFAC99D80AE} - System32\Tasks\microsoft\windows\input\syncpensettings => {3ECEE215-83F5-4123-A592-74F1FE4C3D59} C:\WINDOWS\System32\SettingsHandlers_Pen.dll [499712 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B3DF892A-0803-4848-B585-4DA987E4BDC6} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {80EAF390-2BDF-4636-B048-EFCE795A08E3} - System32\Tasks\Microsoft\Windows\InstallService\RestoreDevice => {7f019157-05c8-473f-8664-2ba04a090dc8} C:\WINDOWS\System32\InstallServiceTasks.dll [364544 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BBCC93D2-D7FF-4938-9F92-7DF894E9D8FA} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates => {a558c6a5-b42b-4c98-b610-bf9559143139} C:\Windows\System32\InstallServiceTasks.dll [364544 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {64A5B0EF-854A-4671-8C61-296693C98021} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser => {ddafaea2-8842-4e96-bade-d44a8d676fdb} C:\Windows\System32\InstallServiceTasks.dll [364544 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E739FC9A-FEAA-4DA5-A69A-45E4E29C71F7} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry => {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} C:\Windows\System32\InstallServiceTasks.dll [364544 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {3AA5AA10-57B5-47EA-BE9B-F8B5499ABB92} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates => {0dc331ee-8438-49d5-a721-e10b937ce459} C:\Windows\System32\InstallServiceTasks.dll [364544 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D597D8FC-90D9-47E2-BA21-0A987B6C5FFD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates => {d5a04d91-6fe6-4fe4-a98a-feb4500c5af7} C:\Windows\System32\InstallServiceTasks.dll [364544 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {280FB626-96A0-40B9-A33E-86C27A7A8B10} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [228784 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {6FCE18D9-CE70-4E10-BC52-E8BF4C43FE76} - System32\Tasks\Microsoft\Windows\Kernel\La57Cleanup => C:\WINDOWS\system32\la57setup.exe [36864 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {070B737F-6A39-4088-97A5-7624244F417C} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [258048 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {2C77F3AF-ED76-4042-908C-387080E2301B} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources => {D0582E3B-3126-4CAA-9155-AC37C912A489} C:\WINDOWS\System32\LanguageOverlayServer.dll [618496 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {7DAF22A5-8ECE-47E1-919A-F3096D746FC6} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [258048 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {57999191-4508-4B15-A71C-600C0C4F6294} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange => {77646A68-AD14-4D53-897D-7BE4DDE5F929} C:\Windows\System32\TempSignedLicenseExchangeTask.dll [98304 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe [102400 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D4B24E40-29B2-4C11-B099-A5C0CCD8556B} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe [77824 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F97DD845-7FED-47F5-969D-4676ED770554} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\WINDOWS\system32\WinSATAPI.dll [380928 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {A120AD1B-7097-4C69-9E62-F48FFE8BCD66} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [217088 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {43BD31EF-7D4A-4BE6-A2BA-62127959D14A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [217088 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CCD6CDEA-7C64-4BFB-9EB2-5AF26DA04B37} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\WINDOWS\system32\ProvTool.exe [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9C88D42B-6058-46C0-AF51-B164A1AAB4DE} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\WINDOWS\system32\ProvTool.exe [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {AEA3E6CF-44EF-4781-B0B1-3CE5A8A7D038} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\WINDOWS\system32\MdmDiagnosticsTool.exe [90112 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0E5F08D6-F262-4B80-AE60-4346EBEEF28C} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry => C:\WINDOWS\system32\ProvTool.exe [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {6EB82CE0-3634-4004-AC48-843D88AD2BA8} - System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot => C:\WINDOWS\system32\ProvTool.exe [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B1CE11D3-01E9-4E98-AD9E-32BD594B4DFF} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask => {9885AEF2-BD9F-41E0-B15E-B3141395E803} C:\WINDOWS\System32\mapstoasttask.dll [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {A4000BDE-9CB9-4BE4-A7E0-F98BAA4980FC} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask => {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} C:\WINDOWS\System32\mapsupdatetask.dll [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {31A432BB-D3C3-4C4B-844B-AD58C776CF89} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents => {8168e74a-b39f-46d8-adcd-7bed477b80a3} C:\WINDOWS\System32\MemoryDiagnostic.dll [57344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {F2C678CB-210C-45A0-8C78-FB28DB1FFD02} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic => {8168e74a-b39f-46d8-adcd-7bed477b80a3} C:\WINDOWS\System32\MemoryDiagnostic.dll [57344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {1905C3A0-3C4E-4691-B066-B55AD8945FF4} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\WINDOWS\system32\lpremove.exe [106496 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {91000DF4-3188-4A37-BCC0-D5CAF07C7604} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\WINDOWS\System32\PlaySndSrv.dll [143360 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1169460A-DB63-4AC1-8823-39864DDC78CD} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\WINDOWS\system32\gatherNetworkInfo.vbs [90704 2022-05-07] (Microsoft Windows -> )
Task: {0A713CE7-5766-4234-8AB7-ED652205B2B6} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [185840 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {115F05E9-28A0-48D5-A2A0-F71E61B95CE2} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [69632 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {17EB9B75-0638-4C79-86FB-6A4CBC0ABBAE} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9CAD9ED1-8C9E-4007-9904-919022FB3AFD} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {36A83D1B-5DAC-43E6-8ED3-878520340588} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy => {60400283-B242-4FA8-8C25-CAF695B88209} C:\Windows\System32\pnppolicy.dll [81920 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {37D056AC-1FC2-46E2-A639-81F21E974872} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required => {48794782-6A1F-47B9-BD52-1D5F95D49C1B} C:\Windows\System32\pnpui.dll [73728 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8FC62341-782D-4627-B9A8-4FA8653925A8} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\WINDOWS\System32\drvinst.exe [380928 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {95FE2315-4715-4B80-8158-D9AA3FFE11D7} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE} C:\WINDOWS\System32\energytask.dll [49152 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5C770B07-E063-4588-B334-C029AE68B5CB} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [122880 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B0BF14AC-CEC8-4769-835E-4BA20FAE90E5} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [163840 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {646A47B2-B399-4126-ADC2-8A1CAC8768B2} - System32\Tasks\Microsoft\Windows\Printing\PrintJobCleanupTask => {8ABCE260-32B6-476C-AE13-B34D0C91292D} C:\Windows\System32\PrinterCleanupTask.dll [163840 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D469257A-4BF6-4F49-9FD7-3B967887817A} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start pushtoinstall login
