Logfile of HiJackThis+ (Plus) build 2024-04-18 Alpha v.3.4.0.9 Platform: x64 Windows 11 (Pro), 10.0.22631.2861 (ReleaseId: 2009, 23H2), Service Pack: 0 Time: 24.07.2024 - 15:58 (UTC-03:00) Language: OS: Portuguese (0x416). Display: Portuguese (0x416). Non-Unicode: Portuguese (0x416) Memory: 10038 MiB Free. Loading RAM (37 %), CPU (1 %) Elevated: Yes Ran by: J (group: Administrators; type: Local) on COMPROVE, FirstRun: yes Internet Explorer: 11.0.22621.1 Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge) Boot mode: Normal (Secure Boot: On) Scan mode: Environment variables; Don't hide Microsoft Environment variables: [System] ComSpec = C:\Windows\system32\cmd.exe DriverData = C:\Windows\System32\Drivers\DriverData OS = Windows_NT Path = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\ PATHEXT = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE = AMD64 PSModulePath = C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules TEMP = C:\Windows\TEMP TMP = C:\Windows\TEMP USERNAME = SYSTEM windir = C:\Windows NUMBER_OF_PROCESSORS = 16 PROCESSOR_LEVEL = 23 PROCESSOR_IDENTIFIER = AMD64 Family 23 Model 96 Stepping 1, AuthenticAMD PROCESSOR_REVISION = 6001 [User] Path = C:\Users\J\AppData\Local\Microsoft\WindowsApps; TEMP = C:\Users\J\AppData\Local\Temp TMP = C:\Users\J\AppData\Local\Temp OneDrive = C:\Users\J\OneDrive [Current process] =:: = ::\ ALLUSERSPROFILE = C:\ProgramData APPDATA = C:\Users\J\AppData\Roaming CommonProgramFiles = C:\Program Files (x86)\Common Files CommonProgramFiles(x86) = C:\Program Files (x86)\Common Files CommonProgramW6432 = C:\Program Files\Common Files COMPUTERNAME = COMPROVE ComSpec = C:\Windows\system32\cmd.exe DriverData = C:\Windows\System32\Drivers\DriverData HOMEDRIVE = C: HOMEPATH = \Users\J LOCALAPPDATA = C:\Users\J\AppData\Local LOGONSERVER = \\COMPROVE NUMBER_OF_PROCESSORS = 16 OneDrive = C:\Users\J\OneDrive OS = Windows_NT Path = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\J\AppData\Local\Microsoft\WindowsApps PATHEXT = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE = x86 PROCESSOR_ARCHITEW6432 = AMD64 PROCESSOR_IDENTIFIER = AMD64 Family 23 Model 96 Stepping 1, AuthenticAMD PROCESSOR_LEVEL = 23 PROCESSOR_REVISION = 6001 ProgramData = C:\ProgramData ProgramFiles = C:\Program Files (x86) ProgramFiles(x86) = C:\Program Files (x86) ProgramW6432 = C:\Program Files PSModulePath = C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules PUBLIC = C:\Users\Public SystemDrive = C: SystemRoot = C:\Windows TEMP = C:\Users\J\AppData\Local\Temp TMP = C:\Users\J\AppData\Local\Temp USERDOMAIN = Comprove USERDOMAIN_ROAMINGPROFILE = Comprove USERNAME = J USERPROFILE = C:\Users\J windir = C:\Windows __COMPAT_LAYER = DetectorsAppHealth Installer Special folders: [CLSID] 3D Objects = C:\Users\J\3D Objects AccountPictures = C:\Users\J\AppData\Roaming\Microsoft\Windows\AccountPictures Administrative Tools = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools AppData = C:\Users\J\AppData\Roaming AppDataDesktop = C:\Users\J\AppData\Local\Desktop AppDataDocuments = C:\Users\J\AppData\Local\Documents AppDataFavorites = C:\Users\J\AppData\Local\Favorites AppDataProgramData = C:\Users\J\AppData\Local\ProgramData Application Shortcuts = C:\Users\J\AppData\Local\Microsoft\Windows\Application Shortcuts AppMods = C:\Users\J\AppMods Cache = C:\Users\J\AppData\Local\Microsoft\Windows\INetCache Camera Roll = C:\Users\J\Pictures\Camera Roll CameraRollLibrary = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries\CameraRoll.library-ms Captures = C:\Users\J\Videos\Captures CD Burning = C:\Users\J\AppData\Local\Microsoft\Windows\Burn\Burn Common Administrative Tools = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools Common AppData = C:\ProgramData Common Desktop = C:\Users\Public\Desktop Common Documents = C:\Users\Public\Documents Common Programs = C:\ProgramData\Microsoft\Windows\Start Menu\Programs Common Start Menu = C:\ProgramData\Microsoft\Windows\Start Menu Common Start Menu Places = C:\ProgramData\Microsoft\Windows\Start Menu Places Common Startup = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp Common Templates = C:\ProgramData\Microsoft\Windows\Templates CommonDownloads = C:\Users\Public\Downloads CommonMusic = C:\Users\Public\Music CommonPictures = C:\Users\Public\Pictures CommonRingtones = C:\ProgramData\Microsoft\Windows\Ringtones CommonVideo = C:\Users\Public\Videos Contacts = C:\Users\J\Contacts Cookies = C:\Users\J\AppData\Local\Microsoft\Windows\INetCookies CredentialManager = C:\Users\J\AppData\Roaming\Microsoft\Credentials CryptoKeys = C:\Users\J\AppData\Roaming\Microsoft\Crypto Desktop = C:\Users\J\Desktop Development Files = C:\Users\J\AppData\Local\DevelopmentFiles Device Metadata Store = C:\ProgramData\Microsoft\Windows\DeviceMetadataStore DocumentsLibrary = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms Downloads = C:\Users\J\Downloads DpapiKeys = C:\Users\J\AppData\Roaming\Microsoft\Protect Favorites = C:\Users\J\Favorites Fonts = C:\Windows\Fonts GameTasks = C:\Users\J\AppData\Local\Microsoft\Windows\GameExplorer History = C:\Users\J\AppData\Local\Microsoft\Windows\History ImplicitAppShortcuts = C:\Users\J\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts Libraries = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries Links = C:\Users\J\Links Local AppData = C:\Users\J\AppData\Local Local Documents = C:\Users\J\Documents Local Downloads = C:\Users\J\Downloads Local Music = C:\Users\J\Music Local Pictures = C:\Users\J\Pictures Local Videos = C:\Users\J\Videos LocalAppDataLow = C:\Users\J\AppData\LocalLow LocalizedResourcesDir = C:\Windows\resources\0416 MusicLibrary = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms My Music = C:\Users\J\Music My Pictures = C:\Users\J\Pictures My Video = C:\Users\J\Videos NetHood = C:\Users\J\AppData\Roaming\Microsoft\Windows\Network Shortcuts OEM Links = C:\ProgramData\OEM Links OneDrive = C:\Users\J\OneDrive OneDriveCameraRoll = C:\Users\J\OneDrive\Pictures\Camera Roll OneDriveDocuments = C:\Users\J\OneDrive\Documents OneDriveMusic = C:\Users\J\OneDrive\Music OneDrivePictures = C:\Users\J\OneDrive\Pictures Original Images = C:\Users\J\AppData\Local\Microsoft\Windows Photo Gallery\Original Images Personal = C:\Users\J\Documents PhotoAlbums = C:\Users\J\Pictures\Slide Shows PicturesLibrary = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms Playlists = C:\Users\J\Music\Playlists PrintHood = C:\Users\J\AppData\Roaming\Microsoft\Windows\Printer Shortcuts Profile = C:\Users\J ProgramFiles = C:\Program Files (x86) ProgramFilesCommon = C:\Program Files (x86)\Common Files ProgramFilesCommonX86 = C:\Program Files (x86)\Common Files ProgramFilesX86 = C:\Program Files (x86) Programs = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs Public = C:\Users\Public PublicAccountPictures = C:\Users\Public\AccountPictures PublicGameTasks = C:\ProgramData\Microsoft\Windows\GameExplorer PublicLibraries = C:\Users\Public\Libraries Quick Launch = C:\Users\J\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch Recent = C:\Users\J\AppData\Roaming\Microsoft\Windows\Recent Recorded Calls = C:\Users\J\Recorded Calls RecordedTVLibrary = C:\Users\Public\Libraries\RecordedTV.library-ms ResourceDir = C:\Windows\resources Ringtones = C:\Users\J\AppData\Local\Microsoft\Windows\Ringtones Roamed Tile Images = C:\Users\J\AppData\Local\Microsoft\Windows\RoamedTileImages Roaming Tiles = C:\Users\J\AppData\Local\Microsoft\Windows\RoamingTiles SampleMusic = C:\Users\Public\Music\Sample Music SamplePictures = C:\Users\Public\Pictures\Sample Pictures SampleVideos = C:\Users\Public\Videos\Sample Videos SavedGames = C:\Users\J\Saved Games SavedPictures = C:\Users\J\Pictures\Saved Pictures SavedPicturesLibrary = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries\SavedPictures.library-ms Screenshots = C:\Users\J\Pictures\Screenshots Searches = C:\Users\J\Searches SearchHistoryFolder = C:\Users\J\AppData\Local\Microsoft\Windows\ConnectedSearch\History SearchTemplatesFolder = C:\Users\J\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates SendTo = C:\Users\J\AppData\Roaming\Microsoft\Windows\SendTo Start Menu = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu Startup = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp System = C:\Windows\system32 SystemCertificates = C:\Users\J\AppData\Roaming\Microsoft\SystemCertificates SystemX86 = C:\Windows\SysWOW64 Templates = C:\Users\J\AppData\Roaming\Microsoft\Windows\Templates ThisPCDesktopFolder = C:\Users\J\Desktop User Pinned = C:\Users\J\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned UserProfiles = C:\Users UserProgramFiles = C:\Users\J\AppData\Local\Programs UserProgramFilesCommon = C:\Users\J\AppData\Local\Programs\Common VideosLibrary = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms Windows = C:\Windows [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] AppData = %USERPROFILE%\AppData\Roaming Cache = %USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache Cookies = %USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies Desktop = %USERPROFILE%\Desktop Favorites = %USERPROFILE%\Favorites History = %USERPROFILE%\AppData\Local\Microsoft\Windows\History Local AppData = %USERPROFILE%\AppData\Local My Music = %USERPROFILE%\Music My Pictures = %USERPROFILE%\Pictures My Video = %USERPROFILE%\Videos NetHood = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts Personal = %USERPROFILE%\Documents PrintHood = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts Programs = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs Recent = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent SendTo = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo Start Menu = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu Startup = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Templates = %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates {374DE290-123F-4565-9164-39C4925E467B} = %USERPROFILE%\Downloads [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] AppData = C:\Users\J\AppData\Roaming Local AppData = C:\Users\J\AppData\Local CD Burning = C:\Users\J\AppData\Local\Microsoft\Windows\Burn\Burn {1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE} = C:\Users\J\AppData\Roaming\Microsoft\Windows\Libraries My Video = C:\Users\J\Videos My Pictures = C:\Users\J\Pictures Desktop = C:\Users\J\Desktop History = C:\Users\J\AppData\Local\Microsoft\Windows\History NetHood = C:\Users\J\AppData\Roaming\Microsoft\Windows\Network Shortcuts {56784854-C6CB-462B-8169-88E350ACB882} = C:\Users\J\Contacts {00BCFC5A-ED94-4E48-96A1-3F6217F21990} = C:\Users\J\AppData\Local\Microsoft\Windows\RoamingTiles Cookies = C:\Users\J\AppData\Local\Microsoft\Windows\INetCookies Favorites = C:\Users\J\Favorites SendTo = C:\Users\J\AppData\Roaming\Microsoft\Windows\SendTo Start Menu = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu My Music = C:\Users\J\Music Programs = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs Recent = C:\Users\J\AppData\Roaming\Microsoft\Windows\Recent PrintHood = C:\Users\J\AppData\Roaming\Microsoft\Windows\Printer Shortcuts {7D1D3A04-DEBB-4115-95CF-2F29DA2920DA} = C:\Users\J\Searches {374DE290-123F-4565-9164-39C4925E467B} = C:\Users\J\Downloads {A520A1A4-1780-4FF6-BD18-167343C5AF16} = C:\Users\J\AppData\LocalLow Startup = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Administrative Tools = C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools Personal = C:\Users\J\Documents {BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968} = C:\Users\J\Links Cache = C:\Users\J\AppData\Local\Microsoft\Windows\INetCache Templates = C:\Users\J\AppData\Roaming\Microsoft\Windows\Templates {4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4} = C:\Users\J\Saved Games Fonts = C:\Windows\Fonts [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] Common AppData = %ProgramData% Common Desktop = %PUBLIC%\Desktop Common Documents = %PUBLIC%\Documents Common Programs = %ProgramData%\Microsoft\Windows\Start Menu\Programs Common Start Menu = %ProgramData%\Microsoft\Windows\Start Menu Common Startup = %ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup Common Templates = %ProgramData%\Microsoft\Windows\Templates CommonMusic = %PUBLIC%\Music CommonPictures = %PUBLIC%\Pictures CommonVideo = %PUBLIC%\Videos {3D644C9B-1FB8-4f30-9B45-F670235F79C0} = %PUBLIC%\Downloads [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] Common Administrative Tools = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools Common AppData = C:\ProgramData Common Desktop = C:\Users\Public\Desktop Common Documents = C:\Users\Public\Documents Common Programs = C:\ProgramData\Microsoft\Windows\Start Menu\Programs Common Start Menu = C:\ProgramData\Microsoft\Windows\Start Menu Common Startup = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Common Templates = C:\ProgramData\Microsoft\Windows\Templates CommonMusic = C:\Users\Public\Music CommonPictures = C:\Users\Public\Pictures CommonVideo = C:\Users\Public\Videos OEM Links = C:\ProgramData\OEM\Links Running processes: Number | Path 21 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe 1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe 1 C:\Program Files\Windows Defender\MsMpEng.exe 1 C:\Program Files\Windows Defender\NisSrv.exe 1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_21.21030.25003.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 14 C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2112.32.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe 1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.16300.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe 1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.16300.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe 1 C:\Users\J\Downloads\HiJackThis\HiJackThis.exe 1 C:\Windows\explorer.exe 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe 1 C:\Windows\System32\AggregatorHost.exe 1 C:\Windows\System32\amdfendrsr.exe 1 C:\Windows\System32\ApplicationFrameHost.exe 1 C:\Windows\System32\backgroundTaskHost.exe 1 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 3 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimizationStartupTask.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe 2 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe 3 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe 1 C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atieclxx.exe 1 C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe 1 C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe 1 C:\Windows\System32\dwm.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\LocationNotificationWindows.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\oobe\UserOOBEBroker.exe 5 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SearchProtocolHost.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 80 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 1 C:\Windows\System32\wbem\unsecapp.exe 2 C:\Windows\System32\wbem\WmiPrvSE.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe 1 C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Local Page] = %11%\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command: (default) = C:\Program Files\Internet Explorer\iexplore.exe R0 - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command: (default) = C:\Program Files\Internet Explorer\iexplore.exe R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [blank] = res://mshtml.dll/blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [DesktopItemNavigationFailure] = res://ieframe.dll/navcancl.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [InPrivate] = res://ieframe.dll/inprivate.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [NavigationCanceled] = res://ieframe.dll/navcancl.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [NavigationFailure] = res://ieframe.dll/navcancl.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [NoAdd-ons] = res://ieframe.dll/noaddon.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [NoAdd-onsInfo] = res://ieframe.dll/noaddoninfo.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [PostNotCached] = res://ieframe.dll/repost.htm R0 - HKLM\Software\Microsoft\Internet Explorer\AboutURLs: [SecurityRisk] = res://ieframe.dll/securityatrisk.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Extensions Off Page] = about:NoAdd-ons R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Local Page] = C:\Windows\System32\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Security Risk Page] = about:SecurityRisk R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main: [Local Page] = %11%\blank.htm R0 - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main: [Search Page] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main: [Local Page] = %11%\blank.htm R0 - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main: [Search Page] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [blank] = res://mshtml.dll/blank.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [DesktopItemNavigationFailure] = res://ieframe.dll/navcancl.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [InPrivate] = res://ieframe.dll/inprivate.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [NavigationCanceled] = res://ieframe.dll/navcancl.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [NavigationFailure] = res://ieframe.dll/navcancl.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [NoAdd-ons] = res://ieframe.dll/noaddon.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [NoAdd-onsInfo] = res://ieframe.dll/noaddoninfo.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [PostNotCached] = res://ieframe.dll/repost.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs: [SecurityRisk] = res://ieframe.dll/securityatrisk.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Default_Page_URL] = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Default_Search_URL] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Extensions Off Page] = about:NoAdd-ons R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Local Page] = C:\Windows\SysWOW64\blank.htm R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Search Page] = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Security Risk Page] = about:SecurityRisk R0-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R3 - HKCU\..\URLSearchHooks: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll R3 - HKU\S-1-5-19\..\URLSearchHooks: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll R3 - HKU\S-1-5-20\..