J
Jarriho
[19:34:13.455] ESET Log Collector v4.0.2.0 (09.12.2019) - 64 bit
[19:34:13.455] Copyright (c) 1992-2019 ESET, spol. s r.o. All rights reserved.
[19:34:13.455] [C:\Users\Admin\AppData\Local\Temp\ESETLogCollector64_11280.exe]
[19:34:13.455]
[19:34:13.455] Detected product type: ees
[19:34:37.516] ==============================
[19:34:37.516] ESET logs collection mode: Filtered binary
[19:34:37.516] Number of days to collect target files and log records for: 30
[19:34:37.516] Targets: [X] Proc, [X] Drives, [X] Devices, [X] SvcsReg, [X] EvLogApp, [X] EvLogSys, [X] SetupAPI, [X] EvLogLSM, [X] EvLogWMI, [X] SysIn, [X] DrvLog, [X] NetCnf, [X] WinsockCat, [X] WFPFil, [X] AllReg, [X] TmpList, [X] SchedTasks, [X] WmiRepo, [X] ProdCnf, [X] DirList, [X] Drivers, [X] EsetReg, [X] EsetCmpts, [X] QInfo, [X] QFiles, [X] Warn, [X] Threat, [X] OnDem, [X] Hips, [X] Fw, [X] FwCnf, [X] Web, [X] Dev, [X] WebCtl, [X] BlkF, [X] SentF, [X] Audit, [X] Spam, [X] ScanCache, [[19:34:37.516] Saving metadata to C:\Users\Admin\AppData\Local\Temp\elc8BEB.tmp
[19:34:37.516] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8BEB.tmp -> metadata.txt
[19:34:37.569] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8BEC.tmp -> info.xml
[19:34:37.569] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8C2B.tmp -> features_state.txt
[19:34:37.569] === Proc ===
[19:34:37.569] Exporting...
[19:34:45.707] OK
[19:34:45.707] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8C2C.tmp -> Windows/Processes.txt
[19:34:45.707] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8C2D.tmp -> Windows/ProcessesTree.txt
[19:34:45.707] === Drives ===
[19:34:45.707] Adding file: C:\Users\Admin\AppData\Local\Temp\elcABFB.tmp -> Windows/drives.txt
[19:34:45.707] Exporting volume information...
[19:34:45.723] OK
[19:34:45.723] Adding file: C:\Users\Admin\AppData\Local\Temp\elcABFC.tmp -> Windows/volumes.txt
[19:34:45.723] === Devices ===
[19:34:46.674] Adding file: C:\Users\Admin\AppData\Local\Temp\elcAFC6.tmp -> Windows/devices/setupClasses.txt
[19:34:46.692] Adding file: C:\Users\Admin\AppData\Local\Temp\elcAFC7.tmp -> Windows/devices/interfaceClasses.txt
[19:34:46.694] === SvcsReg ===
[19:34:46.694] Exporting...
[19:34:47.213] OK
[19:34:47.213] Adding file: C:\Users\Admin\AppData\Local\Temp\elcAFD7.tmp -> Windows/Services.reg
[19:34:47.213] === EvLogApp ===
[19:34:47.213] Exporting...
[19:34:47.545] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB1DC.tmp -> Windows/Logs/Application.evtx
[19:34:47.545] OK
[19:34:47.545] === EvLogSys ===
[19:34:47.545] Exporting...
[19:34:47.661] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB325.tmp -> Windows/Logs/System.evtx
[19:34:47.661] OK
[19:34:47.661] === SetupAPI ===
[19:34:47.661] Adding file: C:\Windows\Inf\setupapi.dev.log -> Windows/Logs/SetupAPI/setupapi.dev.log
[19:34:47.661] Adding file: C:\Windows\Inf\setupapi.setup.log -> Windows/Logs/SetupAPI/setupapi.setup.log
[19:34:47.661] OK
[19:34:47.661] === EvLogLSM ===
[19:34:47.677] Exporting...