Task: {3401FB23-8D36-424A-98A2-CEAD2D43DC2E} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start pushtoinstall registration
Task: {819408A0-FD49-40E6-9DF1-2A4F71F72517} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {C463A0FC-794F-4FDF-9201-01938CEACAFA} C:\WINDOWS\system32\rasmbmgr.dll [86016 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CD2B4AA3-2DA2-48D6-B46F-2C01D51C17F6} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047} C:\WINDOWS\System32\ReAgentTask.dll [36864 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {0392E658-5E71-453F-A33B-A0236FF3E4B5} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {CA767AA8-9157-4604-B64B-40747123D5F2} C:\WINDOWS\System32\regidle.dll [36864 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {15101401-21BD-4F19-AE17-20FF4E6CC7C6} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\WINDOWS\system32\RAServer.exe [159744 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\/offerraupdate
Task: {564EB0F7-6B33-45FD-996F-34E146F60606} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => {752073A1-23F2-4396-85F0-8FDB879ED0ED} C:\WINDOWS\servicing\TrustedInstaller.exe [226688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {328CFB8A-B6FE-45A7-B0D0-6A588CD67879} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {F7D94533-B9C2-4869-8866-0D3436873233} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask => {990A9F8F-301F-45F7-8D0E-68C5952DBA43} C:\WINDOWS\system32\shell32.dll [8823272 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CE486984-DC95-4C4A-9B22-3B4057686F0D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\WINDOWS\System32\wpcmon.exe [1216232 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0E07F737-03F6-4FF4-9EDA-D9D551D3E90A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask => {C844C79D-AED8-4DCE-AB25-4D359BED84F8} C:\WINDOWS\System32\WpcRefreshTask.dll [1093632 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {5737DEED-B5B0-452B-A00E-7E13613ED41E} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance => {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} C:\WINDOWS\System32\srchadmin.dll [286720 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {A614CC12-6697-48F7-AD95-C02E494F444A} - System32\Tasks\Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState => {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} C:\Windows\System32\Windows.UI.Immersive.dll [1523712 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1226FEB2-961D-415E-97B0-55EA0EDE30A9} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [196608 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E144A629-B5F6-4AD0-AC37-BDBF20129A1C} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1523712 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {14A21AD8-1B7C-435C-BB29-560DF56A95D0} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe [450560 2024-02-15] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {156B8368-F1B8-4558-8A83-22014840ED4A} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe [450560 2024-02-15] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {6BE7CEDD-0A56-4ABF-9F7F-660453CDBFE7} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\WINDOWS\System32\sppcext.dll [630784 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D1B42785-344A-4572-BD31-095E300AB644} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\WINDOWS\System32\sppcext.dll [630784 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0DABCC2F-4323-4492-AF06-B4A2F5548414} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\WINDOWS\System32\sppcext.dll [630784 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {DDD99011-81AC-438E-8AFF-EDFB93F9D8C7} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\WINDOWS\system32\SpaceAgent.exe [208896 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {2E9D660E-8966-4316-BB8C-6B8BF6913AB5} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\WINDOWS\system32\spaceman.exe [108000 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F8701795-0889-4E6F-9C01-DA5EB82A9139} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\WINDOWS\system32\speech_onecore\common\SpeechModelDownload.exe [200704 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {4046856E-F5BB-452E-BC8F-9A3FB2E0E6A6} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {264AABAC-D5E5-48BA-8E8C-1B0228413F80} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [344064 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {FE478BF7-B323-4809-A1C0-0019EAAD3FB8} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\WINDOWS\system32\defrag.exe [245760 2022-05-07] (Microsoft Windows -> Microsoft Corp.)
Task: {DA69DFA4-D534-48C8-901D-513E24CAF3D3} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [214384 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1FB863B8-6D59-42E3-A8E9-DA1336BD01E2} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [214384 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8FDF9F7F-07CD-4546-8A96-EAE9A4B9AE95} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => {17C82257-654E-4C47-8E23-DCA24EAA76A0} C:\WINDOWS\system32\sysmain.dll [1019904 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {90C8B444-7047-4B72-B79A-3F855D55F7FC} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} C:\WINDOWS\system32\sysmain.dll [1019904 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {7096FD01-69C9-4F0B-890E-215E1BC14B64} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync => {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} C:\WINDOWS\system32\sysmain.dll [1019904 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F7778C5A-D073-4A3B-816B-B4A0C5D6245B} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> sysmain.dll,PfSvWsSwapAssessmentTask
Task: {4F30BF1B-1F72-489A-B643-1782B8B5AB9B} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\WINDOWS\system32\srtasks.exe [77824 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {9FDBD88F-F89C-413A-BD74-F8B611D96994} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855FEC53-D2E4-4999-9E87-3414E9CF0FF4} C:\WINDOWS\system32\wdc.dll [786432 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {70C3F267-1488-4516-BC50-1BA53E3F0A1B} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} C:\WINDOWS\system32\MsCtfMonitor.dll [114688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D19A2229-9E50-4B0E-9D92-049BB934BBA6} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime => {A31AD6C2-FF4C-43D4-8E90-7101023096F9} C:\WINDOWS\system32\TimeSyncTask.dll [40960 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7A8F201E-8745-48FF-B1D5-BFD3BD1EE5F2} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start w32time task_started
Task: {7D99D4B1-C2F3-4863-B58A-51495CD7C713} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [71680 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {4E726BFB-8B1F-4E35-9493-9BB969C27E88} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {2DB35DC2-229C-427D-9321-966297D0D5CF} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\WINDOWS\system32\TpmTasks.dll [344064 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0BB36A32-0D9E-4297-AFD7-6BD7B5DB4C9B} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [374240 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BE8418CB-AEFA-4838-BDDE-C5DB0A64FDBD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {AFE6C9FE-A883-4FAD-9349-F05568AEAE6F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {9D35A576-E3CA-4E65-9F54-C7FA783F98E8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {476E8CFA-78E2-4C51-854E-538F8643B4FD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {85AA0561-3AA8-49C3-93E1-CC821AC091F9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E33C4444-53B1-4F21-B19C-4A68C42AF821} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {341B2255-6A6B-442A-AF5A-C610B7DBE12D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {844720B4-115F-4CA9-B6A7-67AFD598184C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {965BD9BE-652D-4C98-98ED-A52A4D876A65} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {764DDB74-CB08-4E0A-8580-B41F94F2C7BE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Start Oobe Expedite Work => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1908FADE-5149-4FD3-855F-7787BBF3C5C8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B4FBEFA9-6F7C-4C74-A891-3774B7BCD072} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9CBBFAAE-DB9F-48B4-BAC0-4CFF482A4E01} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScanAfterUpdate => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {B53BD60A-5823-411C-9C75-AA91DB3C35F8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task => C:\WINDOWS\system32\usoclient.exe [81920 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {5A9B960C-3E34-45A8-BB28-4D90D9739F5D} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> config upnphost start= auto