\URLSearchHooks: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL] = hxxp://vvv.bing.com/search?q={searchTerms}&FORM=IE8SRC - Bing F2 - HKLM\..\WinLogon: [Shell] = explorer.exe F2 - HKLM\..\WinLogon: [UserInit] = C:\Windows\system32\userinit.exe, F2-32 - HKLM\..\WinLogon: [Shell] = explorer.exe O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.113\BHO\ie_to_edge_bho_64.dll (sign: 'Microsoft') O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.113\BHO\ie_to_edge_bho.dll (sign: 'Microsoft') O4 - ActiveSetup: HKLM\..\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}: [StubPath] = /UserInstall (file missing) O4 - ActiveSetup: HKLM\..\{6BF52A52-394A-11d3-B153-00C04F79FAA6}: [StubPath] = C:\Windows\system32\unregmp2.exe /FirstLogon (sign: 'Microsoft') O4 - ActiveSetup: HKLM\..\{89820200-ECBD-11cf-8B85-00AA005B4340}: [StubPath] = U (file missing) O4 - ActiveSetup: HKLM\..\{89820200-ECBD-11cf-8B85-00AA005B4383}: [StubPath] = C:\Windows\System32\ie4uinit.exe -UserConfig (sign: 'Microsoft') O4 - ActiveSetup: HKLM\..\{89B4C1CD-B018-4511-B0A1-5476DBF70820}: [StubPath] = C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install (sign: 'Microsoft') O4 - ActiveSetup: HKLM\..\{9459C573-B17A-45AE-9F64-1857B5D58CEE}: [StubPath] = C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.113\Installer\setup.exe --configure-user-settings --verbose-logging --system-level --msedge --channel=stable (sign: 'Microsoft') O4 - ActiveSetup: HKLM\..\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}: [StubPath] = C:\Windows\system32\unregmp2.exe /ShowWMP (sign: 'Microsoft') (disabled) O4 - HKCU\..\Command Processor: [Autorun] = (no file) O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_629733DD9A3125BB3D0D4FA6523D9477] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/07/24) (sign: 'Microsoft') O4 - HKLM\..\BootVerificationProgram: [ImagePath] = (no file) O4 - HKLM\..\Command Processor: [Autorun] = (no file) O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (sign: 'Microsoft') O4 - HKLM\..\RunOnce: [!BCILauncher] = C:\Windows\Temp\MUBSTemp\BCILauncher.EXE bgaupmi=162EF2E452244DEBAADED9E90CFDF6E3 (sign: 'Microsoft') O4 - HKLM\..\SafeBoot: [AlternateShell] = C:\Windows\system32\cmd.exe (sign: 'Microsoft') (disabled) O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\autochk.exe * (sign: 'Microsoft') O4 - HKLM\..\Session Manager: [BootShell] = C:\Windows\system32\bootim.exe (sign: 'Microsoft') O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = c:\users\j\appdata\local\microsoft\onedrive\22.012.0117.0003_1 -> DELETE (file missing) O4 - HKLM\..\Session Manager: [SetupExecute] = (no file) O4 - HKU\S-1-5-18\..\Command Processor: [Autorun] = (no file) O4 - HKU\S-1-5-19\..\Command Processor: [Autorun] = (no file) O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft') O4 - HKU\S-1-5-20\..\Command Processor: [Autorun] = (no file) O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft') O4-32 - ActiveSetup: HKLM\..\{6BF52A52-394A-11d3-B153-00C04F79FAA6}: [StubPath] = C:\Windows\system32\unregmp2.exe /FirstLogon (sign: 'Microsoft') O4-32 - ActiveSetup: HKLM\..\{89820200-ECBD-11cf-8B85-00AA005B4383}: [StubPath] = C:\Windows\System32\ie4uinit.exe -UserConfig (sign: 'Microsoft') O4-32 - ActiveSetup: HKLM\..\{89B4C1CD-B018-4511-B0A1-5476DBF70820}: [StubPath] = C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install (sign: 'Microsoft') O4-32 - ActiveSetup: HKLM\..\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}: [StubPath] = C:\Windows\system32\unregmp2.exe /ShowWMP (sign: 'Microsoft') (disabled) O4-32 - HKLM\..\Command Processor: [Autorun] = (no file) O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [appwiz.cpl] (Gerenciador de Aplicativos do Shell) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [bthprops.cpl] (Miniaplicativo do Painel de Controle do Bluetooth) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [desk.cpl] (Painel de Controle das Configurações da Área de Trabalho) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [Firewall.cpl] (Windows Defender Firewall Control Panel DLL Launching Stub) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [hdwwiz.cpl] (Miniaplicativo do Painel de Controle para adicionar hardware) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [inetcpl.cpl] (Painel de Controle da Internet) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [intl.cpl] (DLL do Painel de controle) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [joy.cpl] (Miniaplicativo do Painel de Controle para Controladores de Jogo) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [main.cpl] (Miniaplicativos do 'Painel de controle' para mouse e teclado) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [mmsys.cpl] (Painel de Controle de Áudio) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [ncpa.cpl] (Conexões de rede no painel de controle) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [powercfg.cpl] (Miniaplicativo Gerenciamento de energia do Painel de controle) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [sysdm.cpl] (Miniaplicativo Sistema do Painel de Controle) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [tabletpc.cpl] (Painel de Controle do Tablet PC) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [telephon.cpl] (Painel de controle de telefonia) (sign: 'Microsoft') O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [timedate.cpl] (Miniaplicativo Data e Hora do Painel de Controle) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [appwiz.cpl] (Gerenciador de Aplicativos do Shell) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [bthprops.cpl] (Miniaplicativo do Painel de Controle do Bluetooth) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [desk.cpl] (Painel de Controle das Configurações da Área de Trabalho) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [Firewall.cpl] (file missing) O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [hdwwiz.cpl] (Miniaplicativo do Painel de Controle para adicionar hardware) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [inetcpl.cpl] (Painel de Controle da Internet) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [intl.cpl] (DLL do Painel de controle) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [joy.cpl] (Miniaplicativo do Painel de Controle para Controladores de Jogo) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [main.cpl] (Miniaplicativos do 'Painel de controle' para mouse e teclado) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [mmsys.cpl] (Painel de Controle de Áudio) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [ncpa.cpl] (Conexões de rede no painel de controle) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [powercfg.cpl] (Miniaplicativo Gerenciamento de energia do Painel de controle) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [sysdm.cpl] (Miniaplicativo Sistema do Painel de Controle) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [telephon.cpl] (Painel de controle de telefonia) (sign: 'Microsoft') O5-32 - HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [timedate.cpl] (Miniaplicativo Data e Hora do Painel de Controle) (sign: 'Microsoft') O7 - KnownFolder: C:\Users\Public\Documents (folder missing) O10 - Unknown file in Winsock LSP: C:\Windows\System32\mswsock.dll (sign: 'Microsoft') O10 - Unknown file in Winsock LSP: C:\Windows\system32\mswsock.dll (sign: 'Microsoft') O10 - Unknown file in Winsock LSP: C:\Windows\system32\napinsp.dll (sign: 'Microsoft') O10 - Unknown file in Winsock LSP: C:\Windows\system32\nlansp_c.dll (sign: 'Microsoft') O10 - Unknown file in Winsock LSP: C:\Windows\system32\pnrpnsp.dll (sign: 'Microsoft') O10 - Unknown file in Winsock LSP: C:\Windows\System32\winrnr.dll (sign: 'Microsoft') O10 - Unknown file in Winsock LSP: C:\Windows\system32\wshbth.dll (sign: 'Microsoft') O13 - HKLM\..\URL\DefaultPrefix: [] = hxxp:// O13 - HKLM\..\URL\Prefixes: [ftp] = ftp:// O13 - HKLM\..\URL\Prefixes: [gopher] = O13 - HKLM\..\URL\Prefixes: [home] = hxxp:// O13 - HKLM\..\URL\Prefixes: [mosaic] = hxxp:// O13 - HKLM\..\URL\Prefixes: [vvv.] = O13 - HKLM\..\URL\Prefixes: [vvv] = hxxp:// O13-32 - HKLM\..\URL\DefaultPrefix: [] = hxxp:// O13-32 - HKLM\..\URL\Prefixes: [ftp] = ftp:// O13-32 - HKLM\..\URL\Prefixes: [gopher] = O13-32 - HKLM\..\URL\Prefixes: [home] = hxxp:// O13-32 - HKLM\..\URL\Prefixes: [mosaic] = hxxp:// O13-32 - HKLM\..\URL\Prefixes: [vvv.] = O13-32 - HKLM\..\URL\Prefixes: [vvv] = hxxp:// O17 - DHCP DNS 1: 181.213.132.2 O17 - DHCP DNS 2: 181.213.132.3 O18 - HKLM\Software\Classes\Protocols\Handler\about: [CLSID] = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\cdl: [CLSID] = {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\dvd: [CLSID] = {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\file: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\ftp: [CLSID] = {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\hxxp: [CLSID] = {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\hxxps: [CLSID] = {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\javascript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\local: [CLSID] = {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\mailto: [CLSID] = {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\mhtml: [CLSID] = {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\mk: [CLSID] = {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\System32\urlmon.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\ms-its: [CLSID] = {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\res: [CLSID] = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\tv: [CLSID] = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\vbscript: [CLSID] = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (sign: 'Microsoft') O18 - HKLM\Software\Classes\Protocols\Handler\windows.tbauth: [CLSID] = {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (sign: 'Microsoft') O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\System32\cscui.dll (sign: 'Microsoft') O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\System32\EhStorShell.dll (sign: 'Microsoft') O21-32 - HKLM\..\ShellServiceObjectDelayLoad: [WebCheck] = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file) O22 - Tasks: (damaged) OneDrive Standalone Update Task-S-1-5-21-283604297-2539371472-1620621064-1001 - C:\Users\J\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) (user missing) O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) - {CF2CF428-325B-48D3-8CA8-7633E36E5A32} - C:\Windows\system32\msdrm.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Clip\License Validation - C:\Windows\system32\ClipUp.exe -p -s -o (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - C:\Windows\system32\DFDWiz.exe (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync - {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B} - C:\Windows\System32\srmclient.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Maps\MapsUpdateTask - {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} - C:\Windows\System32\mapsupdatetask.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Offline Files\Background Synchronization - {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} - C:\Windows\System32\cscui.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Offline Files\Logon Synchronization - {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8},Logon - C:\Windows\System32\cscui.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\PushToInstall\LoginCheck - C:\Windows\system32\sc.exe start pushtoinstall login (sign: '') O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - C:\Windows\System32\rundll32.exe C:\Windows\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - C:\Windows\system32\defrag.exe -c -h -g -# -m 8 -i 13500 (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Subscription\LicenseAcquisition - C:\Windows\system32\ClipRenew.exe (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate - {17C82257-654E-4C47-8E23-DCA24EAA76A0} - C:\Windows\system32\sysmain.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance - {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} - C:\Windows\system32\sysmain.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\SystemRestore\SR - C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\UNP\RunUpdateNotificationMgr - C:\Windows\System32\UNP\UpdateNotificationMgr.exe (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\User Profile Service\HiveUploadTask - {BA677074-762C-444B-94C8-8C83F93F6605} - C:\Windows\system32\profsvc.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - C:\Windows\System32\WaaSMedicSvc.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Device-Join - C:\Windows\System32\dsregcmd.exe $(Arg0) $(Arg1) $(Arg2) (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Workplace Join\Device-Sync - {C662D912-E4D6-44A3-89A0-20550514951D},DeviceUpdate - C:\Windows\System32\dsregtask.dll (sign: 'Microsoft') O22 - Tasks: (disabled) \Microsoft\Windows\Workplace Join\Recovery-Check - C:\Windows\System32\dsregcmd.exe /checkrecovery (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\sc.exe start InventorySvc (sign: '') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\Windows\system32\sdbinst.exe -mm (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\StartupAppTask - C:\Windows\system32\rundll32.exe Startupscan.dll,SusRunTask (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Consolidator - C:\Windows\System32\wsqmcons.exe (sign: 'Microsoft') O22 - Tasks: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip - {C27F6B1D-FE0B-45E4-9257-38799FA69BC8},SYSTEM - C:\Windows\System32\usbceip.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) - {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} - C:\Windows\system32\msdrm.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppID\EDP Policy Manager - {DECA92E0-AF85-439E-9204-86679978DA08},EdpPolicyManager - C:\Windows\System32\AppLockerCsp.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppID\PolicyConverter - C:\Windows\system32\appidpolicyconverter.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - C:\Windows\system32\appidcertstorecheck.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\ApplicationData\appuriverifierdaily - C:\Windows\system32\AppHostRegistrationVerifier.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\ApplicationData\appuriverifierinstall - C:\Windows\system32\AppHostRegistrationVerifier.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\ApplicationData\CleanupTemporaryState - C:\Windows\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\ApplicationData\DsSvcCleanup - C:\Windows\system32\dstokenclean.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - C:\Windows\system32\rundll32.exe C:\Windows\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\Windows\system32\UCPDMgr.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Autochk\Proxy - C:\Windows\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerEncryptAllDrives - C:\Windows\System32\edptask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\Windows\System32\edptask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Bluetooth\UninstallDeviceTask - C:\Windows\system32\BthUdTask.exe $(Arg0) (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file) O22 - Tasks: \Microsoft\Windows\capabilityaccessmanager\maintenancetasks - C:\Windows\system32\rundll32.exe C:\Windows\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},AIKCertEnroll - C:\Windows\system32\ngctasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},CryptoPolicy - C:\Windows\system32\ngctasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CertificateServicesClient\KeyPreGenTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},NGCKeyPregen - C:\Windows\system32\ngctasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CertificateServicesClient\SystemTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},SYSTEM - C:\Windows\system32\dimsjob.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CertificateServicesClient\UserTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},USER - C:\Windows\system32\dimsjob.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CertificateServicesClient\UserTask-Roam - {58FB76B9-AC85-4E55-AC04-427593B1D060},KEYROAMING - C:\Windows\system32\dimsjob.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Chkdsk\ProactiveScan - {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} - C:\Windows\System32\pstask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Chkdsk\SyspartRepair - C:\Windows\system32\bcdboot.exe C:\Windows /sysrepair (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CloudExperienceHost\CreateObjectTask - {E4544ABA-62BF-4C54-AAB2-EC246342626C} - C:\Windows\System32\CloudExperienceHostBroker.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\CloudRestore\Restore - {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} - C:\Windows\system32\CloudRestoreLauncher.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F},-Manual - C:\Windows\System32\discan.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery - {DCFD3EA8-D960-4719-8206-490AE315F94F},-CrashRecovery - C:\Windows\System32\discan.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe -c -h -o -$ (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Device Information\Device - C:\Windows\system32\devicecensus.exe SystemCxt (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Device Information\Device User - C:\Windows\system32\devicecensus.exe UserCxt (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Device Setup\Metadata Refresh - {23C1F3CF-C110-4512-ACA9-7B6174ECE888} - C:\Windows\System32\DeviceSetupManagerAPI.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\HandleCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-HandleCommand - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-WnsCommand - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck - {AE31B729-D5FD-401E-AF42-784074835AFE},-IntegrityCheck - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession - {AE31B729-D5FD-401E-AF42-784074835AFE},-UserSessionCommand - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -AccountChange - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -Full - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterUserDevice -NewAccount - C:\Windows\system32\DeviceDirectoryClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - {AD08DCC2-4E35-4486-9D49-547CBD30942D} - C:\Windows\System32\MitigationClient.