[19:34:47.761] OK
[19:34:47.761] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB3A3.tmp -> Windows/Logs/LocalSessionManager-Operational.evtx
[19:34:47.761] === EvLogWMI ===
[19:34:47.761] Exporting...
[19:34:47.893] OK
[19:34:47.893] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB402.tmp -> Windows/Logs/WMI-Activity.evtx
[19:34:47.893] === SysIn ===
[19:34:47.893] SysInspector log is being generated...
[19:34:47.993] "C:\Program Files\ESET\SysInspector.exe" /wantcloud /silent /gen="C:\Users\Admin\AppData\Local\Temp\elcB48F.tmp.xml"
[19:36:40.677] SysInspector log created.
[19:36:40.677] OK
[19:36:40.677] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB48F.tmp.xml -> Config/SysInspector.xml
[19:36:40.677] === DrvLog ===
[19:36:40.677] Adding file: C:\Windows\System32\catroot2\dberr.txt -> Windows/Logs/catroot2_dberr.txt
[19:36:40.677] === NetCnf ===
[19:36:40.677] "C:\Windows\System32\cmd.exe" /c chcp 65001 > nul & "C:\Windows\system32\ipconfig.exe" /all
[19:36:40.909] Saving text data to C:\Users\Admin\AppData\Local\Temp\elc6E08.tmp
[19:36:40.909] OK
[19:36:40.909] Adding file: C:\Users\Admin\AppData\Local\Temp\elc6E08.tmp -> Config/Network.txt
[19:36:40.924] === WinsockCat ===
[19:36:40.924] "C:\Windows\System32\cmd.exe" /c chcp 65001 > nul & "C:\Windows\system32\netsh.exe" winsock show catalog
[19:36:41.478] Saving text data to C:\Users\Admin\AppData\Local\Temp\elc703B.tmp
[19:36:41.478] OK
[19:36:41.478] Adding file: C:\Users\Admin\AppData\Local\Temp\elc703B.tmp -> Config/WinsockLSP.txt
[19:36:41.478] === WFPFil ===
[19:36:41.641] Adding file: C:\Users\Admin\AppData\Local\Temp\elc703C.tmp -> Config/WFPFilters.xml
[19:36:41.826] Adding file: C:\Users\Admin\AppData\Local\Temp\elc70DA.tmp -> Config/WFPState.xml
[19:36:41.826] OK
[19:36:41.826] === AllReg ===
[19:36:41.826] Exporting...
[19:36:44.179] OK
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc71A6.tmp -> Windows/Registry/HARDWARE
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc71F5.tmp -> Windows/Registry/SECURITY
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7206.tmp -> Windows/Registry/Users/.DEFAULT_DEFAULT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7235.tmp -> Windows/Registry/SYSTEM
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7330.tmp -> Windows/Registry/SOFTWARE
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc791D.tmp -> Windows/Registry/BCD
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc794D.tmp -> Windows/Registry/Users/S-1-5-20_NTUSER.DAT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc798C.tmp -> Windows/Registry/Users/S-1-5-19_NTUSER.DAT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc79AD.tmp -> Windows/Registry/Users/S-1-5-21-2954910558-3090857166-2756236921-1001_NTUSER.DAT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7A2B.tmp -> Windows/Registry/Users/S-1-5-21-2954910558-3090857166-2756236921-1001_Classes_UsrClass.dat
[19:36:44.179] === TmpList ===
[19:36:44.201] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AD8.tmp -> Windows/TmpDirs/Admin.txt
[19:36:44.217] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AF8.tmp -> Windows/TmpDirs/Default.txt
[19:36:44.217] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AF9.tmp -> Windows/TmpDirs/Default User.txt
[19:36:44.217] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AFA.tmp -> Windows/TmpDirs/_Windows_temp.txt
[19:36:44.217] === SchedTasks ===
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319 64
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319 64 Critical
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319 Critical
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> Windows/Scheduled Tasks/Microsoft/Windows/Active Directory Rights Management Services Client/AD RMS Rights Policy Template Management (Automated)
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> Windows/Scheduled Tasks/Microsoft/Windows/Active Directory Rights Management Services Client/AD RMS Rights Policy Template Management (Manual)
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager -> Windows/Scheduled Tasks/Microsoft/Windows/AppID/EDP Policy Manager
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppID\PolicyConverter -> Windows/Scheduled Tasks/Microsoft/Windows/AppID/PolicyConverter
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> Windows/Scheduled Tasks/Microsoft/Windows/AppID/VerifiedPublisherCertStoreCheck
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/Microsoft Compatibility Appraiser
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/PcaPatchDbTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/ProgramDataUpdater