Task: {BA2D7E09-CCF2-48F1-BF8A-0325763006AA} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications => {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} C:\Windows\System32\UsbTask.dll [90112 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {82B1C22A-B366-4596-B9C5-5F6EA1990ADB} - System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask => {BA677074-762C-444B-94C8-8C83F93F6605} C:\WINDOWS\system32\profsvc.dll [626688 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F3FF985-4535-470A-BB1A-60795DE0B3E4} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} C:\WINDOWS\system32\WaaSMedicPS.dll [49152 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F3FF985-4535-470A-BB1A-60795DE0B3E4} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} C:\WINDOWS\System32\WaaSMedicSvc.dll [90112 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {70570095-076B-4A52-93AE-4659EC465538} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} C:\WINDOWS\system32\WaaSMedicPS.dll [49152 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {70570095-076B-4A52-93AE-4659EC465538} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} C:\WINDOWS\System32\WaaSMedicSvc.dll [90112 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0605535E-067C-4445-A999-2158CF515465} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [185840 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BE69C4BA-5D43-47ED-A19E-9E27D3A1C9B0} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} C:\WINDOWS\System32\wdi.dll [114688 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BAD4AECC-F4A6-436D-9995-E5C94B31C121} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {00545983-8DAB-488F-BB59-0A42463FD563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE16FC09-7005-4F2A-81D7-49C04323359C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2916C61-85B4-4D2E-A352-03236E316DF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E3176A65-4E44-4ED3-AA73-3283660ACB9C} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\WINDOWS\system32\wermgr.exe [275824 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9A1DB74C-AE95-4D62-9076-A43D16F71DB2} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\system32\rundll32.exe [73728 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> bfe.dll,BfeOnServiceStartTypeChange
Task: {F614CED7-223D-4F1E-B185-A4054F280287} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [94208 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9BF20A50-726A-4FF3-9689-4726C673C4B3} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490D-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [786512 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {975B4398-4C74-4233-9569-3DE9CE78916F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [144264 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {A17D2CEF-69AE-4626-B564-4056366FC252} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start wuauserv
Task: {14A19FBE-5F4D-4671-9866-6491D5563048} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358B920-0AC7-461F-98F4-58E32CD89148} C:\WINDOWS\system32\wininet.dll [5232544 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {55F0E3B4-CB69-483F-B8C7-3DA3D10BA893} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync => {B0D2B535-12E1-439F-86B3-BADA289510F0} C:\Windows\System32\WiFiCloudStore.dll [376832 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [925696 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {442B0B6E-735B-4B24-917B-4D723B2A443B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\WINDOWS\system32\WofTasks.dll [49152 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {3D198469-9465-405A-A21E-3744F1FB611F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\WINDOWS\system32\WofTasks.dll [49152 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7BA44995-BE4B-466A-95AE-090E29A6F82D} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => {97D47D56-3777-49FB-8E8F-90D7E30E1A1E} C:\Windows\System32\WorkFoldersShell.dll [249856 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {9693EA55-2106-4281-9195-6106D0B24708} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} C:\Windows\System32\WorkFoldersShell.dll [249856 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {3B083D1E-A3BC-4CEF-812A-DC3AA8D92A32} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe [458752 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
Task: {FE3DCB27-078C-412B-92EF-7D2217F0AEE5} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync => {C662D912-E4D6-44A3-89A0-20550514951D} C:\Windows\System32\dsregtask.dll [45056 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
Task: {8428D294-B8D7-4856-A911-6AAE5F0F9606} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\WINDOWS\System32\dsregcmd.exe [458752 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
Task: {E8EC9161-94CA-4B9E-9CC9-AA0C6D101FFF} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\WINDOWS\System32\WiFiTask.exe [185840 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D05966FD-4423-4D67-926B-6A5F7BDA238F} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [598016 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {941389BF-2920-4801-89A4-D8644E46FA47} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\WINDOWS\System32\XblGameSaveTask.exe [57344 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D89323B2-BF04-4D31-ABB1-F24E80A7F47C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [213920 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DF6EC9B-60BC-4158-818A-99D3238FDAE5} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [213920 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {68F7082B-85D3-4F3A-AE45-FF5FDA12A634} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {F3CF8372-2095-445F-B4DE-6402F6C27246} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {8053A1A3-0535-4712-B464-83434F7056A4} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-80282135-2228444176-2881759982-1001 => C:\Users\jason\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {598A38C5-02A2-4DED-A3A7-656900B78759} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-80282135-2228444176-2881759982-1001 => C:\Users\jason\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB097344-4802-4DB0-9D64-9F1D5F7204D5} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-80282135-2228444176-2881759982-500 => C:\Users\jason\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {682FCBEF-F70E-42F5-8717-AFFA022E7F80} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-05-28] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {1BC81DE0-49BA-4A8A-8D5C-CF1E556290F4} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [544248 2024-04-25] (Razer USA Ltd. -> Razer Inc.)
Task: {54B001D1-6FEE-4E5F-B76C-72A39197F821} - System32\Tasks\UniversalUpdater => C:\Program Files (x86)\Web Browser Solutions\Web Browser\UniversalUpdater.exe [1271296 2024-05-27] (Web Browser Solutions) [File not signed] -> C:\Program Files (x86)\Web Browser Solutions\Web Browser\\/silentall -nogui -nofreqcheck