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Diagnosis\Scheduled - {C1F85EF8-BCC2-4606-BB39-70C523715EB3} - C:\Windows\System32\sdiagschd.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DirectX\DirectXDatabaseUpdater - C:\Windows\system32\directxdatabaseupdater.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\Windows\system32\dxgiadaptercache.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DiskCleanup\SilentCleanup - C:\Windows\system32\cleanmgr.exe /autocleanstoragesense /d C: (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - C:\Windows\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DiskFootprint\Diagnostics - C:\Windows\system32\disksnapshot.exe -z (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DiskFootprint\StorageSense - {AB2A519B-03B0-43CE-940A-A73DF850B49A} - C:\Windows\system32\StorageUsage.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\DUSM\dusmtask - C:\Windows\System32\dusmtask.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\Windows\System32\edptask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\Windows\System32\edptask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\Windows\System32\edptask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\Windows\System32\edptask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\Windows\System32\MitigationConfiguration.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Feedback\Siuf\DmClient - C:\Windows\system32\dmclient.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - C:\Windows\system32\dmclient.exe utcwnf (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\FileHistory\File History (maintenance mode) - {89917B7C-A1A6-11DF-8BF6-18A90531A85A} - C:\Windows\System32\fhtask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures - {59EECBFE-C2F5-4419-9B99-13FE05FF2675} - C:\Windows\System32\fcon.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing - {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} - C:\Windows\System32\fcon.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting - {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} - C:\Windows\System32\fcon.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Flighting\OneSettings\RefreshCache - {E07647F7-AED2-48D9-9720-939BC24A8A3C} - C:\Windows\System32\wosc.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Input\LocalUserSyncDataAvailable - {8E7C2AFB-72B9-415C-9AC2-5037693309B7},LocalUserSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Input\MouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},MouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Input\PenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},PenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Input\TouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},TouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\InstallService\RestoreDevice - {7F019157-05C8-473F-8664-2BA04A090DC8} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\International\Synchronize Language Settings - {10D62541-90D0-42FE-848C-0DBC1AC42EDA},SyncFromCloud - C:\Windows\System32\CoreGlobConfig.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Kernel\La57Cleanup - C:\Windows\system32\la57setup.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\LanguageComponentsInstaller\Installation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Install $(Arg0) - C:\Windows\System32\LanguageComponentsInstaller.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - C:\Windows\System32\LanguageOverlayServer.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\LanguageComponentsInstaller\Uninstallation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Uninstall - C:\Windows\System32\LanguageComponentsInstaller.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\License Manager\TempSignedLicenseExchange - {77646A68-AD14-4D53-897D-7BE4DDE5F929} - C:\Windows\System32\TempSignedLicenseExchangeTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Location\Notifications - C:\Windows\System32\LocationNotificationWindows.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Location\WindowsActionDialog - C:\Windows\System32\WindowsActionDialog.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Maintenance\WinSAT - {A9A33436-678B-4C9C-A211-7CC38785E79D} - C:\Windows\system32\WinSATAPI.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Management\Provisioning\Cellular - C:\Windows\system32\ProvTool.exe /turn 7 /source CellStateChangeTask (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Management\Provisioning\Logon - C:\Windows\system32\ProvTool.exe /turn 5 /source LogonIdleTask (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\Windows\System32\mapstoasttask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Event - C:\Windows\System32\MemoryDiagnostic.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Time - C:\Windows\System32\MemoryDiagnostic.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\MUI\LPRemove - C:\Windows\system32\lpremove.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Multimedia\SystemSoundsService - {2DEA658F-54C1-4227-AF9B-260AB5FC3543} - C:\Windows\System32\PlaySndSrv.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\Windows\system32\gatherNetworkInfo.vbs (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\NlaSvc\WiFiTask - C:\Windows\System32\WiFiTask.exe nla (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\Windows\system32\SecureBootEncodeUEFI.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\PI\Secure-Boot-Update - {5014B7C8-934E-4262-9816-887FA745A6C4},SBServicing - C:\Windows\system32\TpmTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\PI\Sqm-Tasks - {5014B7C8-934E-4262-9816-887FA745A6C4},PiSqmTasks - C:\Windows\system32\TpmTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Plug and Play\Device Install Group Policy - {60400283-B242-4FA8-8C25-CAF695B88209} - C:\Windows\System32\pnppolicy.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Plug and Play\Device Install Reboot Required - {48794782-6A1F-47B9-BD52-1D5F95D49C1B} - C:\Windows\System32\pnpui.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - C:\Windows\System32\drvinst.exe 6 (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - {927EA2AF-1C54-43D5-825E-0074CE028EEE} - C:\Windows\System32\energytask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Printing\EduPrintProv - C:\Windows\system32\eduprintprov.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\Windows\System32\PrinterCleanupTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Printing\PrintJobCleanupTask - {8ABCE260-32B6-476C-AE13-B34D0C91292D} - C:\Windows\System32\PrinterCleanupTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\PushToInstall\Registration - C:\Windows\system32\sc.exe start pushtoinstall registration (sign: '') O22 - Tasks: \Microsoft\Windows\Ras\MobilityManager - {C463A0FC-794F-4FDF-9201-01938CEACAFA} - C:\Windows\system32\rasmbmgr.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE - {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047},VerifyWinRE - C:\Windows\System32\ReAgentTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Registry\RegIdleBackup - {CA767AA8-9157-4604-B64B-40747123D5F2} - C:\Windows\System32\regidle.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - C:\Windows\system32\RAServer.exe /offerraupdate (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask - {8702A841-D5CA-47C3-812D-9CEDC304C200} - C:\Windows\system32\IntelligentPwdlessTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Servicing\StartComponentCleanup - {752073A1-23F2-4396-85F0-8FDB879ED0ED} - C:\Windows\servicing\TrustedInstaller.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Setup\SetupCleanupTask - {7C83C056-1D0D-4C8E-A6B0-89E79C213559} - C:\Windows\system32\oobe\SetupCleanupTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Shell\CreateObjectTask - {990A9F8F-301F-45F7-8D0E-68C5952DBA43} - C:\Windows\system32\shell32.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Shell\FamilySafetyMonitor - C:\Windows\System32\wpcmon.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Shell\FamilySafetyRefreshTask - {C844C79D-AED8-4DCE-AB25-4D359BED84F8},$(Arg0) - C:\Windows\System32\WpcRefreshTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - C:\Windows\System32\srchadmin.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Shell\UpdateUserPictureTask - {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},timer - C:\Windows\System32\sppcext.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},logon - C:\Windows\System32\sppcext.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},network - C:\Windows\System32\sppcext.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\SpacePort\SpaceAgentTask - C:\Windows\system32\SpaceAgent.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\SpacePort\SpaceManagerTask - C:\Windows\system32\spaceman.exe /Work (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Speech\SpeechModelDownloadTask - C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\StateRepository\MaintenanceTasks - C:\Windows\system32\rundll32.exe C:\Windows\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization - {5C9AB547-345D-4175-9AF6-65133463A100} - C:\Windows\system32\TieringEngineService.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\Windows\system32\ClipRenew.exe -e (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Sysmain\ResPriStaticDbSync - {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} - C:\Windows\system32\sysmain.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Sysmain\WsSwapAssessmentTask - C:\Windows\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Task Manager\Interactive - {855FEC53-D2E4-4999-9E87-3414E9CF0FF4},$(Arg0) - C:\Windows\system32\wdc.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\TextServicesFramework\MsCtfMonitor - {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} - C:\Windows\system32\MsCtfMonitor.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime - {A31AD6C2-FF4C-43D4-8E90-7101023096F9},TimeSyncTask - C:\Windows\system32\TimeSyncTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Time Synchronization\SynchronizeTime - C:\Windows\system32\sc.exe start w32time task_started (sign: '') O22 - Tasks: \Microsoft\Windows\Time Zone\SynchronizeTimeZone - C:\Windows\system32\tzsync.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\TPM\Tpm-HASCertRetr - {5014B7C8-934E-4262-9816-887FA745A6C4},HASCertRetr - C:\Windows\system32\TpmTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\TPM\Tpm-Maintenance - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmTasks - C:\Windows\system32\TpmTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Report policies - C:\Windows\system32\usoclient.exe ReportPolicies (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan - C:\Windows\system32\usoclient.exe StartScan (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task - C:\Windows\system32\usoclient.exe StartScan (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Schedule Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\Start Oobe Expedite Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\Windows\system32\usoclient.exe StartOobeAppsScan (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScanAfterUpdate - C:\Windows\system32\usoclient.exe StartOobeAppsScanAfterUpdate (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (file missing) O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\Windows\system32\usoclient.exe HandleUusFailoverSignal (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\UPnP\UPnPHostConfig - C:\Windows\system32\sc.exe config upnphost start= auto (sign: '') O22 - Tasks: \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WCM\WiFiTask - C:\Windows\System32\WiFiTask.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WDI\ResolutionHost - {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} - C:\Windows\System32\wdi.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (sign: '') O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup (sign: '') O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (sign: '') O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification (sign: '') O22 - Tasks: \Microsoft\Windows\Windows Error Reporting\QueueReporting - C:\Windows\system32\wermgr.exe -upload (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - C:\Windows\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Windows Media Sharing\UpdateLibrary - C:\Program Files\Windows Media Player\wmpnscfg.exe (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WindowsBackup\Windows Backup Monitor - C:\Windows\system32\sdclt.exe /CHECKSKIPPED (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WindowsColorSystem\Calibration Loader - {B210D694-C8DF-490D-9576-9E20CDBC20BD} - C:\Windows\System32\mscms.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\System32\sc.exe start wuauserv (sign: '') O22 - Tasks: \Microsoft\Windows\Wininet\CacheTask - {0358B920-0AC7-461F-98F4-58E32CD89148} - C:\Windows\system32\wininet.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WlanSvc\CDSSync - {B0D2B535-12E1-439F-86B3-BADA289510F0},$(Arg0) - C:\Windows\System32\WiFiCloudStore.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WlanSvc\MoProfileManagement - {085EDA12-CF4A-4944-8222-8ADCADE137CB} - C:\Windows\System32\WlanMediaManager.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WOF\WIM-Hash-Management - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashManagement - C:\Windows\system32\WofTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WOF\WIM-Hash-Validation - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashValidation - C:\Windows\system32\WofTasks.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - C:\Windows\System32\WorkFoldersShell.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - C:\Windows\System32\WorkFoldersShell.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WwanSvc\NotificationTask - C:\Windows\System32\WiFiTask.exe wwan (sign: 'Microsoft') O22 - Tasks: \Microsoft\Windows\WwanSvc\OobeDiscovery - {C93CF9D5-031B-4AAA-AB0B-EF802347B381} - C:\Windows\System32\MBMediaManager.dll (sign: 'Microsoft') O22 - Tasks: \Microsoft\XblGameSave\XblGameSaveTask - C:\Windows\System32\XblGameSaveTask.exe standby (sign: 'Microsoft') O22 - Tasks: ASUS Optimization 36D18D69AFC3 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusHotkey.exe -CancelShutdown (sign: 'ASUSTeK COMPUTER INC.') O22 - Tasks: ASUS Update Checker 2.0 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusUpdateChecker.exe (sign: 'ASUSTeK COMPUTER INC.') O22 - Tasks: CreateExplorerShellUnelevatedTask - C:\Windows\explorer.exe /NoUACCheck (sign: 'Microsoft') O22 - Tasks: MicrosoftEdgeUpdateTaskMachineCore - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (sign: 'Microsoft') O22 - Tasks: MicrosoftEdgeUpdateTaskMachineUA - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (sign: 'Microsoft') O22 - Tasks: OneDrive Standalone Update Task-S-1-5-21-283604297-2539371472-1620621064-1001 - C:\Users\J\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) O22 - Tasks: RtkAudUService64_BG - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.') O23 - Service R2: Agendador de Tarefas - (Schedule) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\schedsvc.dll (sign: 'Microsoft') O23 - Service R2: Agente de Eventos do Sistema - (SystemEventsBroker) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\System32\SystemEventsBrokerServer.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\amdfendrsr.exe (sign: 'Advanced Micro Devices Inc.') O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe (sign: 'Advanced Micro Devices Inc.') O23 - Service R2: ASUS App Service - (AsusAppService) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe (sign: 'ASUSTeK COMPUTER INC.') O23 - Service R2: ASUS Optimization - (ASUSOptimization) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe (sign: 'ASUSTeK COMPUTER INC.') O23 - Service R2: ASUS Software Manager - (ASUSSoftwareManager) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe (sign: 'ASUSTeK COMPUTER INC.') O23 - Service R2: ASUS Switch - (ASUSSwitch) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe (sign: 'ASUSTeK COMPUTER INC.') O23 - Service R2: ASUS System Analysis - (ASUSSystemAnalysis) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe (sign: 'ASUSTeK COMPUTER INC.') O23 - Service R2: ASUS System Diagnosis - (ASUSSystemDiagnosis) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe (sign: 'ASUSTeK COMPUTER INC.') O23 - Service R2: Áudio do Windows - (Audiosrv) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\Audiosrv.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Auxiliar de IP - (iphlpsvc) - C:\Windows\System32\svchost.exe -k NetSvcs -p; "ServiceDll" = C:\Windows\System32\iphlpsvc.dll (sign: 'Microsoft') O23 - Service R2: Central de Segurança - (wscsvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wscsvc.dll (sign: 'Microsoft') O23 - Service R2: Cliente da Política de Grupo - (gpsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\gpsvc.dll (sign: 'Microsoft') O23 - Service R2: Cliente de rastreamento de link distribuído - (TrkWks) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\trkwks.dll (sign: 'Microsoft') O23 - Service R2: Cliente DHCP - (Dhcp) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\dhcpcore.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Cliente DNS - (Dnscache) - C:\Windows\system32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\dnsrslvr.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: COM+ evento do sistema - (EventSystem) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\es.dll (sign: 'Microsoft') O23 - Service R2: Configuração Automática de WLAN - (WlanSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wlansvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Construtor de Pontos de Extremidade de Áudio do Windows - (AudioEndpointBuilder) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\AudioEndpointBuilder.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: CoreMessaging - (CoreMessagingRegistrar) - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\system32\coremessaging.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Desligar - (Power) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\umpo.