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/StartupAppTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\appuriverifierdaily -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/appuriverifierdaily
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\appuriverifierinstall -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/appuriverifierinstall
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\CleanupTemporaryState -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/CleanupTemporaryState
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\DsSvcCleanup -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/DsSvcCleanup
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup -> Windows/Scheduled Tasks/Microsoft/Windows/AppxDeploymentClient/Pre-staged app cleanup
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Autochk\Proxy -> Windows/Scheduled Tasks/Microsoft/Windows/Autochk/Proxy
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives -> Windows/Scheduled Tasks/Microsoft/Windows/BitLocker/BitLocker Encrypt All Drives
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh -> Windows/Scheduled Tasks/Microsoft/Windows/BitLocker/BitLocker MDM policy Refresh
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask -> Windows/Scheduled Tasks/Microsoft/Windows/Bluetooth/UninstallDeviceTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask -> Windows/Scheduled Tasks/Microsoft/Windows/BrokerInfrastructure/BgTaskRegistrationMaintenanceTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/AikCertEnrollTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/CryptoPolicyTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/KeyPreGenTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/SystemTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/UserTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/UserTask-Roam
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan -> Windows/Scheduled Tasks/Microsoft/Windows/Chkdsk/ProactiveScan
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair -> Windows/Scheduled Tasks/Microsoft/Windows/Chkdsk/SyspartRepair
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Clip\License Validation -> Windows/Scheduled Tasks/Microsoft/Windows/Clip/License Validation
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask -> Windows/Scheduled Tasks/Microsoft/Windows/CloudExperienceHost/CreateObjectTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> Windows/Scheduled Tasks/Microsoft/Windows/Customer Experience Improvement Program/Consolidator
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> Windows/Scheduled Tasks/Microsoft/Windows/Customer Experience Improvement Program/UsbCeip
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan -> Windows/Scheduled Tasks/Microsoft/Windows/Data Integrity Scan/Data Integrity Check And Scan
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan -> Windows/Scheduled Tasks/Microsoft/Windows/Data Integrity Scan/Data Integrity Scan
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery -> Windows/Scheduled Tasks/Microsoft/Windows/Data Integrity Scan/Data Integrity Scan for Crash Recovery
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag -> Windows/Scheduled Tasks/Microsoft/Windows/Defrag/ScheduledDefrag
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Device Information\Device -> Windows/Scheduled Tasks/Microsoft/Windows/Device Information/Device
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Device Information\Device User -> Windows/Scheduled Tasks/Microsoft/Windows/Device Information/Device User
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh -> Windows/Scheduled Tasks/Microsoft/Windows/Device Setup/Metadata Refresh
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/HandleCommand
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/HandleWnsCommand
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/IntegrityCheck
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/LocateCommandUserSession
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceAccountChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceLocationRightsChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDevicePeriodic24
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDevicePolicyChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceProtectionStateChanged
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceSettingChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterUserDevice
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner -> Windows/Scheduled Tasks/Microsoft/Windows/Diagnosis/RecommendedTroubleshootingScanner