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.64.1.1
Tcpip\..\Interfaces\{b5a075cb-a441-430a-add6-dbb193014459}: [DhcpNameServer] 10.64.1.1
Tcpip\..\Interfaces\{d6c10bb2-629b-44a6-b037-9323740c9678}: [DhcpNameServer] 9.10.10.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jason\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-01]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=LCTE
Edge Extension: (Google Docs Offline) - C:\Users\jason\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-10]
Edge Extension: (NymphEllipor) - C:\Users\jason\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iejebdfnglkomhcphkihdciehkhmoldd [2024-05-21] [UpdateUrl:hxxps://disablenotificationupdate.com/crx/updates.php] <==== ATTENTION
Edge Extension: (Edge relevant text changes) - C:\Users\jason\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-10]
Edge Extension: (Apps Helper) - C:\apps-helper [2023-11-25]
Edge Extension: (Apps Helper) - C:\appsDDhelper [2024-05-27]
Edge HKLM-x32\...\Edge\Extension: [iejebdfnglkomhcphkihdciehkhmoldd] - C:\\Users\\jason\\AppData\\Local\\apps.crx [2023-11-25]

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-06-04] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-06-04] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default [2024-06-01]
CHR Notifications: Default -> hxxps://app.slack.com; hxxps://malwaretips.com; hxxps://meet.google.com; hxxps://spark.adobe.com; hxxps://www.pinterest.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.bing.com/?FORM=SLBRDF&PC=SL07"
CHR Extension: (BetterTTV) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-05-31]
CHR Extension: (Nyan Cat Progress Bar for YouTube™) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdjaekjkckpdknkfncfnaibkabdcgmkg [2024-05-27]
CHR Extension: (Kami for Google Chrome™) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk [2024-05-27]
CHR Extension: (Dark Reader) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-05-27]
CHR Extension: (Google Docs Offline) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-05-27]
CHR Extension: (Chrome Audio Capture) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2024-05-27]
CHR Extension: (FairyCubor) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbldkkfmkmoaedladckafiinafpkhff [2024-05-27] [UpdateUrl:hxxps://disablenotificationupdate.com/crx/updates.php] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-27]
CHR Extension: (PowerSchool Grade Calculator) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\omoffjbdckolacanfbappkfdaacmbjnd [2024-05-27]
CHR Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2024-05-30]
CHR Extension: (Apps Helper) - C:\apps-helper [2023-11-25]
CHR Extension: (Apps Helper) - C:\appsDDhelper [2024-05-27]
CHR Profile: C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-05-27]
CHR Extension: (Nematoda) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdeoboheiadiadejclhplejhfofaiohp [2024-05-27] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-27]
CHR Profile: C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-05-27]
CHR Extension: (Nematoda) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bdeoboheiadiadejclhplejhfofaiohp [2024-05-27] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION
CHR Extension: (Better Canvas) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cndibmoanboadcifjkjbdpjgfedanolh [2024-05-27]
CHR Extension: (Dark Reader) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-05-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-05-27]
CHR Extension: (Google Docs Offline) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-27]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-27]
CHR Extension: (Boxel Rebound) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iginnfkhmmfhlkagcmpgofnjhanpmklb [2024-05-27]
CHR Extension: (GPemu) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jhficiigpnhhaojldmanflihieepanbb [2024-05-27]
CHR Extension: (Tasks for Canvas™) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kabafodfnabokkkddjbnkgbcbmipdlmb [2024-05-27]
CHR Extension: (Geometry Dash Strategy Game - HTML5 Game) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lgngoflnfecmgofdhciehddbjhffopha [2024-05-27]
CHR Extension: (Boxel 3D) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mjjgmlmpeaikcaajghilhnioimmaibon [2024-05-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-27]
CHR Extension: (PowerSchool Grade Calculator) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\omoffjbdckolacanfbappkfdaacmbjnd [2024-05-27]
CHR Extension: (Sticky Notes 3.5 - Super Quick & Personal) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\plpdjbappofmfbgdmhoaabefbobddchk [2024-05-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klbldkkfmkmoaedladckafiinafpkhff] - C:\\Users\\jason\\AppData\\Local\\apps.crx [2023-11-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [20904 2024-03-02] (Dell Inc -> Dell Technologies)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15689512 2024-03-13] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588712 2024-04-25] (Razer USA Ltd. -> Razer Inc.)