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Detecção do hardware do shell - (ShellHWDetection) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\shsvcs.dll (sign: 'Microsoft') O23 - Service R2: Estação de trabalho - (LanmanWorkstation) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\wkssvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Exibir Serviço de Política - (DispBrokerDesktopSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\DispBroker.Desktop.dll (sign: 'Microsoft') O23 - Service R2: Experiências do Usuário Conectado e Telemetria - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc -p; "ServiceDll" = C:\Windows\system32\diagtrack.dll (sign: 'Microsoft') O23 - Service R2: Gerenciador de Conexões do Windows - (Wcmsvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wcmsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Gerenciador de Sessão Local - (LSM) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\System32\lsm.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Gerenciador de Usuários - (UserManager) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\usermgr.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Gerente de Contas de Segurança - (SamSs) - C:\Windows\system32\lsass.exe (sign: 'Microsoft') O23 - Service R2: Host de Sincronização_e4cdc - (OneSyncSvc_e4cdc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service R2: Inicializador do Processo de Servidor DCOM - (DcomLaunch) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\rpcss.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Log de Eventos do Windows - (EventLog) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wevtsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Mapeador de Ponto de Extremidade RPC - (RpcEptMapper) - C:\Windows\system32\svchost.exe -k RPCSS -p; "ServiceDll" = C:\Windows\System32\RpcEpMap.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Mecanismo de Filtragem Básica - (BFE) - C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p; "ServiceDll" = C:\Windows\System32\bfe.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Otimização de Entrega - (DoSvc) - C:\Windows\System32\svchost.exe -k NetworkService -p (sign: 'Microsoft') O23 - Service R2: RPC (Chamada de Procedimento Remoto) - (RpcSs) - C:\Windows\system32\svchost.exe -k rpcss -p; "ServiceDll" = C:\Windows\system32\rpcss.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Server - (LanmanServer) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\srvsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço Auxiliar de Compatibilidade de Programas - (PcaSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\pcasvc.dll (sign: 'Microsoft') O23 - Service R2: Serviço de Armazenamento - (StorSvc) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\storsvc.dll (sign: 'Microsoft') O23 - Service R2: Serviço de Cache de Fontes do Windows - (FontCache) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\FntCache.dll (sign: 'Microsoft') O23 - Service R2: Serviço de Defesa do Usuário Contra Ameaças da Web_e4cdc - (webthreatdefusersvc_e4cdc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p (sign: 'Microsoft') O23 - Service R2: Serviço de Gerenciamento de Entrada de Texto - (TextInputManagementService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\TabSvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço de Infraestrutura de Tarefas de Segundo Plano - (BrokerInfrastructure) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\System32\psmsrv.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço de Interface de Repositório de Rede - (nsi) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\nsisvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço de Notificação de Eventos do Sistema - (SENS) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\sens.dll (sign: 'Microsoft') O23 - Service R2: Serviço de Perfil de Usuário - (ProfSvc) - C:\Windows\system32\svchost.exe -k UserProfileService -p; "ServiceDll" = C:\Windows\system32\profsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço de Plataforma de Dispositivos Conectados - (CDPSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\CDPSvc.dll (sign: 'Microsoft') O23 - Service R2: Serviço de Política de Diagnóstico - (DPS) - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\system32\dps.dll (sign: 'Microsoft') O23 - Service R2: Serviço de Repositório de Estado - (StateRepository) - C:\Windows\system32\svchost.exe -k appmodel -p; "ServiceDll" = C:\Windows\system32\windows.staterepository.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço de Usuário da Área de Transferência_e4cdc - (cbdhsvc_e4cdc) - C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p (sign: 'Microsoft') O23 - Service R2: Serviço de Usuário da Plataforma de Dispositivos Conectados_e4cdc - (CDPUserSvc_e4cdc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service R2: Serviço de Usuário de Notificações por Push do Windows_e4cdc - (WpnUserService_e4cdc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service R2: Serviço do Sistema de Notificações por Push do Windows - (WpnService) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\WpnService.dll (sign: 'Microsoft') O23 - Service R2: Serviço Microsoft Defender Antivírus - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe (sign: 'Microsoft') (+safe mode) O23 - Service R2: Serviço orquestrador de atualizações - (UsoSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\usosvc.dll (sign: 'Microsoft') O23 - Service R2: Serviços de criptografia - (CryptSvc) - C:\Windows\system32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\system32\cryptsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Spooler de Impressão - (Spooler) - C:\Windows\System32\spoolsv.exe (sign: 'Microsoft') O23 - Service R2: SysMain - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\sysmain.dll (sign: 'Microsoft') O23 - Service R2: Temas - (Themes) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\themeservice.dll (sign: 'Microsoft') O23 - Service R2: Testador de instrumentação de gerenciam. do Windows - (Winmgmt) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\wbem\WMIsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Uso de Dados - (DusmSvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\dusmsvc.dll (sign: 'Microsoft') O23 - Service R2: Windows Defender Firewall - (mpssvc) - C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p; "ServiceDll" = C:\Windows\system32\mpssvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R2: Windows Search - (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding (sign: 'Microsoft') O23 - Service R3: @WaaSMedicSvcImpl.dll,-100 - (WaaSMedicSvc) - C:\Windows\system32\svchost.exe -k wusvcs -p; "ServiceDll" = C:\Windows\System32\WaaSMedicSvc.dll (sign: 'Microsoft') O23 - Service R3: Acesso a Dados de Usuário_e4cdc - (UserDataSvc_e4cdc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service R3: Agente de Conexão de Rede - (NcbService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\ncbservice.dll (sign: 'Microsoft') O23 - Service R3: Agente de Tempo - (TimeBrokerSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\TimeBrokerServer.dll (sign: 'Microsoft') O23 - Service R3: Armazenamento de Dados de Usuário_e4cdc - (UnistoreSvc_e4cdc) - C:\Windows\System32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service R3: Auxiliar NetBIOS TCP/IP - (lmhosts) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\lmhsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Backup do Windows - (SDRSVC) - C:\Windows\system32\svchost.exe -k SDRSVC; "ServiceDll" = C:\Windows\System32\SDRSVC.dll (sign: 'Microsoft') O23 - Service R3: Conexão Fácil do Windows - Registrador de Configuração - (wcncsvc) - C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\System32\wcncsvc.dll (sign: 'Microsoft') O23 - Service R3: Dados de Contato_e4cdc - (PimIndexMaintenanceSvc_e4cdc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service R3: Descoberta SSDP - (SSDPSRV) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\System32\ssdpsrv.dll (sign: 'Microsoft') O23 - Service R3: DevicesFlow_e4cdc - (DevicesFlowUserSvc_e4cdc) - C:\Windows\system32\svchost.exe -k DevicesFlow (sign: 'Microsoft') O23 - Service R3: Gerenciador de conexão de acesso remoto - (RasMan) - C:\Windows\System32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\rasmans.dll (sign: 'Microsoft') O23 - Service R3: Gerenciador de Conta da Web - (TokenBroker) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\TokenBroker.dll (sign: 'Microsoft') O23 - Service R3: Gerenciador de Credenciais - (VaultSvc) - C:\Windows\system32\lsass.exe; "ServiceDll" = C:\Windows\System32\vaultsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Gerenciamento de aplicativo - (AppMgmt) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\appmgmts.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Host do Serviço de Diagnóstico - (WdiServiceHost) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\wdi.dll (sign: 'Microsoft') O23 - Service R3: Host do Sistema de Diagnósticos - (WdiSystemHost) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\wdi.dll (sign: 'Microsoft') O23 - Service R3: Identidade do Aplicativo - (AppIDSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\appidsvc.dll (sign: 'Microsoft') O23 - Service R3: Informações sobre Aplicativos - (Appinfo) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\appinfo.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Isolamento de Chave CNG - (KeyIso) - C:\Windows\system32\lsass.exe; "ServiceDll" = C:\Windows\system32\keyiso.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Logon secundário - (seclogon) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\seclogon.dll (sign: 'Microsoft') O23 - Service R3: NPSMSvc_e4cdc - C:\Windows\system32\svchost.exe -k LocalService -p (sign: 'Microsoft') O23 - Service R3: Plug and Play - (PlugPlay) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\umpnpmgr.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Serviço da Lista de Redes - (netprofm) - C:\Windows\System32\svchost.exe -k netprofm -p; "ServiceDll" = C:\Windows\System32\netprofmsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Serviço de Aprimoramento de Exibição - (DisplayEnhancementService) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Associação de Dispositivo - (DeviceAssociationService) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\das.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Configuração de Rede - (NetSetupSvc) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\NetSetupSvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Serviço de Criptografia de Unidade de Disco BitLocker - (BDESVC) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\bdesvc.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Defesa Contra Ameaças da Web - (webthreatdefsvc) - C:\Windows\system32\svchost.exe -k WebThreatDefense -p; "ServiceDll" = C:\Windows\System32\webthreatdefsvc.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Descoberta Automática de Proxy da Web do WinHTTP - (WinHttpAutoProxySvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\winhttp.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Geolocalização - (lfsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\lfsvc.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Gerenciador de Licença do Windows - (LicenseManager) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\LicenseManagerSvc.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Gerenciamento de Rádio - (RmSvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted; "ServiceDll" = C:\Windows\System32\RMapi.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Implantação AppX (AppXSVC) - (AppXSvc) - C:\Windows\system32\svchost.exe -k wsappx -p; "ServiceDll" = C:\Windows\system32\appxdeploymentserver.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Inspeção de Rede do Microsoft Defender Antivírus - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe (sign: 'Microsoft') O23 - Service R3: Serviço de Instalação da Microsoft Store - (InstallService) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\InstallService.dll (sign: 'Microsoft') O23 - Service R3: Serviço de Instalação de Dispositivo - (DeviceInstall) - C:\Windows\system32\svchost.exe -k DcomLaunch -p; "ServiceDll" = C:\Windows\system32\umpnpmgr.dll (sign: 'Microsoft') (+safe mode) O23 - Service R3: Serviço de Segurança do Windows - (SecurityHealthService) - C:\Windows\system32\SecurityHealthService.exe (sign: 'Microsoft') O23 - Service R3: Serviço de usuário UDK_e4cdc - (UdkUserSvc_e4cdc) - C:\Windows\system32\svchost.exe -k UdkSvcGroup (sign: 'Microsoft') O23 - Service R3: Serviço do Gerenciador de Acesso de Recurso - (camsvc) - C:\Windows\system32\svchost.exe -k osprivacy -p; "ServiceDll" = C:\Windows\system32\CapabilityAccessManager.dll (sign: 'Microsoft') O23 - Service R3: Serviço SSTP - (SstpSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\sstpsvc.dll (sign: 'Microsoft') O23 - Service S2: Gerenciador de Mapas Baixados - (MapsBroker) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\moshost.dll (sign: 'Microsoft') O23 - Service S2: Host de Sincronização - (OneSyncSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\APHostService.dll (sign: 'Microsoft') O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc (sign: 'Microsoft') O23 - Service S2: Proteção de Software - (sppsvc) - C:\Windows\system32\sppsvc.exe (sign: 'Microsoft') O23 - Service S2: Serviço de Defesa do Usuário Contra Ameaças da Web - (webthreatdefusersvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\webthreatdefusersvc.dll (sign: 'Microsoft') O23 - Service S2: Serviço de Usuário da Área de Transferência - (cbdhsvc) - C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p; "ServiceDll" = C:\Windows\System32\cbdhsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S2: Serviço de Usuário da Plataforma de Dispositivos Conectados - (CDPUserSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\CDPUserSvc.dll (sign: 'Microsoft') O23 - Service S2: Serviço de Usuário de Notificações por Push do Windows - (WpnUserService) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\WpnUserService.dll (sign: 'Microsoft') O23 - Service S3: @%systemroot%\system32\dcsvc,-100 - (dcsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\dcsvc.dll (sign: 'Microsoft') O23 - Service S3: @%SystemRoot%\system32\McpManagementService.dll,-100 - (McpManagementService) - C:\Windows\system32\svchost.exe -k McpManagementServiceGroup; "ServiceDll" = C:\Windows\System32\McpManagementService.dll (sign: 'Microsoft') O23 - Service S3: @%SystemRoot%\system32\npsm.dll,-100 - (NPSMSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\npsm.dll (sign: 'Microsoft') O23 - Service S3: Acesso a Dados de Usuário - (UserDataSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\userdataservice.dll (sign: 'Microsoft') O23 - Service S3: Adaptador de Desempenho WMI - (wmiApSrv) - C:\Windows\system32\wbem\WmiApSrv.exe (sign: 'Microsoft') O23 - Service S3: Agent Activation Runtime - (AarSvc) - C:\Windows\system32\svchost.exe -k AarSvcGroup -p; "ServiceDll" = C:\Windows\System32\AarSvc.dll (sign: 'Microsoft') O23 - Service S3: Agent Activation Runtime_e4cdc - (AarSvc_e4cdc) - C:\Windows\system32\svchost.exe -k AarSvcGroup -p (sign: 'Microsoft') O23 - Service S3: Agente de Descoberta em Segundo Plano de DevQuery - (DevQueryBroker) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\DevQueryBroker.dll (sign: 'Microsoft') O23 - Service S3: Agente de Política IPsec - (PolicyAgent) - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\ipsecsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Agrupamento de Rede de Par - (p2psvc) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\p2psvc.dll (sign: 'Microsoft') O23 - Service S3: Alocador Remote Procedure Call (RPC) - (RpcLocator) - C:\Windows\system32\locator.exe (sign: 'Microsoft') O23 - Service S3: Armazenamento de Dados de Usuário - (UnistoreSvc) - C:\Windows\System32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\unistore.dll (sign: 'Microsoft') O23 - Service S3: Arquivos Offline - (CscService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\cscsvc.dll (sign: 'Microsoft') O23 - Service S3: Assistente de aquisição de imagens do Windows (WIA) - (StiSvc) - C:\Windows\system32\svchost.exe -k imgsvc; "ServiceDll" = C:\Windows\System32\wiaservc.dll (sign: 'Microsoft') O23 - Service S3: Assistente de Conectividade de Rede - (NcaSvc) - C:\Windows\System32\svchost.exe -k NetSvcs -p; "ServiceDll" = C:\Windows\System32\ncasvc.dll (sign: 'Microsoft') O23 - Service S3: Assistente de Conexão de Conta da Microsoft - (wlidsvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\wlidsvc.dll (sign: 'Microsoft') O23 - Service S3: Autenticação Natural - (NaturalAuthentication) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\NaturalAuth.dll (sign: 'Microsoft') O23 - Service S3: BranchCache - (PeerDistSvc) - C:\Windows\System32\svchost.exe -k PeerDist; "ServiceDll" = C:\Windows\system32\peerdistsvc.dll (sign: 'Microsoft') O23 - Service S3: CaptureService - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\CaptureService.dll (sign: 'Microsoft') O23 - Service S3: CaptureService_e4cdc - C:\Windows\system32\svchost.exe -k LocalService -p (sign: 'Microsoft') O23 - Service S3: Cartão inteligente - (SCardSvr) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation; "ServiceDll" = C:\Windows\System32\SCardSvr.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Cliente da Web - (WebClient) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\webclnt.dll (sign: 'Microsoft') O23 - Service S3: Coletor de Eventos do Windows - (Wecsvc) - C:\Windows\system32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\system32\wecsvc.dll (sign: 'Microsoft') O23 - Service S3: COM+ System Application - (COMSysApp) - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (sign: 'Microsoft') O23 - Service S3: Conexões de Rede - (Netman) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\netman.