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled -> Windows/Scheduled Tasks/Microsoft/Windows/Diagnosis/Scheduled
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater -> Windows/Scheduled Tasks/Microsoft/Windows/DirectX/DirectXDatabaseUpdater
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache -> Windows/Scheduled Tasks/Microsoft/Windows/DirectX/DXGIAdapterCache
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup -> Windows/Scheduled Tasks/Microsoft/Windows/DiskCleanup/SilentCleanup
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> Windows/Scheduled Tasks/Microsoft/Windows/DiskDiagnostic/Microsoft-Windows-DiskDiagnosticDataCollector
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> Windows/Scheduled Tasks/Microsoft/Windows/DiskDiagnostic/Microsoft-Windows-DiskDiagnosticResolver
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics -> Windows/Scheduled Tasks/Microsoft/Windows/DiskFootprint/Diagnostics
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense -> Windows/Scheduled Tasks/Microsoft/Windows/DiskFootprint/StorageSense
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DUSM\dusmtask -> Windows/Scheduled Tasks/Microsoft/Windows/DUSM/dusmtask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/EDP App Launch Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/EDP Auth Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/EDP Inaccessible Credentials Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/StorageCardEncryption Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh -> Windows/Scheduled Tasks/Microsoft/Windows/ExploitGuard/ExploitGuard MDM policy Refresh
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient -> Windows/Scheduled Tasks/Microsoft/Windows/Feedback/Siuf/DmClient
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> Windows/Scheduled Tasks/Microsoft/Windows/Feedback/Siuf/DmClientOnScenarioDownload
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Windows/Scheduled Tasks/Microsoft/Windows/File Classification Infrastructure/Property Definition Sync
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) -> Windows/Scheduled Tasks/Microsoft/Windows/FileHistory/File History (maintenance mode)
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/FeatureConfig/ReconcileFeatures
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/FeatureConfig/UsageDataFlushing
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/FeatureConfig/UsageDataReporting
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/OneSettings/RefreshCache
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask -> Windows/Scheduled Tasks/Microsoft/Windows/HelloFace/FODCleanupTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/LocalUserSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/MouseSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/PenSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/TouchpadSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/ScanForUpdates
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/ScanForUpdatesAsUser
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\SmartRetry -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/SmartRetry
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/WakeUpAndContinueUpdates
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/WakeUpAndScanForUpdates
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings -> Windows/Scheduled Tasks/Microsoft/Windows/International/Synchronize Language Settings
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation -> Windows/Scheduled Tasks/Microsoft/Windows/LanguageComponentsInstaller/Installation
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources -> Windows/Scheduled Tasks/Microsoft/Windows/LanguageComponentsInstaller/ReconcileLanguageResources
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation -> Windows/Scheduled Tasks/Microsoft/Windows/LanguageComponentsInstaller/Uninstallation
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange -> Windows/Scheduled Tasks/Microsoft/Windows/License Manager/TempSignedLicenseExchange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Location\Notifications -> Windows/Scheduled Tasks/Microsoft/Windows/Location/Notifications
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog -> Windows/Scheduled Tasks/Microsoft/Windows/Location/WindowsActionDialog
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\WinSAT -> Windows/Scheduled Tasks/Microsoft/Windows/Maintenance/WinSAT
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/Cellular