S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-07-28] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-03] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-11-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [879456 2024-05-17] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe [797576 2021-06-04] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\McCSPServiceHost.exe [2825792 2021-05-12] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1161032 2022-07-14] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669200 2021-05-28] (McAfee, LLC -> McAfee, LLC)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [12917888 2024-01-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-06-26] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-05-28] (Overwolf Ltd -> Overwolf LTD)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288320 2021-04-21] (McAfee, LLC -> McAfee, LLC)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2023-06-14] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-05-14] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [32960 2022-05-28] (SteelSeries ApS -> )
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9649288 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvleig.inf_amd64_078fba7d34ea4479\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvleig.inf_amd64_078fba7d34ea4479\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2336008 2023-03-13] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [3311416 2023-03-13] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42456 2021-06-26] (IndiLogic LLC -> Dell Inc.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [5121296 2024-03-21] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [80400 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [550944 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390664 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85952 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [527368 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1037320 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [590032 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [120512 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [121352 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [257552 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 MpKsle9263656; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{41A1ADC3-66EB-4961-84FE-902DF44939C6}\MpKslDrv.sys [271648 2024-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 rawaccel; C:\WINDOWS\system32\drivers\rawaccel.sys [50176 2022-08-18] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_9e453ab47cf9cf42\rt68cx21x64.sys [652256 2022-06-07] (Realtek Semiconductor Corp. -> Realtek)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0083; C:\WINDOWS\System32\drivers\RzDev_0083.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [47784 2022-05-03] (SteelSeries ApS -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_6f6e907eca1efa31\SteelSeries-Sonar-VAD.sys [89568 2022-03-23] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21935504 2024-04-24] (Riot Games, Inc. -> Riot Games, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-06-01 10:29 - 2024-06-01 10:30 - 000103305 _____ C:\Users\jason\OneDrive\Desktop\FRST.txt
2024-06-01 10:23 - 2024-06-01 10:30 - 000000000 ____D C:\FRST
2024-06-01 10:19 - 2024-06-01 10:19 - 002395136 _____ (Farbar) C:\Users\jason\OneDrive\Desktop\FRST64.exe
2024-06-01 10:19 - 2024-06-01 10:19 - 000386340 _____ C:\WINDOWS\system32\prfh0804.dat
2024-06-01 10:19 - 2024-06-01 10:19 - 000122418 _____ C:\WINDOWS\system32\prfc0804.dat
2024-06-01 10:16 - 2024-06-01 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2024-05-30 21:00 - 2024-05-30 21:00 - 000785708 _____ C:\Users\jason\Downloads\Kami Export - 4.1.1.A StatisticalDataExploration - 2.pdf
2024-05-30 20:19 - 2024-05-30 20:19 - 000248089 _____ C:\Users\jason\Downloads\Kami Export - Inside Out Note Taker Student.pdf
2024-05-30 19:50 - 2024-05-30 19:50 - 000002507 _____ C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-30 19:50 - 2024-05-30 19:50 - 000002476 _____ C:\Users\jason\OneDrive\Desktop\Google Chrome.lnk
2024-05-30 19:49 - 2024-05-30 19:49 - 008712256 _____ (Google LLC) C:\Users\jason\Downloads\ChromeSetup (3).exe
2024-05-30 19:49 - 2024-05-30 19:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUser
2024-05-30 19:48 - 2024-05-30 19:48 - 008712256 _____ (Google LLC) C:\Users\jason\Downloads\ChromeSetup (2).exe
2024-05-30 19:48 - 2024-05-30 19:48 - 008712256 _____ (Google LLC) C:\Users\jason\Downloads\ChromeSetup (1).exe
2024-05-29 20:16 - 2024-05-29 20:16 - 000613540 _____ C:\Users\jason\Downloads\4.1.1.A Probability.pdf
2024-05-29 20:14 - 2024-05-29 20:14 - 002554051 _____ C:\Users\jason\Downloads\4.1.1.A Probability.pptx
2024-05-27 20:54 - 2024-05-27 20:54 - 000003790 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{AD2ECC2F-5EB4-4B3A-A1E0-0508F27458D5}
2024-05-27 20:54 - 2024-05-27 20:54 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{FA6D0910-7E09-4DF8-8CD8-FA96E7E855D9}