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Configuração Automática com Fio - (dot3svc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\dot3svc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Configuração Automática de WWAN - (WwanSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wwansvc.dll (sign: 'Microsoft') O23 - Service S3: Configuração da Área de Trabalho Remota - (SessionEnv) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\sessenv.dll (sign: 'Microsoft') O23 - Service S3: Contêiner do Microsoft Passport - (NgcCtnrSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\NgcCtnrSvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Controles dos Pais - (WpcMonSvc) - C:\Windows\system32\svchost.exe -k LocalService; "ServiceDll" = C:\Windows\System32\WpcDesktopMonSvc.dll (sign: 'Microsoft') O23 - Service S3: Coordenador de transações distribuídas - (MSDTC) - C:\Windows\System32\msdtc.exe (sign: 'Microsoft') O23 - Service S3: Cópia de Sombra de Volume - (VSS) - C:\Windows\system32\vssvc.exe (sign: 'Microsoft') O23 - Service S3: CredentialEnrollmentManagerUserSvc - C:\Windows\system32\CredentialEnrollmentManager.exe (sign: 'Microsoft') O23 - Service S3: CredentialEnrollmentManagerUserSvc_e4cdc - C:\Windows\system32\CredentialEnrollmentManager.exe (sign: 'Microsoft') O23 - Service S3: Dados de Contato - (PimIndexMaintenanceSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\PimIndexMaintenance.dll (sign: 'Microsoft') O23 - Service S3: DeviceAssociationBroker - (DeviceAssociationBrokerSvc) - C:\Windows\system32\svchost.exe -k DevicesFlow -p; "ServiceDll" = C:\Windows\System32\deviceaccess.dll (sign: 'Microsoft') O23 - Service S3: DeviceAssociationBroker_e4cdc - (DeviceAssociationBrokerSvc_e4cdc) - C:\Windows\system32\svchost.exe -k DevicesFlow -p (sign: 'Microsoft') O23 - Service S3: DevicePicker - (DevicePickerUserSvc) - C:\Windows\system32\svchost.exe -k DevicesFlow; "ServiceDll" = C:\Windows\System32\Windows.Devices.Picker.dll (sign: 'Microsoft') O23 - Service S3: DevicePicker_e4cdc - (DevicePickerUserSvc_e4cdc) - C:\Windows\system32\svchost.exe -k DevicesFlow (sign: 'Microsoft') O23 - Service S3: DevicesFlow - (DevicesFlowUserSvc) - C:\Windows\system32\svchost.exe -k DevicesFlow; "ServiceDll" = C:\Windows\System32\DevicesFlowBroker.dll (sign: 'Microsoft') O23 - Service S3: Diagnostic Execution Service - (diagsvc) - C:\Windows\System32\svchost.exe -k diagnostics; "ServiceDll" = C:\Windows\system32\DiagSvc.dll (sign: 'Microsoft') O23 - Service S3: Disco Virtual - (vds) - C:\Windows\System32\vds.exe (sign: 'Microsoft') (+safe mode) O23 - Service S3: EFS (Encrypting File System) - (EFS) - C:\Windows\System32\lsass.exe; "ServiceDll" = C:\Windows\system32\efssvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Eventos de Aquisição de Imagens Estáticas - (WiaRpc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wiarpc.dll (sign: 'Microsoft') O23 - Service S3: Extensões e Notificações da Impressora - (PrintNotify) - C:\Windows\system32\svchost.exe -k print; "ServiceDll" = C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (sign: 'Microsoft') O23 - Service S3: GameInput Service - (GameInputSvc) - C:\Windows\System32\GameInputSvc.exe (sign: 'Microsoft') O23 - Service S3: Gerenciador de Autenticação Xbox Live - (XblAuthManager) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\XblAuthManager.dll (sign: 'Microsoft') O23 - Service S3: Gerenciador de conexão de acesso remoto automático - (RasAuto) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\rasauto.dll (sign: 'Microsoft') O23 - Service S3: Gerenciador de Instalação de Dispositivo - (DsmSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\DeviceSetupManager.dll (sign: 'Microsoft') O23 - Service S3: Gerenciador de NFC/SE e Pagamentos - (SEMgrSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\SEMgrSvc.dll (sign: 'Microsoft') O23 - Service S3: Gerenciamento de Camadas de Armazenamento - (TieringEngineService) - C:\Windows\system32\TieringEngineService.exe (sign: 'Microsoft') O23 - Service S3: GraphicsPerfSvc - C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup; "ServiceDll" = C:\Windows\System32\GraphicsPerfSvc.dll (sign: 'Microsoft') O23 - Service S3: Hora da Rede Celular - (autotimesvc) - C:\Windows\system32\svchost.exe -k autoTimeSvc; "ServiceDll" = C:\Windows\System32\autotimesvc.dll (sign: 'Microsoft') O23 - Service S3: Horário do Windows - (W32Time) - C:\Windows\system32\svchost.exe -k LocalService; "ServiceDll" = C:\Windows\system32\w32time.dll (sign: 'Microsoft') O23 - Service S3: Host de dispositivo UPnP - (upnphost) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\System32\upnphost.dll (sign: 'Microsoft') O23 - Service S3: Host de DLL de Contador de Desempenho - (PerfHost) - C:\Windows\SysWow64\perfhost.exe (sign: 'Microsoft') O23 - Service S3: Host de Provedor da Descoberta de Função - (fdPHost) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\fdPHost.dll (sign: 'Microsoft') O23 - Service S3: ICS (Compartilhamento de Conexão com a Internet) - (SharedAccess) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\ipnathlp.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Identity Manager de Rede de Par - (p2pimsvc) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\pnrpsvc.dll (sign: 'Microsoft') O23 - Service S3: Instalação Automática de Dispositivos Conectados à Rede - (NcdAutoSetup) - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\System32\NcdAutoSetup.dll (sign: 'Microsoft') O23 - Service S3: Instalador de Módulos do Windows - (TrustedInstaller) - C:\Windows\servicing\TrustedInstaller.exe (sign: 'Microsoft') (+safe mode) O23 - Service S3: Instalador do ActiveX (AxInstSV) - (AxInstSV) - C:\Windows\system32\svchost.exe -k AxInstSVGroup; "ServiceDll" = C:\Windows\System32\AxInstSV.dll (sign: 'Microsoft') O23 - Service S3: Interceptação SNMP - (SNMPTrap) - C:\Windows\System32\snmptrap.exe (sign: 'Microsoft') O23 - Service S3: Interface de Serviço de Convidado do Hyper-V - (vmicguestinterface) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvc.dll (sign: 'Microsoft') O23 - Service S3: KtmRm para Coordenador de Transações Distribuídas - (KtmRm) - C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\msdtckrm.dll (sign: 'Microsoft') O23 - Service S3: Logon de rede - (Netlogon) - C:\Windows\system32\lsass.exe; "ServiceDll" = C:\Windows\system32\netlogon.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Logs e alertas de desempenho - (pla) - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p; "ServiceDll" = C:\Windows\system32\pla.dll (sign: 'Microsoft') O23 - Service S3: Mapeador da Descoberta de Topologia da Camada de Link - (lltdsvc) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\lltdsvc.dll (sign: 'Microsoft') O23 - Service S3: MessagingService - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\MessagingService.dll (sign: 'Microsoft') O23 - Service S3: MessagingService_e4cdc - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.113\elevation_service.exe (sign: 'Microsoft') O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc (sign: 'Microsoft') O23 - Service S3: Microsoft Passport - (NgcSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\ngcsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Modo inserido - (embeddedmode) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\embeddedmodesvc.dll (sign: 'Microsoft') O23 - Service S3: Módulos de Criação de Chaves IKE e AuthIP do IPSec - (IKEEXT) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\ikeext.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Monitor do Servidor de Quadro da Câmera do Windows - (FrameServerMonitor) - C:\Windows\System32\svchost.exe -k CameraMonitor; "ServiceDll" = C:\Windows\system32\FrameServerMonitor.dll (sign: 'Microsoft') O23 - Service S3: Otimizador de unidade - (defragsvc) - C:\Windows\system32\svchost.exe -k defragsvc; "ServiceDll" = C:\Windows\System32\defragsvc.dll (sign: 'Microsoft') O23 - Service S3: P9RdrService - C:\Windows\system32\svchost.exe -k P9RdrService -p; "ServiceDll" = C:\Windows\system32\p9rdrservice.dll (sign: 'Microsoft') O23 - Service S3: P9RdrService_e4cdc - C:\Windows\system32\svchost.exe -k P9RdrService -p (sign: 'Microsoft') O23 - Service S3: Pastas de Trabalho - (workfolderssvc) - C:\Windows\System32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\workfolderssvc.dll (sign: 'Microsoft') O23 - Service S3: PenService - C:\Windows\system32\svchost.exe -k PenService; "ServiceDll" = C:\Windows\System32\PenService.dll (sign: 'Microsoft') O23 - Service S3: PenService_e4cdc - C:\Windows\system32\svchost.exe -k PenService (sign: 'Microsoft') O23 - Service S3: Política de Remoção de Cartão Inteligente - (SCPolicySvc) - C:\Windows\system32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\certprop.dll (sign: 'Microsoft') O23 - Service S3: Preparação de Aplicativos - (AppReadiness) - C:\Windows\System32\svchost.exe -k AppReadiness -p; "ServiceDll" = C:\Windows\system32\AppReadiness.dll (sign: 'Microsoft') O23 - Service S3: PrintWorkflow - (PrintWorkflowUserSvc) - C:\Windows\system32\svchost.exe -k PrintWorkflow; "ServiceDll" = C:\Windows\System32\PrintWorkflowService.dll (sign: 'Microsoft') O23 - Service S3: PrintWorkflow_e4cdc - (PrintWorkflowUserSvc_e4cdc) - C:\Windows\system32\svchost.exe -k PrintWorkflow (sign: 'Microsoft') O23 - Service S3: Propagação de Certificado - (CertPropSvc) - C:\Windows\system32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\certprop.dll (sign: 'Microsoft') O23 - Service S3: Protocolo de Autenticação Extensível - (EapHost) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\eapsvc.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Protocolo PNRP - (PNRPsvc) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\pnrpsvc.dll (sign: 'Microsoft') O23 - Service S3: Provedor de Cópia de Sombra de Software da Microsoft - (swprv) - C:\Windows\System32\svchost.exe -k swprv; "ServiceDll" = C:\Windows\System32\swprv.dll (sign: 'Microsoft') (+safe mode) O23 - Service S3: Publicação de Recursos de Descoberta de Função - (FDResPub) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\fdrespub.dll (sign: 'Microsoft') O23 - Service S3: Quality Windows Audio Video Experience - (QWAVE) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\qwave.dll (sign: 'Microsoft') O23 - Service S3: Reconhecimento de locais de rede - (NlaSvc) - C:\Windows\System32\svchost.exe -k netprofm -p; "ServiceDll" = C:\Windows\System32\netprofmsvc.dll (sign: 'Microsoft') O23 - Service S3: Redirecionador de Portas do Modo do Usuário dos Serviços de Área de Trabalho - (UmRdpService) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\umrdp.dll (sign: 'Microsoft') O23 - Service S3: Salvar Jogos no Xbox Live - (XblGameSave) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\XblGameSave.dll (sign: 'Microsoft') O23 - Service S3: Serviço AssignedAccessManager - (AssignedAccessManagerSvc) - C:\Windows\system32\svchost.exe -k AssignedAccessManagerSvc; "ServiceDll" = C:\Windows\System32\assignedaccessmanagersvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço Assistente de Perfil Local - (wlpasvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\lpasvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço AVCTP - (BthAvctpSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\BthAvctpSvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - (diagnosticshub.standardcollector.service) - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (sign: 'Microsoft') O23 - Service S3: Serviço Compositor de Áudio Volumétrico - (VacSvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\vac.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Avaliação de Inventário e Compatibilidade - (InventorySvc) - C:\Windows\system32\svchost.exe -k InvSvcGroup -p; "ServiceDll" = C:\Windows\system32\inventorysvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Backup e Restauração na Nuvem - (CloudBackupRestoreSvc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup; "ServiceDll" = C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Backup e Restauração na Nuvem_e4cdc - (CloudBackupRestoreSvc_e4cdc) - C:\Windows\system32\svchost.exe -k UnistackSvcGroup (sign: 'Microsoft') O23 - Service S3: Serviço de Biometria do Windows - (WbioSrvc) - C:\Windows\system32\svchost.exe -k WbioSvcGroup; "ServiceDll" = C:\Windows\System32\wbiosrvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Compartilhamento de Dados - (DsSvc) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\DsSvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Compartilhamento de Rede do Windows Media Player - (WMPNetworkSvc) - C:\Program Files\Windows Media Player\wmpnetwk.exe (sign: 'Microsoft') O23 - Service S3: Serviço de Configuração de Conversão de IP - (IpxlatCfgSvc) - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\IpxlatCfg.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Dados de Sensor - (SensorDataService) - C:\Windows\System32\SensorDataService.exe (sign: 'Microsoft') O23 - Service S3: Serviço de Dados Espaciais - (SharedRealitySvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\SharedRealitySvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Demonstração de Revenda - (RetailDemo) - C:\Windows\System32\svchost.exe -k rdxgroup; "ServiceDll" = C:\Windows\system32\RDXService.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Desligamento de Convidado do Hyper-V - (vmicshutdown) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Dispositivos de Interface Humana - (hidserv) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\hidserv.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Enumeração de Dispositivo de Cartão Inteligente - (ScDeviceEnum) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted; "ServiceDll" = C:\Windows\System32\ScDeviceEnum.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Experiência em Idiomas - (LxpSvc) - C:\Windows\system32\svchost.exe -k netsvcs; "ServiceDll" = C:\Windows\System32\LanguageOverlayServer.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Gateway Bluetooth de Áudio - (BTAGService) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted; "ServiceDll" = C:\Windows\System32\BTAGService.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Gerenciamento de Aplicativos Empresariais - (EntAppSvc) - C:\Windows\system32\svchost.exe -k appmodel -p; "ServiceDll" = C:\Windows\system32\EnterpriseAppMgmtSvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de gerenciamento do Windows - (WManSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\Windows.Management.Service.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Histórico de Arquivos - (fhsvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\fhsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Host do Provedor de Criptografia do Windows - (WEPHOSTSVC) - C:\Windows\system32\svchost.exe -k WepHostSvcGroup; "ServiceDll" = C:\Windows\system32\wephostsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Host HV - (HvHost) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\hvhostsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Hotspot Móvel do Windows - (icssvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\tetheringservice.dll (sign: 'Microsoft') O23 - Service S3: Serviço de identidade Microsoft Cloud - (cloudidsvc) - C:\Windows\system32\svchost.exe -k CloudIdServiceGroup -p; "ServiceDll" = C:\Windows\system32\cloudidsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Licenças de Cliente (ClipSVC) - (ClipSVC) - C:\Windows\System32\svchost.exe -k wsappx -p; "ServiceDll" = C:\Windows\System32\ClipSVC.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Mecanismo de Backup em Nível de Bloco - (wbengine) - C:\Windows\system32\wbengine.exe (sign: 'Microsoft') O23 - Service S3: Serviço de Monitoramento de Sensor - (SensrSvc) - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p; "ServiceDll" = C:\Windows\system32\sensrsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Percepção do Windows - (spectrum) - C:\Windows\system32\spectrum.exe (sign: 'Microsoft') O23 - Service S3: Serviço de Publicação de Nome de Computador do PNRP - (PNRPAutoReg) - C:\Windows\System32\svchost.exe -k LocalServicePeerNet; "ServiceDll" = C:\Windows\system32\pnrpauto.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Pulsação do Hyper-V - (vmicheartbeat) - C:\Windows\system32\svchost.exe -k ICService -p; "ServiceDll" = C:\Windows\System32\icsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Rede Xbox Live - (XboxNetApiSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\XboxNetApiSvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Registro de Gerenciamento de Dispositivos - (DmEnrollmentSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\Windows.Internal.Management.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Relatórios de Erro do Windows - (WerSvc) - C:\Windows\System32\svchost.exe -k WerSvcGroup; "ServiceDll" = C:\Windows\System32\WerSvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Roteador AllJoyn - (AJRouter) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\AJRouter.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Roteador SMS do Microsoft Windows - (SmsRouter) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\SmsRouterSvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Roteamento de mensagens de envio por Push WAP do Gerenciamento de Dispositivos - (dmwappushservice) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\dmwappushsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Sensor - (SensorService) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\SensorService.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Simulação de Percepção do Windows - (perceptionsimulation) - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (sign: 'Microsoft') O23 - Service S3: Serviço de Sincronização de Data/Hora do Hyper-V - (vmictimesync) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de solução de problemas recomendado - (TroubleshootingSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\MitigationClient.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Suporte a Bluetooth - (bthserv) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\system32\bthserv.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Suporte a Usuários de Bluetooth - (BluetoothUserService) - C:\Windows\system32\svchost.exe -k BthAppGroup -p; "ServiceDll" = C:\Windows\System32\Microsoft.Bluetooth.UserService.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Suporte a Usuários de Bluetooth_e4cdc - (BluetoothUserService_e4cdc) - C:\Windows\system32\svchost.exe -k BthAppGroup -p (sign: 'Microsoft') O23 - Service S3: Serviço de Telefonia - (PhoneSvc) - C:\Windows\system32\svchost.exe -k LocalService -p; "ServiceDll" = C:\Windows\System32\PhoneService.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Transferência Inteligente em Segundo Plano - (BITS) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\qmgr.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Troca de Dados do Hyper-V - (vmickvpexchange) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Usuário do ConsentUX - (ConsentUxUserSvc) - C:\Windows\system32\svchost.exe -k DevicesFlow; "ServiceDll" = C:\Windows\System32\ConsentUxClient.