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/Logon
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/Retry
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/RunOnReboot
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Maps\MapsToastTask -> Windows/Scheduled Tasks/Microsoft/Windows/Maps/MapsToastTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask -> Windows/Scheduled Tasks/Microsoft/Windows/Maps/MapsUpdateTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents -> Windows/Scheduled Tasks/Microsoft/Windows/MemoryDiagnostic/ProcessMemoryDiagnosticEvents
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic -> Windows/Scheduled Tasks/Microsoft/Windows/MemoryDiagnostic/RunFullMemoryDiagnostic
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> Windows/Scheduled Tasks/Microsoft/Windows/Mobile Broadband Accounts/MNO Metadata Parser
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\MUI\LPRemove -> Windows/Scheduled Tasks/Microsoft/Windows/MUI/LPRemove
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService -> Windows/Scheduled Tasks/Microsoft/Windows/Multimedia/SystemSoundsService
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo -> Windows/Scheduled Tasks/Microsoft/Windows/NetTrace/GatherNetworkInfo
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask -> Windows/Scheduled Tasks/Microsoft/Windows/NlaSvc/WiFiTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization -> Windows/Scheduled Tasks/Microsoft/Windows/Offline Files/Background Synchronization
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization -> Windows/Scheduled Tasks/Microsoft/Windows/Offline Files/Logon Synchronization
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update -> Windows/Scheduled Tasks/Microsoft/Windows/PI/Secure-Boot-Update
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks -> Windows/Scheduled Tasks/Microsoft/Windows/PI/Sqm-Tasks
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy -> Windows/Scheduled Tasks/Microsoft/Windows/Plug and Play/Device Install Group Policy
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required -> Windows/Scheduled Tasks/Microsoft/Windows/Plug and Play/Device Install Reboot Required
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers -> Windows/Scheduled Tasks/Microsoft/Windows/Plug and Play/Sysprep Generalize Drivers
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> Windows/Scheduled Tasks/Microsoft/Windows/Power Efficiency Diagnostics/AnalyzeSystem
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Printing\EduPrintProv -> Windows/Scheduled Tasks/Microsoft/Windows/Printing/EduPrintProv
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck -> Windows/Scheduled Tasks/Microsoft/Windows/PushToInstall/LoginCheck
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PushToInstall\Registration -> Windows/Scheduled Tasks/Microsoft/Windows/PushToInstall/Registration
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Ras\MobilityManager -> Windows/Scheduled Tasks/Microsoft/Windows/Ras/MobilityManager
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE -> Windows/Scheduled Tasks/Microsoft/Windows/RecoveryEnvironment/VerifyWinRE
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup -> Windows/Scheduled Tasks/Microsoft/Windows/Registry/RegIdleBackup
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> Windows/Scheduled Tasks/Microsoft/Windows/RemoteAssistance/RemoteAssistanceTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent -> Windows/Scheduled Tasks/Microsoft/Windows/RetailDemo/CleanupOfflineContent
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup -> Windows/Scheduled Tasks/Microsoft/Windows/Servicing/StartComponentCleanup
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask -> Windows/Scheduled Tasks/Microsoft/Windows/SettingSync/BackgroundUploadTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask -> Windows/Scheduled Tasks/Microsoft/Windows/SettingSync/NetworkStateChangeTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask -> Windows/Scheduled Tasks/Microsoft/Windows/Setup/SetupCleanupTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup -> Windows/Scheduled Tasks/Microsoft/Windows/SharedPC/Account Cleanup
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/CreateObjectTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/FamilySafetyMonitor
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/FamilySafetyRefreshTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/IndexerAutomaticMaintenance