2024-05-27 20:00 - 2024-05-27 20:00 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-80282135-2228444176-2881759982-1001
2024-05-27 20:00 - 2024-05-27 20:00 - 000002386 _____ C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-27 19:50 - 2024-05-27 19:50 - 000004252 _____ C:\WINDOWS\system32\Tasks\UniversalUpdater
2024-05-22 19:51 - 2024-05-22 19:51 - 001161818 _____ C:\Users\jason\Downloads\2023JLazoff_ABCMedForms.pdf
2024-05-21 21:06 - 2024-05-21 21:06 - 000000000 ____D C:\ProgramData\obs-studio
2024-05-21 17:00 - 2024-05-21 17:00 - 000004270 _____ C:\WINDOWS\system32\Tasks\ArtificiusUpdater
2024-05-21 16:07 - 2024-05-21 16:07 - 000097402 _____ C:\Users\jason\Downloads\camp nobe working papers - Jason Lazoff.pdf
2024-05-20 20:50 - 2024-05-20 20:50 - 000000000 ____D C:\ProgramData\Web Framework Solutions
2024-05-19 16:41 - 2023-04-22 13:15 - 000000223 _____ C:\Users\jason\OneDrive\Desktop\Detroit Become Human.url
2024-05-19 16:41 - 2022-06-05 19:36 - 000000222 _____ C:\Users\jason\OneDrive\Desktop\Grounded.url
2024-05-19 16:41 - 2022-01-01 02:12 - 000000368 _____ C:\Users\jason\OneDrive\Desktop\Rocket League®.url
2024-05-19 16:41 - 2021-11-21 16:19 - 000000223 _____ C:\Users\jason\OneDrive\Desktop\Halo Infinite.url
2024-05-19 16:41 - 2021-10-29 21:44 - 000000223 _____ C:\Users\jason\OneDrive\Desktop\Apex Legends.url
2024-05-17 05:32 - 2024-05-17 05:32 - 000000000 ____D C:\Program Files (x86)\Web Framework Solutions
2024-05-11 20:05 - 2024-05-11 20:05 - 120750144 _____ (Google LLC) C:\Users\jason\Downloads\ChromeStandaloneSetup64.exe
2024-05-11 20:03 - 2024-05-11 20:03 - 001376816 _____ (Google LLC) C:\Users\jason\Downloads\ChromeSetup.exe
2024-05-11 18:41 - 2024-05-11 18:41 - 000813984 _____ C:\Users\jason\Downloads\Control Systems - Hydraulic Power.pdf
2024-05-11 18:01 - 2024-05-11 18:01 - 000041648 _____ C:\Users\jason\Downloads\hazardous weather training done.pdf
2024-05-11 16:42 - 2024-05-11 16:42 - 000426613 _____ C:\Users\jason\Downloads\unlawful workplace harrassment done.pdf
2024-05-11 15:13 - 2024-05-11 15:13 - 000042073 _____ C:\Users\jason\Downloads\ypt done.pdf
2024-05-11 12:21 - 2024-05-11 12:21 - 000808791 _____ C:\Users\jason\Downloads\youth-protection-training-instructions-certificate-upload.pdf
2024-05-11 12:20 - 2024-05-11 12:20 - 000399606 _____ C:\Users\jason\Downloads\hazardous-weather-training-instructions-certificate-upload.pdf
2024-05-11 12:20 - 2024-05-11 12:20 - 000000000 ____D C:\ProgramData\Web Browser Solutions
2024-05-10 21:38 - 2024-05-10 21:38 - 000000000 ____D C:\Program Files (x86)\Web Browser Solutions
2024-05-10 21:26 - 2024-05-10 21:26 - 000000000 ____D C:\Users\jason\AppData\Roaming\Web Browser Solutions
2024-05-10 21:21 - 2024-05-10 21:21 - 000000000 ____D C:\Users\jason\AppData\LocalLow\Pixel Gun Team
2024-05-10 21:13 - 2024-05-10 21:13 - 000000223 _____ C:\Users\jason\OneDrive\Desktop\Pixel Gun 3D PC Edition.url
2024-05-05 16:49 - 2024-05-05 16:49 - 000001704 _____ C:\Users\jason\Downloads\MicrosoftWindows.Client.CBS_cw5n1h2txyewy!InputApp.pem
2024-05-05 15:51 - 2024-05-05 15:51 - 000600825 _____ C:\Users\jason\Downloads\APES - Unit 4 Review.pdf
2024-05-05 15:50 - 2024-05-05 15:50 - 000143884 _____ C:\Users\jason\Downloads\APES - Unit 2 Review.pdf
2024-05-05 15:47 - 2024-05-05 15:47 - 000035508 _____ C:\Users\jason\Downloads\8.11, 8.12, 8.13, 8.14, 8.15 Notes.pdf
2024-05-03 05:18 - 2024-05-03 05:18 - 000327259 _____ C:\Users\jason\Downloads\Magnetism Test - Take Home-1.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-06-01 10:23 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-01 10:23 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-01 10:19 - 2023-01-27 02:22 - 001304156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-01 10:19 - 2022-05-07 01:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-01 10:15 - 2021-07-19 19:59 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-06-01 10:14 - 2021-06-30 13:08 - 000000000 ____D C:\Users\jason\AppData\Roaming\discord
2024-06-01 10:13 - 2024-02-06 21:42 - 000000000 ____D C:\Users\jason\AppData\Local\CiscoSpark
2024-06-01 10:13 - 2024-01-06 19:55 - 000002338 _____ C:\Users\jason\OneDrive\Desktop\Thunderstore Mod Manager.lnk
2024-06-01 10:13 - 2022-11-22 18:52 - 000002338 _____ C:\Users\jason\OneDrive\Desktop\Valorant Tracker.lnk
2024-06-01 10:13 - 2022-11-16 13:26 - 000000000 ____D C:\Users\jason\AppData\Local\Discord
2024-06-01 10:13 - 2022-08-18 16:47 - 000000000 ____D C:\Users\jason\AppData\Local\Overwolf
2024-06-01 10:13 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-01 10:13 - 2021-06-26 21:53 - 000000000 ___RD C:\Users\jason\OneDrive
2024-06-01 10:12 - 2023-01-27 02:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-01 10:12 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-01 10:12 - 2021-06-01 22:35 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-01 10:12 - 2021-06-01 22:23 - 000021520 _____ C:\WINDOWS\system32\wpbbin.exe
2024-06-01 10:11 - 2022-05-07 01:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-05-31 16:16 - 2021-10-23 16:32 - 000000000 ____D C:\Users\jason\AppData\Local\D3DSCache