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Usuário do ConsentUX_e4cdc - (ConsentUxUserSvc_e4cdc) - C:\Windows\system32\svchost.exe -k DevicesFlow (sign: 'Microsoft') O23 - Service S3: Serviço de Usuário do GameDVR e Transmissão - (BcastDVRUserService) - C:\Windows\system32\svchost.exe -k BcastDVRUserService; "ServiceDll" = C:\Windows\System32\BcastDVRUserService.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Usuário do GameDVR e Transmissão_e4cdc - (BcastDVRUserService_e4cdc) - C:\Windows\system32\svchost.exe -k BcastDVRUserService (sign: 'Microsoft') O23 - Service S3: Serviço de usuário UDK - (UdkUserSvc) - C:\Windows\system32\svchost.exe -k UdkSvcGroup; "ServiceDll" = C:\Windows\System32\windowsudkservices.shellcommon.dll (sign: 'Microsoft') O23 - Service S3: Serviço de Virtualização de Área de Trabalho Remota do Hyper-V - (vmicrdv) - C:\Windows\system32\svchost.exe -k ICService -p; "ServiceDll" = C:\Windows\System32\icsvcext.dll (sign: 'Microsoft') O23 - Service S3: Serviço Direto do Hyper-V PowerShell - (vmicvmsession) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço do Gerenciador de Conexões de Serviços do Wi-Fi Direct - (WFDSConMgrSvc) - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\wfdsconmgrsvc.dll (sign: 'Microsoft') O23 - Service S3: Serviço do Participante do Programa Windows Insider - (wisvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\flightsettings.dll (sign: 'Microsoft') O23 - Service S3: Serviço Enumerador de Dispositivos Portáteis - (WPDBusEnum) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted; "ServiceDll" = C:\Windows\system32\wpdbusenum.dll (sign: 'Microsoft') O23 - Service S3: Serviço Gateway de Camada de Aplicativo - (ALG) - C:\Windows\System32\alg.exe (sign: 'Microsoft') O23 - Service S3: Serviço Iniciador Microsoft iSCSI - (MSiSCSI) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\iscsiexe.dll (sign: 'Microsoft') O23 - Service S3: Serviço Proteção Avançada contra Ameaças do Windows Defender - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe (sign: 'Microsoft') O23 - Service S3: Serviço Windows PushToInstall - (PushToInstall) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\PushToInstall.dll (sign: 'Microsoft') O23 - Service S3: Serviços de Área de Trabalho Remota - (TermService) - C:\Windows\System32\svchost.exe -k NetworkService; "ServiceDll" = C:\Windows\System32\termsrv.dll (sign: 'Microsoft') O23 - Service S3: Servidor de Quadros de Câmera do Windows - (FrameServer) - C:\Windows\System32\svchost.exe -k Camera; "ServiceDll" = C:\Windows\system32\FrameServer.dll (sign: 'Microsoft') O23 - Service S3: SMP de Espaços de Armazenamento da Microsoft - (smphost) - C:\Windows\System32\svchost.exe -k smphost; "ServiceDll" = C:\Windows\System32\smphost.dll (sign: 'Microsoft') O23 - Service S3: Solicitante de Cópia de Sombra de Volume do Hyper-V - (vmicvss) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\icsvcvss.dll (sign: 'Microsoft') O23 - Service S3: Suporte do Painel de Controle Relatórios de problemas - (wercplsupport) - C:\Windows\System32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\wercplsupport.dll (sign: 'Microsoft') O23 - Service S3: Telefonia - (TapiSrv) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\System32\tapisrv.dll (sign: 'Microsoft') O23 - Service S3: Verificador de Ponto - (svsvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\system32\svsvc.dll (sign: 'Microsoft') O23 - Service S3: WalletService - C:\Windows\System32\svchost.exe -k appmodel -p; "ServiceDll" = C:\Windows\system32\WalletService.dll (sign: 'Microsoft') O23 - Service S3: Warp JIT Service - (WarpJITSvc) - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted; "ServiceDll" = C:\Windows\System32\Windows.WARP.JITService.dll (sign: 'Microsoft') O23 - Service S3: Windows Installer - (msiserver) - C:\Windows\system32\msiexec.exe /V (sign: 'Microsoft') O23 - Service S3: Windows Mixed Reality OpenXR Service - (MixedRealityOpenXRSvc) - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p; "ServiceDll" = C:\Windows\System32\MixedRealityRuntime.dll (sign: 'Microsoft') O23 - Service S3: Windows Remote Management (WS-Management) - (WinRM) - C:\Windows\System32\svchost.exe -k NetworkService -p; "ServiceDll" = C:\Windows\system32\WsmSvc.dll (sign: 'Microsoft') O23 - Service S3: Windows Update - (wuauserv) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\system32\wuaueng.dll (sign: 'Microsoft') O23 - Service S3: Xbox Accessory Management Service - (XboxGipSvc) - C:\Windows\system32\svchost.exe -k netsvcs -p; "ServiceDll" = C:\Windows\System32\XboxGipSvc.dll (sign: 'Microsoft') O23 - Driver R: AMD Microcode Update Library - C:\Windows\system32\mcupdate_AuthenticAMD.dll (sign: 'Microsoft') O23 - Driver R: ASUS WMI ACPI Driver - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ad7e5f4b857611df\ASUSOptimization\AsusWmiAcpi.sys (sign: 'ASUSTeK COMPUTER INC.') O23 - Driver R: Battery Class Driver - C:\Windows\System32\drivers\BATTC.SYS (sign: 'Microsoft') O23 - Driver R: BEEP Driver - C:\Windows\System32\Drivers\Beep.SYS (sign: 'Microsoft') O23 - Driver R: Biblioteca de Classes Hid - C:\Windows\System32\drivers\HIDCLASS.SYS (sign: 'Microsoft') O23 - Driver R: Canonical Display Driver - C:\Windows\System32\cdd.dll (sign: 'Microsoft') O23 - Driver R: CimFS driver - C:\Windows\System32\Drivers\CimFS.SYS (sign: 'Microsoft') O23 - Driver R: CLIP Service - C:\Windows\System32\drivers\clipsp.sys (sign: 'Microsoft') O23 - Driver R: Code Integrity Module - C:\Windows\system32\CI.dll (sign: 'Microsoft') O23 - Driver R: Crash Dump Driver - C:\Windows\System32\Drivers\crashdmp.sys (sign: 'Microsoft') O23 - Driver R: DirectX Graphics MMS - C:\Windows\System32\drivers\dxgmms2.sys (sign: 'Microsoft') O23 - Driver R: Driver de Erro de Hardware Específico da Plataforma - C:\Windows\system32\PSHED.dll (sign: 'Microsoft') O23 - Driver R: Driver de Exportação do Host da Extensão de Configuração Inicial do Gerenciador de Configurações do Kernel - C:\Windows\System32\drivers\cmimcext.sys (sign: 'Microsoft') O23 - Driver R: Driver de Kernel de Win32k Base - C:\Windows\System32\win32kbase.sys (sign: 'Microsoft') O23 - Driver R: Driver do Sistema de Arquivos NT - C:\Windows\System32\Drivers\Ntfs.sys (sign: 'Microsoft') O23 - Driver R: Event Aggregation Kernel Mode Library - C:\Windows\system32\drivers\CEA.sys (sign: 'Microsoft') O23 - Driver R: Export driver for kernel mode TPM API - C:\Windows\system32\drivers\tbs.sys (sign: 'Microsoft') O23 - Driver R: Fast FAT File System Driver - C:\Windows\System32\Drivers\fastfat.SYS (sign: 'Microsoft') O23 - Driver R: File System Recognizer Driver - C:\Windows\System32\Drivers\Fs_Rec.sys (sign: 'Microsoft') O23 - Driver R: Filtro de sobreposição do Windows - C:\Windows\System32\Drivers\Wof.sys (sign: 'Microsoft') O23 - Driver R: Full/Desktop Win32k Kernel Driver - C:\Windows\System32\win32kfull.sys (sign: 'Microsoft') O23 - Driver R: FWP/IPsec Kernel-Mode API - C:\Windows\System32\drivers\fwpkclnt.sys (sign: 'Microsoft') O23 - Driver R: Hardware Abstraction Layer DLL - C:\Windows\system32\hal.dll (sign: 'Microsoft') O23 - Driver R: Hid Parsing Library - C:\Windows\System32\drivers\HIDPARSE.SYS (sign: 'Microsoft') O23 - Driver R: Kernel CSA Library - C:\Windows\System32\drivers\ks.sys (sign: 'Microsoft') O23 - Driver R: Kernel Mode Driver Framework Loader - C:\Windows\system32\drivers\WDFLDR.SYS (sign: 'Microsoft') O23 - Driver R: Kernel Mode Power Dependency Coordinator - C:\Windows\system32\drivers\KMPDC.sys (sign: 'Microsoft') O23 - Driver R: Kernel Remote Procedure Call Provider - C:\Windows\System32\drivers\msrpc.sys (sign: 'Microsoft') O23 - Driver R: Kernel Transaction Manager Driver - C:\Windows\System32\drivers\tm.sys (sign: 'Microsoft') O23 - Driver R: Local Kernel Debugger - C:\Windows\system32\kd.dll (sign: 'Microsoft') O23 - Driver R: Mailslot driver - C:\Windows\System32\Drivers\Msfs.SYS (sign: 'Microsoft') O23 - Driver R: Microsoft Storage Port Driver - C:\Windows\System32\drivers\storport.sys (sign: 'Microsoft') O23 - Driver R: Microsoft Trusted Audio Drivers - C:\Windows\System32\drivers\drmk.sys (sign: 'Microsoft') O23 - Driver R: Multi-User Win32 Driver - C:\Windows\System32\win32k.sys (sign: 'Microsoft') O23 - Driver R: Network I/O Subsystem - C:\Windows\system32\drivers\NETIO.SYS (sign: 'Microsoft') O23 - Driver R: NPFS Driver - C:\Windows\System32\Drivers\Npfs.SYS (sign: 'Microsoft') O23 - Driver R: NT Kernel & System - C:\Windows\system32\ntoskrnl.exe (sign: 'Microsoft') O23 - Driver R: NTOS extension host driver - C:\Windows\System32\drivers\ntosext.sys (sign: 'Microsoft') O23 - Driver R: NULL Driver - C:\Windows\System32\Drivers\Null.SYS (sign: 'Microsoft') O23 - Driver R: Port Class (Class Driver for Port/Miniport Devices) - C:\Windows\System32\drivers\portcls.sys (sign: 'Microsoft') O23 - Driver R: SCSI Class System Dll - C:\Windows\System32\drivers\CLASSPNP.SYS (sign: 'Microsoft') O23 - Driver R: TDI Wrapper - C:\Windows\system32\DRIVERS\TDI.SYS (sign: 'Microsoft') O23 - Driver R: Universal Serial Bus Driver - C:\Windows\System32\drivers\USBD.SYS (sign: 'Microsoft') O23 - Driver R: VGA Boot Driver - C:\Windows\system32\BOOTVID.dll (sign: 'Microsoft') O23 - Driver R: Watchdog Driver - C:\Windows\System32\drivers\watchdog.sys (sign: 'Microsoft') O23 - Driver R: Win32k temporary session global driver - C:\Windows\System32\WIN32KSGD.SYS (sign: 'Microsoft') O23 - Driver R: Windows Error Reporting Kernel Driver - C:\Windows\System32\drivers\werkernel.sys (sign: 'Microsoft') O23 - Driver R: Windows Hypervisor Root Interface Driver - C:\Windows\System32\drivers\winhvr.sys (sign: 'Microsoft') O23 - Driver R: WMILIB WMI support library Dll - C:\Windows\System32\drivers\WMILIB.SYS (sign: 'Microsoft') O23 - Driver R: WPP Trace Recorder - C:\Windows\system32\drivers\WppRecorder.sys (sign: 'Microsoft') O23 - Driver R0: AMD Micro PEP Device - (AmdMicroPEP) - C:\Windows\System32\drivers\AmdMicroPEP.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.') O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.') O23 - Driver R0: CNG - C:\Windows\System32\Drivers\cng.sys (sign: 'Microsoft') O23 - Driver R0: Common Log (CLFS) - (CLFS) - C:\Windows\System32\drivers\CLFS.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Disk Driver - (disk) - C:\Windows\System32\drivers\disk.sys (sign: 'Microsoft') O23 - Driver R0: Driver de Cópia de Sombra de Volume - (volsnap) - C:\Windows\System32\drivers\volsnap.sys (sign: 'Microsoft') O23 - Driver R0: Driver de Filtro de Criptografia de Unidade de Disco BitLocker - (fvevol) - C:\Windows\System32\DRIVERS\fvevol.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Driver de Inicialização Principal de Segurança da Microsoft - (MsSecCore) - C:\Windows\system32\drivers\msseccore.sys (sign: 'Microsoft') O23 - Driver R0: Driver de Minifiltro do Microsoft Defender Antivírus - (WdFilter) - C:\Windows\system32\drivers\WdFilter.sys (sign: 'Microsoft') O23 - Driver R0: Driver de partição - (partmgr) - C:\Windows\System32\drivers\partmgr.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Driver de Protocolo TCP/IP - (Tcpip) - C:\Windows\System32\drivers\tcpip.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Driver do Filtro de Taxa de E/S de Disco - (iorate) - C:\Windows\system32\drivers\iorate.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Driver do Sistema NDIS - (NDIS) - C:\Windows\system32\drivers\ndis.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Enhanced Storage Filter Driver - (EhStorClass) - C:\Windows\System32\drivers\EhStorClass.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: File Information FS MiniFilter - (FileInfo) - C:\Windows\System32\drivers\fileinfo.sys (sign: 'Microsoft') O23 - Driver R0: FltMgr - C:\Windows\system32\drivers\fltmgr.sys (sign: 'Microsoft') O23 - Driver R0: Gerenciador de Pontos de Montagem - (mountmgr) - C:\Windows\System32\drivers\mountmgr.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Gerenciador de Volume Dinâmico - (volmgrx) - C:\Windows\System32\drivers\volmgrx.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Intel(R) Platform Monitoring Technology Service - (IntelPMT) - C:\Windows\System32\drivers\IntelPMT.sys (sign: 'Microsoft') O23 - Driver R0: Intel(R) Power Engine Plug-in Driver - (intelpep) - C:\Windows\System32\drivers\intelpep.sys (sign: 'Microsoft') O23 - Driver R0: KSecDD - C:\Windows\System32\Drivers\ksecdd.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: KSecPkg - C:\Windows\System32\Drivers\ksecpkg.sys (sign: 'Microsoft') O23 - Driver R0: Microsoft ACPI Driver - (ACPI) - C:\Windows\System32\drivers\ACPI.sys (sign: 'Microsoft') O23 - Driver R0: Microsoft ACPIEx Driver - (acpiex) - C:\Windows\System32\Drivers\acpiex.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Microsoft PRM Driver - (PRM) - C:\Windows\System32\DriverStore\FileRepository\prm.inf_amd64_de435dc5c75d64a5\PRM.sys (sign: 'Microsoft') O23 - Driver R0: Microsoft Standard NVM Express Driver - (stornvme) - C:\Windows\System32\drivers\stornvme.sys (sign: 'Microsoft') O23 - Driver R0: Microsoft Virtual Drive Enumerator - (vdrvroot) - C:\Windows\System32\drivers\vdrvroot.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Microsoft Windows Trusted Runtime Secure Service - (WindowsTrustedRTProxy) - C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys (sign: 'Microsoft') O23 - Driver R0: msisadrv - C:\Windows\System32\drivers\msisadrv.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: MUP - (Mup) - C:\Windows\System32\Drivers\mup.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: PCI Bus Driver - (pci) - C:\Windows\System32\drivers\pci.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: PDC - (pdc) - C:\Windows\system32\drivers\pdc.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Performance Counters for Windows Driver - (pcw) - C:\Windows\System32\drivers\pcw.sys (sign: 'Microsoft') O23 - Driver R0: Plataforma para Filtros do Microsoft Windows - (WFPLWFS) - C:\Windows\System32\drivers\wfplwfs.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: ReadyBoost - (rdyboost) - C:\Windows\System32\drivers\rdyboost.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Serviço de Estruturas de Driver em Modo Kernel - (Wdf01000) - C:\Windows\system32\drivers\Wdf01000.sys (sign: 'Microsoft') O23 - Driver R0: Storage Spaces Driver - (spaceport) - C:\Windows\System32\drivers\spaceport.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Volume driver - (volume) - C:\Windows\System32\drivers\volume.sys (sign: 'Microsoft') O23 - Driver R0: Volume Manager Driver - (volmgr) - C:\Windows\System32\drivers\volmgr.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R0: Windows Trusted Execution Environment Class Extension - (WindowsTrustedRT) - C:\Windows\system32\drivers\WindowsTrustedRT.sys (sign: 'Microsoft') O23 - Driver R1: afunix - C:\Windows\system32\drivers\afunix.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: Agendador de pacotes de serviço - (Psched) - C:\Windows\System32\drivers\pacer.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: Ancillary Function Driver for Winsock - (AFD) - C:\Windows\system32\drivers\afd.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: Application Compatibility Cache - (ahcache) - C:\Windows\system32\DRIVERS\ahcache.sys (sign: 'Microsoft') O23 - Driver R1: ATKWMIACPI Driver - (ATKWMIACPIIO) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusWmiAcpi.sys (sign: 'ASUSTeK COMPUTER INC.') O23 - Driver R1: Background Activity Moderator Driver - (bam) - C:\Windows\system32\drivers\bam.sys (sign: 'Microsoft') O23 - Driver R1: BasicDisplay - C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_02da009b3d736cc1\BasicDisplay.sys (sign: 'Microsoft') O23 - Driver R1: BasicRender - C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_402645b3f1a80dd7\BasicRender.sys (sign: 'Microsoft') O23 - Driver R1: Captura NDIS da Microsoft - (NdisCap) - C:\Windows\System32\drivers\ndiscap.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: CD-ROM Driver - (cdrom) - C:\Windows\System32\drivers\cdrom.sys (sign: 'Microsoft') O23 - Driver R1: Desktop Activity Moderator Driver - (dam) - C:\Windows\system32\drivers\dam.sys (sign: 'Microsoft') O23 - Driver R1: Driver de Arquivos Offline - (CSC) - C:\Windows\system32\drivers\csc.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: Driver de Cliente para Namespaces de DFS - (Dfsc) - C:\Windows\System32\Drivers\dfsc.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: Driver de Suporte a TDI Herdado de NetIO - (tdx) - C:\Windows\system32\DRIVERS\tdx.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: FileCrypt - C:\Windows\system32\drivers\filecrypt.sys (sign: 'Microsoft') O23 - Driver R1: LDDM Graphics Subsystem - (DXGKrnl) - C:\Windows\System32\drivers\dxgkrnl.sys (sign: 'Microsoft') O23 - Driver R1: Microsoft System Management BIOS Driver - (mssmbios) - C:\Windows\System32\drivers\mssmbios.sys (sign: 'Microsoft') O23 - Driver R1: Named pipe service trigger provider - (npsvctrig) - C:\Windows\System32\drivers\npsvctrig.sys (sign: 'Microsoft') O23 - Driver R1: NetBIOS Interface - (NetBIOS) - C:\Windows\system32\drivers\netbios.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: NETBT - (NetBT) - C:\Windows\System32\DRIVERS\netbt.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: NSI Proxy Service Driver - (nsiproxy) - C:\Windows\system32\drivers\nsiproxy.sys (sign: 'Microsoft') O23 - Driver R1: Subsistema de Buffer Redirecionado - (rdbss) - C:\Windows\system32\DRIVERS\rdbss.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R1: Vid - C:\Windows\System32\drivers\Vid.sys (sign: 'Microsoft') O23 - Driver R1: Virtual WiFi Filter Driver - (vwififlt) - C:\Windows\System32\drivers\vwififlt.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R2: @%SystemRoot%\System32\drivers\tcpipreg.sys,-10110, - (tcpipreg) - C:\Windows\System32\drivers\tcpipreg.sys (sign: 'Microsoft') O23 - Driver R2: Driver ARP IP de acesso remoto - (wanarp) - C:\Windows\System32\DRIVERS\wanarp.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R2: Driver de E/S do Mapeador de Descoberta de Topologia de Camada de Link - (lltdio) - C:\Windows\system32\drivers\lltdio.