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/UpdateUserPictureTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> Windows/Scheduled Tasks/Microsoft/Windows/SoftwareProtectionPlatform/SvcRestartTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon -> Windows/Scheduled Tasks/Microsoft/Windows/SoftwareProtectionPlatform/SvcRestartTaskLogon
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork -> Windows/Scheduled Tasks/Microsoft/Windows/SoftwareProtectionPlatform/SvcRestartTaskNetwork
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask -> Windows/Scheduled Tasks/Microsoft/Windows/SpacePort/SpaceAgentTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask -> Windows/Scheduled Tasks/Microsoft/Windows/SpacePort/SpaceManagerTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask -> Windows/Scheduled Tasks/Microsoft/Windows/Speech/SpeechModelDownloadTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks -> Windows/Scheduled Tasks/Microsoft/Windows/StateRepository/MaintenanceTasks
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization -> Windows/Scheduled Tasks/Microsoft/Windows/Storage Tiers Management/Storage Tiers Management Initialization
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization -> Windows/Scheduled Tasks/Microsoft/Windows/Storage Tiers Management/Storage Tiers Optimization
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition -> Windows/Scheduled Tasks/Microsoft/Windows/Subscription/EnableLicenseAcquisition
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition -> Windows/Scheduled Tasks/Microsoft/Windows/Subscription/LicenseAcquisition
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/HybridDriveCachePrepopulate
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/HybridDriveCacheRebalance
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/ResPriStaticDbSync
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/WsSwapAssessmentTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore\SR -> Windows/Scheduled Tasks/Microsoft/Windows/SystemRestore/SR
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager\Interactive -> Windows/Scheduled Tasks/Microsoft/Windows/Task Manager/Interactive
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask -> Windows/Scheduled Tasks/Microsoft/Windows/termsrv/RemoteFX/RemoteFXvGPUDisableTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask -> Windows/Scheduled Tasks/Microsoft/Windows/termsrv/RemoteFX/RemoteFXWarningTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> Windows/Scheduled Tasks/Microsoft/Windows/TextServicesFramework/MsCtfMonitor
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime -> Windows/Scheduled Tasks/Microsoft/Windows/Time Synchronization/ForceSynchronizeTime
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime -> Windows/Scheduled Tasks/Microsoft/Windows/Time Synchronization/SynchronizeTime
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone -> Windows/Scheduled Tasks/Microsoft/Windows/Time Zone/SynchronizeTimeZone
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr -> Windows/Scheduled Tasks/Microsoft/Windows/TPM/Tpm-HASCertRetr
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance -> Windows/Scheduled Tasks/Microsoft/Windows/TPM/Tpm-Maintenance
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr -> Windows/Scheduled Tasks/Microsoft/Windows/UNP/RunUpdateNotificationMgr
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Reboot_AC
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Reboot_Battery
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Report policies
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Maintenance Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Scan
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Scan Static Task
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Wake To Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/UpdateModelTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/USO_UxBroker
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig -> Windows/Scheduled Tasks/Microsoft/Windows/UPnP/UPnPHostConfig
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\USB\Usb-Notifications -> Windows/Scheduled Tasks/Microsoft/Windows/USB/Usb-Notifications
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask -> Windows/Scheduled Tasks/Microsoft/Windows/User Profile Service/HiveUploadTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation -> Windows/Scheduled Tasks/Microsoft/Windows/WaaSMedic/PerformRemediation
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WCM\WiFiTask -> Windows/Scheduled Tasks/Microsoft/Windows/WCM/WiFiTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WDI\ResolutionHost -> Windows/Scheduled Tasks/Microsoft/Windows/WDI/ResolutionHost