2024-05-31 16:14 - 2022-08-18 16:48 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-05-30 21:48 - 2023-01-27 02:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-30 21:19 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-30 20:17 - 2021-06-26 22:00 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-30 19:49 - 2021-06-26 22:00 - 000000000 ____D C:\Users\jason\AppData\Local\Google
2024-05-29 20:14 - 2021-06-26 21:51 - 000000000 ____D C:\Users\jason\AppData\Local\Packages
2024-05-29 19:21 - 2021-12-09 21:30 - 000001448 _____ C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2024-05-29 19:21 - 2021-12-09 21:30 - 000001446 _____ C:\Users\jason\OneDrive\Desktop\Grammarly.lnk
2024-05-29 19:21 - 2021-12-09 21:30 - 000000000 ____D C:\Users\jason\AppData\Local\Grammarly
2024-05-27 21:05 - 2023-07-28 18:17 - 000003960 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2024-05-27 20:00 - 2023-01-27 02:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-80282135-2228444176-2881759982-1001
2024-05-27 19:52 - 2023-01-27 02:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AWCC
2024-05-27 19:52 - 2022-04-20 19:49 - 000000000 ____D C:\Program Files (x86)\Dell
2024-05-27 19:50 - 2024-05-01 21:34 - 000000000 ____D C:\appsDDhelper
2024-05-27 19:50 - 2024-04-13 19:21 - 000722424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-05-27 19:50 - 2023-11-25 14:23 - 000012773 _____ C:\Users\jason\AppData\Local\apps.crx
2024-05-27 19:50 - 2022-10-20 22:16 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-05-27 19:50 - 2022-10-20 22:16 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-05-27 19:50 - 2021-11-22 19:51 - 000206328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-05-27 19:50 - 2021-06-26 21:54 - 002729464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-05-27 19:50 - 2021-06-26 21:54 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-05-27 19:50 - 2021-06-26 21:54 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-05-27 19:41 - 2022-05-07 01:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-05-27 19:39 - 2023-01-27 02:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2024-05-21 22:39 - 2023-01-26 21:04 - 000000000 ____D C:\Users\jason
2024-05-21 21:12 - 2021-06-01 22:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-20 20:55 - 2021-09-14 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-05-19 22:10 - 2021-06-28 22:39 - 000000000 ____D C:\Program Files (x86)\Steam
2024-05-19 00:56 - 2021-07-19 17:51 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-05-19 00:10 - 2022-06-09 21:45 - 000000016 _____ C:\ProgramData\mntemp
2024-05-19 00:10 - 2021-07-19 17:51 - 000000000 ____D C:\ProgramData\Riot Games
2024-05-19 00:10 - 2021-07-09 20:30 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-05-19 00:10 - 2021-06-01 22:28 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-05-19 00:10 - 2021-06-01 22:28 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-05-19 00:10 - 2021-06-01 22:28 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-05-19 00:10 - 2021-06-01 22:28 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-05-19 00:10 - 2021-06-01 22:28 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-05-19 00:06 - 2024-03-15 21:52 - 000000000 ____D C:\Users\jason\AppData\Roaming\riot-client-ux
2024-05-17 05:45 - 2020-05-06 14:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-14 22:17 - 2023-01-27 02:19 - 000652184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-14 22:16 - 2023-10-13 21:40 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-14 22:16 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-14 22:16 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-14 22:09 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-14 22:06 - 2023-01-27 02:19 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-14 21:58 - 2021-06-28 22:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-14 21:56 - 2021-06-28 22:31 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-14 21:41 - 2021-06-26 21:52 - 000000000 ____D C:\Users\jason\AppData\Local\CrashDumps
2024-05-14 21:34 - 2022-11-16 13:26 - 000002256 _____ C:\Users\jason\OneDrive\Desktop\Discord.lnk
2024-05-12 15:23 - 2023-08-21 14:17 - 000000000 ____D C:\Users\jason\AppData\Roaming\CurseForge
2024-05-12 15:21 - 2021-06-28 23:24 - 000000000 ____D C:\Users\jason\AppData\Roaming\.minecraft
2024-05-11 20:05 - 2021-06-26 22:01 - 000000000 ____D C:\Program Files\Google
2024-05-11 12:23 - 2021-06-27 13:29 - 000000000 ____D C:\Users\jason\AppData\Local\Steam
2024-05-10 22:43 - 2023-10-22 15:07 - 000000000 ____D C:\Users\jason\AppData\Local\GeometryDash
2024-05-10 21:13 - 2021-06-27 13:33 - 000000000 ____D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-05-07 00:34 - 2021-09-14 21:14 - 000000000 ____D C:\Users\jason\AppData\Local\Razer
2024-05-07 00:34 - 2021-09-14 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2024-05-05 16:08 - 2021-06-26 21:54 - 000000000 ____D C:\Users\jason\AppData\Local\Comms