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R2: Driver do Filtro QoS de Armazenamento - (storqosflt) - C:\Windows\system32\drivers\storqosflt.sys (sign: 'Microsoft') O23 - Driver R2: Multimedia Class Scheduler - (MMCSS) - C:\Windows\system32\drivers\mmcss.sys (sign: 'Microsoft') O23 - Driver R2: PEAUTH - C:\Windows\system32\drivers\peauth.sys (sign: 'Microsoft') O23 - Driver R2: Protocolo Microsoft LLDP - (MsLldp) - C:\Windows\system32\drivers\mslldp.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R2: Respondente de Descoberta de Topologia de Camada de Link - (rspndr) - C:\Windows\system32\drivers\rspndr.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R2: Sistema de Arquivos de Corretagem - (bfs) - C:\Windows\system32\drivers\bfs.sys (sign: 'Microsoft') O23 - Driver R2: Virtualização de arquivo UAC - (luafv) - C:\Windows\system32\drivers\luafv.sys (sign: 'Microsoft') O23 - Driver R2: Windows Bind Filter Driver - (bindflt) - C:\Windows\system32\drivers\bindflt.sys (sign: 'Microsoft') O23 - Driver R2: Windows Cloud Files Filter Driver - (CldFlt) - C:\Windows\system32\drivers\cldflt.sys (sign: 'Microsoft') O23 - Driver R2: Windows Container Isolation - (wcifs) - C:\Windows\system32\drivers\wcifs.sys (sign: 'Microsoft') O23 - Driver R2: Windows Network Data Usage Monitoring Driver - (Ndu) - C:\Windows\system32\drivers\Ndu.sys (sign: 'Microsoft') O23 - Driver R2: WTD - (wtd) - C:\Windows\System32\drivers\wtd.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: "Microsoft UAA Bus Driver for High Definition Audio" ; {PlaceHolder="UAA","High Definition Audio"} - (HDAudBus) - C:\Windows\System32\drivers\HDAudBus.sys (sign: 'Microsoft') O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\System32\drivers\amdfendr.sys (sign: 'Advanced Micro Devices Inc.') O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\drivers\amdfendrmgr.sys (sign: 'Advanced Micro Devices Inc.') O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices) O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Microsoft') O23 - Driver R3: AMD I2C Controller Service - (amdi2c) - C:\Windows\System32\drivers\amdi2c.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: AMD Processor Driver - (AmdPPM) - C:\Windows\System32\drivers\amdppm.sys (sign: 'Microsoft') O23 - Driver R3: amdwddmg - C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.') O23 - Driver R3: ASUS Precision Touch Service - (AsusPTPDrv) - C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_93fc123351137141\AsusPTPFilter.sys (sign: 'ASUSTeK COMPUTER INC.') O23 - Driver R3: AsusSAIO - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSAIO.sys (sign: 'ASUSTeK COMPUTER INC.') O23 - Driver R3: Audio Coprocessr Driver for DSP - (amdacpbus) - C:\Windows\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_60eea92a065e067d\amdacpbus.sys (sign: 'Advanced Micro Devices Inc.') O23 - Driver R3: Charge Arbitration Driver - (CAD) - C:\Windows\System32\drivers\CAD.sys (sign: 'Microsoft') O23 - Driver R3: Composite Bus Enumerator Driver - (CompositeBus) - C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_2e50c98177d80a40\CompositeBus.sys (sign: 'Microsoft') O23 - Driver R3: Console Driver - (condrv) - C:\Windows\System32\drivers\condrv.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Driver de Filtro Smartlocker - (applockerfltr) - C:\Windows\system32\drivers\applockerfltr.sys (sign: 'Microsoft') O23 - Driver R3: Driver do Sistema de Inspeção de Rede do Microsoft Defender Antivírus - (WdNisDrv) - C:\Windows\system32\Drivers\WdNisDrv.sys (sign: 'Microsoft') O23 - Driver R3: Driver IDApl - (AppID) - C:\Windows\system32\drivers\appid.sys (sign: 'Microsoft') O23 - Driver R3: Driver PPPOE de acesso remoto - (RasPppoe) - C:\Windows\System32\DRIVERS\raspppoe.sys (sign: 'Microsoft') O23 - Driver R3: Driver SMB 2.xxx do Servidor - (srv2) - C:\Windows\System32\DRIVERS\srv2.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Driver TAPI NDIS de acesso remoto - (NdisTapi) - C:\Windows\System32\DRIVERS\ndistapi.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Driver WAN NDIS de acesso remoto - (NdisWan) - C:\Windows\System32\drivers\ndiswan.sys (sign: 'Microsoft') O23 - Driver R3: Enumerador de Adaptador de Rede Virtual Microsoft - (NdisVirtualBus) - C:\Windows\System32\drivers\NdisVirtualBus.sys (sign: 'Microsoft') O23 - Driver R3: Filtro NativeWiFi - (NativeWifiP) - C:\Windows\system32\DRIVERS\nwifi.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: i8042 Keyboard and PS/2 Mouse Port Driver - (i8042prt) - C:\Windows\System32\drivers\i8042prt.sys (sign: 'Microsoft') O23 - Driver R3: Kernel Streaming Thunks - (ksthunk) - C:\Windows\system32\drivers\ksthunk.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Keyboard Class Driver - (kbdclass) - C:\Windows\System32\drivers\kbdclass.sys (sign: 'Microsoft') O23 - Driver R3: kwriqpow - C:\Users\J\AppData\Local\Temp\kwriqpow.sys (file missing) (+safe mode) O23 - Driver R3: Microsoft ACPI Control Method Battery Driver - (CmBatt) - C:\Windows\System32\drivers\CmBatt.sys (sign: 'Microsoft') O23 - Driver R3: Microsoft GPIO Class Extension Driver - (GPIOClx0101) - C:\Windows\System32\Drivers\msgpioclx.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Microsoft HID Class Driver - (HidUsb) - C:\Windows\System32\drivers\hidusb.sys (sign: 'Microsoft') O23 - Driver R3: Microsoft I2C HID Miniport Driver - (hidi2c) - C:\Windows\System32\drivers\hidi2c.sys (sign: 'Microsoft') O23 - Driver R3: Microsoft Input Configuration Driver - (MTConfig) - C:\Windows\System32\drivers\MTConfig.sys (sign: 'Microsoft') O23 - Driver R3: Microsoft Kernel Debug Network Miniport (NDIS 6.20) - (kdnic) - C:\Windows\System32\drivers\kdnic.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Microsoft Monitor Class Function Driver Service - (monitor) - C:\Windows\System32\drivers\monitor.sys (sign: 'Microsoft') O23 - Driver R3: Microsoft UEFI Driver - (UEFI) - C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_3abb917fc03c6fa8\UEFI.sys (sign: 'Microsoft') O23 - Driver R3: Microsoft Windows Management Interface for ACPI - (WmiAcpi) - C:\Windows\System32\drivers\wmiacpi.sys (sign: 'Microsoft') O23 - Driver R3: Miniporta de rede remota (L2TP) - (Rasl2tp) - C:\Windows\System32\drivers\rasl2tp.sys (sign: 'Microsoft') O23 - Driver R3: Miniporta de rede remota (PPTP) - (PptpMiniport) - C:\Windows\System32\drivers\raspptp.sys (sign: 'Microsoft') O23 - Driver R3: Miniporta WAN (SSTP) - (RasSstp) - C:\Windows\System32\drivers\rassstp.sys (sign: 'Microsoft') O23 - Driver R3: Mini-Redirecionador do SMB 2.0 - (mrxsmb20) - C:\Windows\system32\DRIVERS\mrxsmb20.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Mouse Class Driver - (mouclass) - C:\Windows\System32\drivers\mouclass.sys (sign: 'Microsoft') O23 - Driver R3: Mouse HID Driver - (mouhid) - C:\Windows\System32\drivers\mouhid.sys (sign: 'Microsoft') O23 - Driver R3: MSQUIC - (MsQuic) - C:\Windows\system32\drivers\msquic.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Navegador - (bowser) - C:\Windows\system32\DRIVERS\bowser.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: NDIS Proxy Driver - (ndproxy) - C:\Windows\System32\DRIVERS\NDProxy.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: NDIS Usermode I/O Protocol - (Ndisuio) - C:\Windows\system32\drivers\ndisuio.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Pass-through HID to KMDF Filter Driver - (mshidkmdf) - C:\Windows\System32\drivers\mshidkmdf.sys (sign: 'Microsoft') O23 - Driver R3: Realtek Wireless LAN 802.11n PCI-E Network Adapter - (RTWlanE) - C:\Windows\System32\drivers\rtwlane.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Remote Desktop Device Redirector Bus Driver - (rdpbus) - C:\Windows\System32\drivers\rdpbus.sys (sign: 'Microsoft') O23 - Driver R3: Remote Desktop Video Miniport Driver - (RdpVideoMiniport) - C:\Windows\System32\drivers\rdpvideominiport.sys (sign: 'Microsoft') O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.') O23 - Driver R3: Serviço HTTP - (HTTP) - C:\Windows\system32\drivers\HTTP.sys (sign: 'Microsoft') O23 - Driver R3: Simple Peripheral Bus Support Library - (SpbCx) - C:\Windows\system32\drivers\SpbCx.sys (sign: 'Microsoft') O23 - Driver R3: Software Bus Driver - (swenum) - C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_d84a235075a8ff73\swenum.sys (sign: 'Microsoft') O23 - Driver R3: srvnet - C:\Windows\System32\DRIVERS\srvnet.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: SuperSpeed Hub - (USBHUB3) - C:\Windows\System32\drivers\UsbHub3.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: TPM - C:\Windows\System32\drivers\tpm.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: UMBus Enumerator Driver - (umbus) - C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_3702527f0d5a77cf\umbus.sys (sign: 'Microsoft') O23 - Driver R3: USB Host Support Library - (Ucx01000) - C:\Windows\system32\drivers\ucx01000.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: USB xHCI Compliant Host Controller - (USBXHCI) - C:\Windows\System32\drivers\USBXHCI.SYS (sign: 'Microsoft') O23 - Driver R3: Virtual WiFi Miniport Service - (vwifimp) - C:\Windows\System32\drivers\vwifimp.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Virtual Wireless Bus Driver - (vwifibus) - C:\Windows\System32\drivers\vwifibus.sys (sign: 'Microsoft') O23 - Driver R3: WAN Miniport (IKEv2) - (RasAgileVpn) - C:\Windows\System32\drivers\AgileVpn.sys (sign: 'Microsoft') O23 - Driver R3: WDI Driver Framework - (wdiwifi) - C:\Windows\system32\DRIVERS\wdiwifi.sys (sign: 'Microsoft') O23 - Driver R3: Windows Defender Firewall Authorization Driver - (mpsdrv) - C:\Windows\System32\drivers\mpsdrv.sys (+safe mode) (sign: 'Microsoft') O23 - Driver R3: Wrapper e Mecanismo Mini-Redirecionador do SMB - (mrxsmb) - C:\Windows\system32\DRIVERS\mrxsmb.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: 3ware - C:\Windows\System32\drivers\3ware.sys (sign: 'Microsoft') O23 - Driver S0: Adaptec SAS/SATA-II RAID Storport's Miniport Driver - (arcsas) - C:\Windows\System32\drivers\arcsas.sys (sign: 'Microsoft') O23 - Driver S0: ADP80XX - C:\Windows\System32\drivers\ADP80XX.SYS (sign: 'Microsoft') O23 - Driver S0: amdsata - C:\Windows\System32\drivers\amdsata.sys (sign: 'Microsoft') O23 - Driver S0: amdsbs - C:\Windows\System32\drivers\amdsbs.sys (sign: 'Microsoft') O23 - Driver S0: amdxata - C:\Windows\System32\drivers\amdxata.sys (sign: 'Microsoft') O23 - Driver S0: Apple Solid State Drive Device - (AppleSSD) - C:\Windows\System32\drivers\AppleSSD.sys (sign: 'Microsoft') O23 - Driver S0: cht4iscsi - C:\Windows\System32\drivers\cht4sx64.sys (sign: 'Microsoft') O23 - Driver S0: Driver de Inicialização do Microsoft Defender Antivírus - (WdBoot) - C:\Windows\system32\drivers\WdBoot.sys (sign: 'Microsoft') O23 - Driver S0: Hardware Policy Driver - (hwpolicy) - C:\Windows\System32\drivers\hwpolicy.sys (sign: 'Microsoft') O23 - Driver S0: HpSAMD - C:\Windows\System32\drivers\HpSAMD.sys (sign: 'Microsoft') O23 - Driver S0: IDE Channel - (atapi) - C:\Windows\System32\drivers\atapi.sys (sign: 'Microsoft') O23 - Driver S0: Intel Chipset SATA RAID Controller - (iaStorAVC) - C:\Windows\System32\drivers\iaStorAVC.sys (sign: 'Microsoft') O23 - Driver S0: Intel RAID Controller Windows 7 - (iaStorV) - C:\Windows\System32\drivers\iaStorV.sys (sign: 'Microsoft') O23 - Driver S0: intelide - C:\Windows\System32\drivers\intelide.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: isapnp - C:\Windows\System32\drivers\isapnp.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: ItSas35i - C:\Windows\System32\drivers\ItSas35i.sys (sign: 'Microsoft') O23 - Driver S0: LSI_SAS - C:\Windows\System32\drivers\lsi_sas.sys (sign: 'Microsoft') O23 - Driver S0: LSI_SAS2i - C:\Windows\System32\drivers\lsi_sas2i.sys (sign: 'Microsoft') O23 - Driver S0: LSI_SAS3i - C:\Windows\System32\drivers\lsi_sas3i.sys (sign: 'Microsoft') O23 - Driver S0: megasas2i - C:\Windows\System32\drivers\MegaSas2i.sys (sign: 'Microsoft') O23 - Driver S0: megasas35i - C:\Windows\System32\drivers\megasas35i.sys (sign: 'Microsoft') O23 - Driver S0: megasr - C:\Windows\System32\drivers\megasr.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols - (EhStorTcgDrv) - C:\Windows\System32\drivers\EhStorTcgDrv.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: Microsoft GenPass Driver - (GenPass) - C:\Windows\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft Hyper-V Storage Accelerator - (storflt) - C:\Windows\System32\drivers\vmstorfl.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft Hyper-V VHDPMEM BTT Filter - (bttflt) - C:\Windows\System32\drivers\bttflt.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: Microsoft Hyper-V Virtual PCI Bus - (vpci) - C:\Windows\System32\drivers\vpci.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: Microsoft NVDIMM device driver - (nvdimm) - C:\Windows\System32\drivers\nvdimm.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: Microsoft NVMe disk driver - (nvmedisk) - C:\Windows\System32\drivers\nvmedisk.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft persistent memory disk driver - (pmem) - C:\Windows\System32\drivers\pmem.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft Standard SATA AHCI Driver - (storahci) - C:\Windows\System32\drivers\storahci.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft Storage Class Memory Bus Driver - (scmbus) - C:\Windows\System32\drivers\scmbus.sys (sign: 'Microsoft') O23 - Driver S0: Microsoft Universal Flash Storage (UFS) Driver - (storufs) - C:\Windows\System32\drivers\storufs.sys (sign: 'Microsoft') O23 - Driver S0: mpi3drvi - C:\Windows\System32\drivers\mpi3drvi.sys (sign: 'Microsoft') O23 - Driver S0: mvumis - C:\Windows\System32\drivers\mvumis.sys (sign: 'Microsoft') O23 - Driver S0: nvraid - C:\Windows\System32\drivers\nvraid.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: nvstor - C:\Windows\System32\drivers\nvstor.sys (sign: 'Microsoft') O23 - Driver S0: pciide - C:\Windows\System32\drivers\pciide.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: pcmcia - C:\Windows\System32\drivers\pcmcia.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: percsas2i - C:\Windows\System32\drivers\percsas2i.sys (sign: 'Microsoft') O23 - Driver S0: percsas3i - C:\Windows\System32\drivers\percsas3i.sys (sign: 'Microsoft') O23 - Driver S0: pvscsi Storage Controller Driver - (pvscsi) - C:\Windows\System32\drivers\pvscsii.sys (sign: 'Microsoft') O23 - Driver S0: QLogic 10 Gigabit Ethernet Adapter VBD - (ebdrv) - C:\Windows\System32\drivers\evbda.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: QLogic Legacy Ethernet Adapter VBD - (ebdrv0) - C:\Windows\System32\drivers\evbd0a.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: QLogic Network Adapter VBD - (b06bdrv) - C:\Windows\System32\drivers\bxvbda.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: SBP-2 Transport/Protocol Bus Driver - (sbp2port) - C:\Windows\System32\drivers\sbp2port.sys (sign: 'Microsoft') O23 - Driver S0: SiSRaid2 - C:\Windows\System32\drivers\SiSRaid2.sys (sign: 'Microsoft') O23 - Driver S0: SiSRaid4 - C:\Windows\System32\drivers\sisraid4.sys (sign: 'Microsoft') O23 - Driver S0: SmartSAMD - C:\Windows\System32\drivers\SmartSAMD.sys (sign: 'Microsoft') O23 - Driver S0: stexstor - C:\Windows\System32\drivers\stexstor.sys (sign: 'Microsoft') O23 - Driver S0: storvsc - C:\Windows\System32\drivers\storvsc.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: VIA StorX Storage RAID Controller Windows Driver - (VSTXRAID) - C:\Windows\System32\drivers\vstxraid.sys (sign: 'Microsoft') O23 - Driver S0: Virtual Machine Bus - (vmbus) - C:\Windows\System32\drivers\vmbus.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S0: vsmraid - C:\Windows\System32\drivers\vsmraid.sys (sign: 'Microsoft') O23 - Driver S0: Windows RAM Disk Driver - (Ramdisk) - C:\Windows\system32\DRIVERS\ramdisk.sys (sign: 'Microsoft') O23 - Driver S3: "Microsoft 1.1 UAA Function Driver for High Definition Audio Service" ; {PlaceHolder="UAA","High Definition Audio"} - (HdAudAddService) - C:\Windows\System32\drivers\HdAudio.sys (sign: 'Microsoft') O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\Windows\System32\drivers\BthA2dp.sys (sign: 'Microsoft') O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\Windows\System32\drivers\bthhfenum.sys (sign: 'Microsoft') O23 - Driver S3: "USB Audio 2.0 Service"; {Placeholder="USB"} - (usbaudio2) - C:\Windows\System32\drivers\usbaudio2.sys (sign: 'Microsoft') O23 - Driver S3: @%SystemRoot%\system32\drivers\Acx01000.sys,-1000 - (Acx01000) - C:\Windows\system32\drivers\Acx01000.sys (sign: 'Microsoft') O23 - Driver S3: @%systemroot%\system32\drivers\spaceparser.sys,-1001 - (spaceparser) - C:\Windows\system32\drivers\spaceparser.sys (sign: 'Microsoft') O23 - Driver S3: @%SystemRoot%\system32\drivers\WdmCompanionFilter.sys,-1000 - (WdmCompanionFilter) - C:\Windows\system32\drivers\WdmCompanionFilter.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: @msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator - (msgpiowin32) - C:\Windows\System32\drivers\msgpiowin32.sys (sign: 'Microsoft') O23 - Driver S3: @todo.dll,-100;Microsoft IPv6 Protocol Driver - (Tcpip6) - C:\Windows\System32\drivers\tcpip.sys (sign: 'Microsoft') O23 - Driver S3: 1394 OHCI Compliant Host Controller - (1394ohci) - C:\Windows\System32\drivers\1394ohci.sys (sign: 'Microsoft') O23 - Driver S3: ACPI Devices driver - (AcpiDev) - C:\Windows\System32\drivers\AcpiDev.sys (sign: 'Microsoft') O23 - Driver S3: ACPI Power Meter Driver - (AcpiPmi) - C:\Windows\System32\drivers\acpipmi.sys (sign: 'Microsoft') O23 - Driver S3: ACPI Processor Aggregator Driver - (acpipagr) - C:\Windows\System32\drivers\acpipagr.sys (sign: 'Microsoft') O23 - Driver S3: ACPI Wake Alarm Driver - (acpitime) - C:\Windows\System32\drivers\acpitime.sys (sign: 'Microsoft') O23 - Driver S3: AMD K8 Processor Driver - (AmdK8) - C:\Windows\System32\drivers\amdk8.sys (sign: 'Microsoft') O23 - Driver S3: AppvStrm - C:\Windows\system32\drivers\AppvStrm.sys (sign: 'Microsoft') O23 - Driver S3: AppvVemgr - C:\Windows\system32\drivers\AppvVemgr.sys (sign: 'Microsoft') O23 - Driver S3: AppvVfs - C:\Windows\system32\drivers\AppvVfs.sys (sign: 'Microsoft') O23 - Driver S3: bcmfn2 Service - (bcmfn2) - C:\Windows\System32\drivers\bcmfn2.sys (sign: 'Microsoft') O23 - Driver S3: Bluetooth Device (RFCOMM Protocol TDI) - (RFCOMM) - C:\Windows\System32\drivers\rfcomm.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Bluetooth Enumerator Service - (BthEnum) - C:\Windows\System32\drivers\BthEnum.sys (sign: 'Microsoft') O23 - Driver S3: Bluetooth Low Energy Driver - (BthLEEnum) - C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (sign: 'Microsoft') O23 - Driver S3: Bluetooth Modem Communications Driver - (BTHMODEM) - C:\Windows\System32\drivers\bthmodem.sys (sign: 'Microsoft') O23 - Driver S3: Bluetooth Port Driver - (BTHPORT) - C:\Windows\System32\drivers\BTHport.