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting -> Windows/Scheduled Tasks/Microsoft/Windows/Windows Error Reporting/QueueReporting
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> Windows/Scheduled Tasks/Microsoft/Windows/Windows Filtering Platform/BfeOnServiceStartTypeChange
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Windows/Scheduled Tasks/Microsoft/Windows/Windows Media Sharing/UpdateLibrary
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader -> Windows/Scheduled Tasks/Microsoft/Windows/WindowsColorSystem/Calibration Loader
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start -> Windows/Scheduled Tasks/Microsoft/Windows/WindowsUpdate/Scheduled Start
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Wininet\CacheTask -> Windows/Scheduled Tasks/Microsoft/Windows/Wininet/CacheTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync -> Windows/Scheduled Tasks/Microsoft/Windows/WlanSvc/CDSSync
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management -> Windows/Scheduled Tasks/Microsoft/Windows/WOF/WIM-Hash-Management
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation -> Windows/Scheduled Tasks/Microsoft/Windows/WOF/WIM-Hash-Validation
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization -> Windows/Scheduled Tasks/Microsoft/Windows/Work Folders/Work Folders Logon Synchronization
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work -> Windows/Scheduled Tasks/Microsoft/Windows/Work Folders/Work Folders Maintenance Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join -> Windows/Scheduled Tasks/Microsoft/Windows/Workplace Join/Automatic-Device-Join
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync -> Windows/Scheduled Tasks/Microsoft/Windows/Workplace Join/Device-Sync
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check -> Windows/Scheduled Tasks/Microsoft/Windows/Workplace Join/Recovery-Check
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask -> Windows/Scheduled Tasks/Microsoft/Windows/WwanSvc/NotificationTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery -> Windows/Scheduled Tasks/Microsoft/Windows/WwanSvc/OobeDiscovery
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask -> Windows/Scheduled Tasks/Microsoft/XblGameSave/XblGameSaveTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2954910558-3090857166-2756236921-1001 -> Windows/Scheduled Tasks/OneDrive Standalone Update Task-S-1-5-21-2954910558-3090857166-2756236921-1001
[19:36:44.264] Adding file: C:\Windows\System32\Tasks\StartCN -> Windows/Scheduled Tasks/StartCN
[19:36:44.264] Adding file: C:\Windows\System32\Tasks\StartDVR -> Windows/Scheduled Tasks/StartDVR
[19:36:44.264] === WmiRepo ===
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\INDEX.BTR -> Windows/WMI Repository/INDEX.BTR
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\MAPPING1.MAP -> Windows/WMI Repository/MAPPING1.MAP
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\MAPPING2.MAP -> Windows/WMI Repository/MAPPING2.MAP
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\MAPPING3.MAP -> Windows/WMI Repository/MAPPING3.MAP
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\OBJECTS.DATA -> Windows/WMI Repository/OBJECTS.DATA
[19:36:44.264] === ProdCnf ===
[19:36:44.264] Exporting...
[19:36:44.302] Saving product configuration to file C:\Users\Admin\AppData\Local\Temp\elc7B49.tmp
[19:36:44.302] OK
[19:36:44.302] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B49.tmp -> ESET/Config/product_conf.xml
[19:36:44.302] === DirList ===
[19:36:44.302] Exporting...
[19:36:44.302] OK
[19:36:44.302] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B5A.tmp -> ESET/Config/data_dir_list.txt
[19:36:44.302] Exporting...
[19:36:44.317] OK
[19:36:44.317] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B5B.tmp -> ESET/Config/install_dir_list.txt
[19:36:44.317] === Drivers ===
[19:36:44.317] Exporting...
[19:36:44.333] OK
[19:36:44.333] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B6B.tmp -> ESET/Config/drivers.txt
[19:36:44.333] === EsetReg ===
[19:36:44.333] Exporting...
[19:36:44.417] OK
[19:36:44.417] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B7C.tmp -> ESET/Config/ESET.reg
[19:36:44.417] === EsetCmpts ===
[19:36:44.464] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7BCB.tmp -> ESET/Config/msi_features.txt
[19:36:44.464] === QInfo ===
[19:36:44.464] Exporting...
[19:36:44.464] OK
[19:36:44.464] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7BFB.tmp -> ESET/Quarantine/quar_info.txt
[19:36:44.464] === QFiles ===
[19:36:44.464] Exporting...