==================== Files in the root of some directories ========

2023-11-25 14:23 - 2024-05-27 19:50 - 000012773 _____ () C:\Users\jason\AppData\Local\apps.crx

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

Attachments

  • Addition.txt
    68.1 KB · Views: 2
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,599
Hi,

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

p.s.
Ths fix wiill reset also the Wndows Defender to it's original settings.

After the fix you you want you to ENABLE McAfee's Virus and Firewall. This will automatically disable Windows defender. Your call.
 

Attachments

  • Fixlist.txt
    13 KB · Views: 5
J

jasonjasonjason4

New Member
Thread author
May 30, 2024
3
yes, I apologize, I thought I had sent a message and I hadn't
i appreciate you checking back, the fix worked and i have no sign of the organization anywhere on my computer
thanks sm for your awesome help youre actually the best
 

Attachments

  • Fixlog.txt
    37.4 KB · Views: 1
  • Like
Reactions: kylprq
Status
Not open for further replies.

Similar threads

T
  • Locked
Chrome has "Managed by your organisation" message, casued by virus, and Edge has extension FelisCatus that I cannot remove or disable
Replies
6
Views
1,471
Windows Malware Removal Help & Support
nasdaq
nasdaq
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
16,330
Other security for Windows, Mac, Linux
Warencom
W
jmoreno12
    • Like
  • Locked
Infected with plankjock.com trojan
Replies
4
Views
4,461
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top