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Bluetooth Radio Driver - (BthMini) - C:\Windows\System32\drivers\BTHMINI.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Bluetooth Radio USB Driver - (BTHUSB) - C:\Windows\System32\drivers\BTHUSB.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Chelsio Virtual Bus Driver - (cht4vbd) - C:\Windows\System32\drivers\cht4vx64.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Chipidea USB Role-Switch Driver - (UrsChipidea) - C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_1dcac3970ff32f7b\urschipidea.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Common Driver for HID Buttons implemented with interrupts - (hidinterrupt) - C:\Windows\System32\drivers\hidinterrupt.sys (sign: 'Microsoft') O23 - Driver S3: Consumer IR Devices - (circlass) - C:\Windows\System32\drivers\circlass.sys (sign: 'Microsoft') O23 - Driver S3: CPU Scheduler for High Performance I/O - (ExecutionContext) - C:\Windows\System32\Drivers\ExecutionContext.sys (sign: 'Microsoft') O23 - Driver S3: dmvsc - C:\Windows\System32\drivers\dmvsc.sys (sign: 'Microsoft') O23 - Driver S3: Driver ARP IPv6 de Acesso Remoto - (wanarpv6) - C:\Windows\System32\DRIVERS\wanarp.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Driver de Chamada WFP de Segurança da Microsoft - (MsSecWfp) - C:\Windows\system32\drivers\mssecwfp.sys (sign: 'Microsoft') O23 - Driver S3: Driver de Filtro da Classe Hub USB de Área de Trabalho Remota - (TsUsbFlt) - C:\Windows\system32\drivers\tsusbflt.sys (sign: 'Microsoft') O23 - Driver S3: Driver de Filtro de Classe PnP de Cartão inteligente - (scfilter) - C:\Windows\System32\DRIVERS\scfilter.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Driver de filtro de tráfego IP - (IpFilterDriver) - C:\Windows\system32\DRIVERS\ipfltdrv.sys (sign: 'Microsoft') O23 - Driver S3: Driver de mídia assíncrona RAS - (AsyncMac) - C:\Windows\System32\drivers\asyncmac.sys (sign: 'Microsoft') O23 - Driver S3: Driver de modo Kernel de Indirect Displays - (IndirectKmd) - C:\Windows\System32\drivers\IndirectKmd.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Driver de Redirecionador de Dispositivos de Área de Trabalho Remota - (RDPDR) - C:\Windows\System32\drivers\rdpdr.sys (sign: 'Microsoft') O23 - Driver S3: Driver do Adaptador de Miniporta de Túnel da Microsoft - (tunnel) - C:\Windows\System32\drivers\tunnel.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Driver do Redirecionador de Cliente WebDav - (MRxDAV) - C:\Windows\system32\drivers\mrxdav.sys (sign: 'Microsoft') O23 - Driver S3: Driver NAT do Windows - (WinNat) - C:\Windows\system32\drivers\winnat.sys (sign: 'Microsoft') O23 - Driver S3: Driver WAN NDIS HERDADO de Acesso Remoto - (ndiswanlegacy) - C:\Windows\System32\DRIVERS\ndiswan.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: eHome Infrared Receiver (USBCIR) - (usbcir) - C:\Windows\System32\drivers\usbcir.sys (sign: 'Microsoft') O23 - Driver S3: Extensão do Verificador de Driver - (VerifierExt) - C:\Windows\System32\drivers\VerifierExt.sys (sign: 'Microsoft') O23 - Driver S3: File System Dependency Minifilter - (FsDepends) - C:\Windows\System32\drivers\FsDepends.sys (sign: 'Microsoft') O23 - Driver S3: FileTrace - (Filetrace) - C:\Windows\system32\drivers\filetrace.sys (sign: 'Microsoft') O23 - Driver S3: Floppy Disk Controller Driver - (fdc) - C:\Windows\System32\drivers\fdc.sys (sign: 'Microsoft') O23 - Driver S3: Floppy Disk Driver - (flpydisk) - C:\Windows\System32\drivers\flpydisk.sys (sign: 'Microsoft') O23 - Driver S3: Generic USB Function Class - (genericusbfn) - C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: HID UPS Battery Driver - (HidBatt) - C:\Windows\System32\drivers\HidBatt.sys (sign: 'Microsoft') O23 - Driver S3: HidSpi KMDF Class Extension - (HidSpiCx) - C:\Windows\system32\drivers\HidSpiCx.sys (sign: 'Microsoft') O23 - Driver S3: High-Capacity Floppy Disk Drive - (sfloppy) - C:\Windows\System32\drivers\sfloppy.sys (sign: 'Microsoft') O23 - Driver S3: Holographic Spatial Graph Filter - (SpatialGraphFilter) - C:\Windows\System32\drivers\SpatialGraphFilter.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: hyperkbd - C:\Windows\System32\drivers\hyperkbd.sys (sign: 'Microsoft') O23 - Driver S3: HyperVideo - C:\Windows\System32\drivers\HyperVideo.sys (sign: 'Microsoft') O23 - Driver S3: Intel Processor Driver - (intelppm) - C:\Windows\System32\drivers\intelppm.sys (sign: 'Microsoft') O23 - Driver S3: Intel Serial IO GPIO Controller Driver - (iagpio) - C:\Windows\System32\drivers\iagpio.sys (sign: 'Microsoft') O23 - Driver S3: Intel(R) Dynamic Device Peak Power Manager Driver - (intelpmax) - C:\Windows\System32\drivers\intelpmax.sys (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group') O23 - Driver S3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2i_GPIO2) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2i_GPIO2_BXT_P) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2i_GPIO2_CNL) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2i_GPIO2_GLK) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO I2C Controller Driver - (iaLPSSi_I2C) - C:\Windows\System32\drivers\iaLPSSi_I2C.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2i_I2C) - C:\Windows\System32\drivers\iaLPSS2i_I2C.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2i_I2C_BXT_P) - C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2i_I2C_CNL) - C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2i_I2C_GLK) - C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Intel(R) Serial IO I2C Host Controller - (iai2c) - C:\Windows\System32\drivers\iai2c.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: IP Network Address Translator - (IPNAT) - C:\Windows\System32\drivers\ipnat.sys (sign: 'Microsoft') O23 - Driver S3: IPMIDRV - C:\Windows\System32\drivers\IPMIDrv.sys (sign: 'Microsoft') O23 - Driver S3: IPT - C:\Windows\System32\drivers\ipt.sys (sign: 'Microsoft') O23 - Driver S3: iScsiPort Driver - (iScsiPrt) - C:\Windows\System32\drivers\msiscsi.sys (sign: 'Microsoft') O23 - Driver S3: kbldfltr - C:\Windows\system32\drivers\kbldfltr.sys (sign: 'Microsoft') O23 - Driver S3: Keyboard HID Driver - (kbdhid) - C:\Windows\System32\drivers\kbdhid.sys (sign: 'Microsoft') O23 - Driver S3: MA-USB Host Controller Driver - (mausbhost) - C:\Windows\System32\drivers\mausbhost.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: MA-USB IP Filter Driver - (mausbip) - C:\Windows\System32\drivers\mausbip.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: MBB Network Adapter Class Extension - (MbbCx) - C:\Windows\system32\drivers\MbbCx.sys (sign: 'Microsoft') O23 - Driver S3: Mellanox ConnectX Bus Enumerator - (mlx4_bus) - C:\Windows\System32\drivers\mlx4_bus.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Mellanox InfiniBand Bus/AL (Filter Driver) - (ibbus) - C:\Windows\System32\drivers\ibbus.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Microsoft Bluetooth Avrcp Transport Driver - (Microsoft_Bluetooth_AvrcpTransport) - C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Bluetooth HID Miniport - (HidBth) - C:\Windows\System32\drivers\hidbth.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Hardware Error Device Driver - (ErrDev) - C:\Windows\System32\drivers\errdev.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Hardware Notifications Class Extension Driver - (HwNClx0101) - C:\Windows\System32\Drivers\mshwnclx.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Hyper-V Generation Counter - (gencounter) - C:\Windows\System32\drivers\vmgencounter.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Hyper-V Guest Infrastructure Driver - (vmgid) - C:\Windows\System32\drivers\vmgid.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Hypervisor Service Driver - (hvservice) - C:\Windows\System32\drivers\hvservice.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Infrared HID Driver - (HidIr) - C:\Windows\System32\drivers\hidir.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Memory Module Driver - (PNPMEM) - C:\Windows\System32\drivers\pnpmem.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Pluton Service - (Hsp) - C:\Windows\System32\drivers\Hsp.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Remote Desktop Input Driver - (terminpt) - C:\Windows\System32\drivers\terminpt.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Route Policy Service - (RoutePolicy) - C:\Windows\System32\drivers\RoutePolicy.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft SPI HID Miniport Driver - (hidspi) - C:\Windows\System32\drivers\hidspi.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Streaming Clock Proxy - (MSPCLOCK) - C:\Windows\System32\drivers\MSPCLOCK.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Streaming Quality Manager Proxy - (MSPQM) - C:\Windows\System32\drivers\MSPQM.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Streaming Service Proxy - (MSKSSRV) - C:\Windows\System32\drivers\MSKSSRV.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Streaming Tee/Sink-to-Sink Converter - (MSTEE) - C:\Windows\System32\drivers\MSTEE.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft Trusted Audio Drivers - (drmkaud) - C:\Windows\System32\drivers\drmkaud.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft UMPass Driver - (UmPass) - C:\Windows\System32\drivers\umpass.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver - (usbehci) - C:\Windows\System32\drivers\usbehci.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Microsoft USB Generic Parent Driver - (usbccgp) - C:\Windows\System32\drivers\usbccgp.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Microsoft USB Open Host Controller Miniport Driver - (usbohci) - C:\Windows\System32\drivers\usbohci.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Microsoft USB PRINTER Class - (usbprint) - C:\Windows\System32\drivers\usbprint.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft USB Serial Driver - (usbser) - C:\Windows\System32\drivers\usbser.sys (sign: 'Microsoft') O23 - Driver S3: Microsoft USB Standard Hub Driver - (usbhub) - C:\Windows\System32\drivers\usbhub.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Microsoft USB Universal Host Controller Miniport Driver - (usbuhci) - C:\Windows\System32\drivers\usbuhci.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Minifiltro do Componente de Eventos de Segurança da Microsoft - (MsSecFlt) - C:\Windows\system32\drivers\mssecflt.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Modem - C:\Windows\system32\drivers\modem.sys (sign: 'Microsoft') O23 - Driver S3: NDKPerf Driver - (NDKPerf) - C:\Windows\system32\drivers\NDKPerf.sys (sign: 'Microsoft') O23 - Driver S3: NDKPing Driver - (NDKPing) - C:\Windows\system32\drivers\NDKPing.sys (sign: 'Microsoft') O23 - Driver S3: netvsc - C:\Windows\System32\drivers\netvsc.sys (sign: 'Microsoft') O23 - Driver S3: Network Adapter Wdf Class Extension Library - (NetAdapterCx) - C:\Windows\system32\drivers\NetAdapterCx.sys (sign: 'Microsoft') O23 - Driver S3: NetworkDirect Service - (ndfltr) - C:\Windows\System32\drivers\ndfltr.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Packet Monitor Driver - (PktMon) - C:\Windows\system32\drivers\PktMon.sys (sign: 'Microsoft') O23 - Driver S3: Parallel port driver - (Parport) - C:\Windows\System32\drivers\parport.sys (sign: 'Microsoft') O23 - Driver S3: Pass-through HID to UMDF Driver - (mshidumdf) - C:\Windows\System32\drivers\mshidumdf.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Plan 9 Redirector Driver - (P9Rdr) - C:\Windows\System32\drivers\p9rdr.sys (sign: 'Microsoft') O23 - Driver S3: Ponte Microsoft MAC - (MsBridge) - C:\Windows\System32\drivers\bridge.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: portcfg - C:\Windows\System32\drivers\portcfg.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Processor Driver - (Processor) - C:\Windows\System32\drivers\processr.sys (sign: 'Microsoft') O23 - Driver S3: Protocolo do Multiplexador de Adaptador de Rede da Microsoft - (NdisImPlatform) - C:\Windows\System32\drivers\NdisImPlatform.sys (sign: 'Microsoft') O23 - Driver S3: QWAVE driver - (QWAVEdrv) - C:\Windows\system32\drivers\qwavedrv.sys (sign: 'Microsoft') O23 - Driver S3: Remote Access Auto Connection Driver - (RasAcd) - C:\Windows\System32\DRIVERS\rasacd.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Remote Desktop Generic USB Device - (TsUsbGD) - C:\Windows\System32\drivers\TsUsbGD.sys (sign: 'Microsoft') O23 - Driver S3: Remote Desktop USB Hub - (tsusbhub) - C:\Windows\System32\drivers\tsusbhub.sys (sign: 'Microsoft') O23 - Driver S3: Resource Hub proxy driver - (rhproxy) - C:\Windows\System32\drivers\rhproxy.sys (sign: 'Microsoft') O23 - Driver S3: s3cap - C:\Windows\System32\drivers\vms3cap.sys (sign: 'Microsoft') O23 - Driver S3: SD Storage Port Driver - (sdstor) - C:\Windows\System32\drivers\sdstor.sys (sign: 'Microsoft') O23 - Driver S3: sdbus - C:\Windows\System32\drivers\sdbus.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: SDF Reflector - (SDFRd) - C:\Windows\System32\drivers\SDFRd.sys (sign: 'Microsoft') O23 - Driver S3: Serenum Filter Driver - (Serenum) - C:\Windows\System32\drivers\serenum.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Serial Mouse Driver - (sermouse) - C:\Windows\System32\drivers\sermouse.sys (sign: 'Microsoft') O23 - Driver S3: Serial port driver - (Serial) - C:\Windows\System32\drivers\serial.sys (sign: 'Microsoft') O23 - Driver S3: Serial UART Support Library - (SerCx) - C:\Windows\system32\drivers\SerCx.sys (sign: 'Microsoft') O23 - Driver S3: Serial UART Support Library - (SerCx2) - C:\Windows\system32\drivers\SerCx2.sys (sign: 'Microsoft') O23 - Driver S3: Service for Portable Device Control devices - (buttonconverter) - C:\Windows\System32\drivers\buttonconverter.sys (sign: 'Microsoft') O23 - Driver S3: smbdirect - C:\Windows\System32\DRIVERS\smbdirect.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Synopsys USB Role-Switch Driver - (UrsSynopsys) - C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_d123de445c8c5235\urssynopsys.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: UCM-TCPCI KMDF Class Extension - (UcmTcpciCx0101) - C:\Windows\System32\Drivers\UcmTcpciCx.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: UCM-UCSI ACPI Client - (UcmUcsiAcpiClient) - C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys (sign: 'Microsoft') O23 - Driver S3: UCM-UCSI KMDF Class Extension - (UcmUcsiCx0101) - C:\Windows\System32\Drivers\UcmUcsiCx.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB Attached SCSI (UAS) Driver - (UASPStor) - C:\Windows\System32\drivers\uaspstor.sys (sign: 'Microsoft') O23 - Driver S3: USB Audio Driver (WDM) - (usbaudio) - C:\Windows\system32\drivers\usbaudio.sys (sign: 'Microsoft') O23 - Driver S3: USB Chipidea Controller - (UfxChipidea) - C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_a479fc09885aecbd\UfxChipidea.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB Connector Manager KMDF Class Extension - (UcmCx0101) - C:\Windows\System32\Drivers\UcmCx.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB Device Emulation Support Library - (UdeCx) - C:\Windows\system32\drivers\udecx.sys (sign: 'Microsoft') O23 - Driver S3: USB Function Class Extension - (Ufx01000) - C:\Windows\system32\drivers\ufx01000.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB Mass Storage Driver - (USBSTOR) - C:\Windows\System32\drivers\USBSTOR.SYS (sign: 'Microsoft') O23 - Driver S3: USB Role-Switch Support Library - (UrsCx01000) - C:\Windows\system32\drivers\urscx01000.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB Synopsys Controller - (ufxsynopsys) - C:\Windows\System32\drivers\ufxsynopsys.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB4 Device Router Service - (Usb4DeviceRouter) - C:\Windows\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_b82adceab7e2e0cd\Usb4DeviceRouter.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: USB4 Host Router Service - (Usb4HostRouter) - C:\Windows\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_09c189c71f4a601b\Usb4HostRouter.sys (sign: 'Microsoft') O23 - Driver S3: User Mode Driver Frameworks Platform Driver - (WudfPf) - C:\Windows\system32\drivers\WudfPf.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: vhdmp - C:\Windows\System32\drivers\vhdmp.sys (sign: 'Microsoft') O23 - Driver S3: Virtual HID Framework (VHF) Driver - (vhf) - C:\Windows\System32\drivers\vhf.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: VirtualRender - C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_df3fa89d8f6bbc88\vrd.sys (sign: 'Microsoft') O23 - Driver S3: VMBusHID - C:\Windows\System32\drivers\VMBusHID.sys (sign: 'Microsoft') O23 - Driver S3: Wacom Serial Pen HID Driver - (WacomPen) - C:\Windows\System32\drivers\wacompen.sys (sign: 'Microsoft') O23 - Driver S3: Wifi Network Adapter Class Extension - (WifiCx) - C:\Windows\system32\drivers\WifiCx.sys (sign: 'Microsoft') O23 - Driver S3: WIMMount - C:\Windows\system32\drivers\wimmount.sys (sign: 'Microsoft') O23 - Driver S3: Windows Driver Foundation - User-mode Driver Framework Reflector - (WUDFRd) - C:\Windows\System32\drivers\WUDFRd.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: WinMad Service - (WinMad) - C:\Windows\System32\drivers\winmad.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: WinUsb Driver - (WINUSB) - C:\Windows\System32\drivers\WinUSB.SYS (sign: 'Microsoft') O23 - Driver S3: WinVerbs Service - (WinVerbs) - C:\Windows\System32\drivers\winverbs.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: WPD File System driver - (WUDFWpdFs) - C:\Windows\system32\DRIVERS\WUDFRd.sys (sign: 'Microsoft') O23 - Driver S3: WPD Upper Class Filter Driver - (WpdUpFltr) - C:\Windows\System32\drivers\WpdUpFltr.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: Xbox Game Input Protocol Driver - (xboxgip) - C:\Windows\System32\drivers\xboxgip.sys (+safe mode) (sign: 'Microsoft') O23 - Driver S3: XINPUT HID Filter Driver - (xinputhid) - C:\Windows\System32\drivers\xinputhid.sys (+safe mode) (sign: 'Microsoft') O27 - Account: (Missing) HKLM\..\ProfileList\S-1-5-21-283604297-2539371472-1620621064-1001 [ProfileImagePath] = C:\Users\jrn03 (folder missing) -- End of file - Time spent: 18,2 sec. - 362748 bytes, CRC32: FFFFFFFF. Sign: 勶鏽