[19:36:44.464] No files collected
[19:36:44.464] === Warn ===
[19:36:44.464] Exporting ESET log (warnlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7BFC.tmp
[19:36:44.565] OK
[19:36:44.565] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7BFC.tmp -> ESET/Logs/Common/warnlog.dat
[19:36:44.565] === Threat ===
[19:36:44.565] Exporting ESET log (virlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7C6A.tmp
[19:36:44.619] OK
[19:36:44.619] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7C6A.tmp -> ESET/Logs/Common/virlog.dat
[19:36:44.619] === OnDem ===
[19:36:44.619] Exporting ESET log (ndl29587.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7C9A.tmp
[19:36:44.687] OK
[19:36:44.687] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7C9A.tmp -> ESET/Logs/Common/eScan/ndl29587.dat
[19:36:44.687] Exporting ESET log (ndl41.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7CDA.tmp
[19:36:44.760] OK
[19:36:44.760] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7CDA.tmp -> ESET/Logs/Common/eScan/ndl41.dat
[19:36:44.760] === Hips ===
[19:36:44.760] Exporting ESET log (hipslog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D29.tmp
[19:36:44.798] OK
[19:36:44.798] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D29.tmp -> ESET/Logs/Common/hipslog.dat
[19:36:44.798] === Fw ===
[19:36:44.798] Exporting ESET log (epfwlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D49.tmp
[19:36:44.829] OK
[19:36:44.829] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D49.tmp -> ESET/Logs/Net/epfwlog.dat
[19:36:44.829] === FwCnf ===
[19:36:44.829] Adding file: C:\ProgramData\ESET\ESET Security\EpfwUser.dat -> ESET/Config/EpfwUser.dat
[19:36:44.829] Adding file: C:\ProgramData\ESET\ESET Security\EpfwPe.dat -> ESET/Config/EpfwPe.dat
[19:36:44.829] === Web ===
[19:36:44.829] Exporting ESET log (urllog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D69.tmp
[19:36:44.860] OK
[19:36:44.860] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D69.tmp -> ESET/Logs/Net/urllog.dat
[19:36:44.860] === Dev ===
[19:36:44.860] Exporting ESET log (devctrllog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D89.tmp
[19:36:44.891] OK
[19:36:44.891] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D89.tmp -> ESET/Logs/Common/devctrllog.dat
[19:36:44.891] === WebCtl ===
[19:36:44.891] Exporting ESET log (webctllog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7DAA.tmp
[19:36:44.913] OK
[19:36:44.913] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7DAA.tmp -> ESET/Logs/Net/webctllog.dat
[19:36:44.913] === BlkF ===
[19:36:44.913] Exporting ESET log (blocked.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7DCA.tmp
[19:36:44.945] OK
[19:36:44.945] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7DCA.tmp -> ESET/Logs/Common/blocked.dat
[19:36:44.945] === SentF ===
[19:36:44.945] Exporting ESET log (sent.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7DEA.tmp
[19:36:44.976] OK
[19:36:44.976] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7DEA.tmp -> ESET/Logs/Common/sent.dat
[19:36:44.976] === Audit ===
[19:36:44.976] Exporting ESET log (audit.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7E0A.tmp
[19:36:45.061] OK
[19:36:45.061] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7E0A.tmp -> ESET/Logs/Common/audit.dat
[19:36:45.061] === Spam ===
[19:36:45.061] Exporting ESET log (spamlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7E5A.tmp
[19:36:45.076] OK
[19:36:45.076] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7E5A.tmp -> ESET/Logs/Email/spamlog.dat
[19:36:45.076] === ScanCache ===
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\local.db -> ESET/Diagnostics/local.db
[19:36:45.076] === SpamDiag ===
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipblist.map -> ESET/Config/Antispam/domain_ipblist.map
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipglist.map -> ESET/Config/Antispam/domain_ipglist.map
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipilist.map -> ESET/Config/Antispam/domain_ipilist.map
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipwlist.map -> ESET/Config/Antispam/domain_ipwlist.map
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\bodyipblist.db -> ESET/Config/Antispam/bodyipblist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\bodyipilist.db -> ESET/Config/Antispam/bodyipilist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipblist.db -> ESET/Config/Antispam/domain_ipblist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipglist.db -> ESET/Config/Antispam/domain_ipglist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipilist.db -> ESET/Config/Antispam/domain_ipilist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipwlist.db -> ESET/Config/Antispam/domain_ipwlist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\horuscfg.db -> ESET/Config/Antispam/horuscfg.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipblist.db -> ESET/Config/Antispam/ipblist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipglist.db -> ESET/Config/Antispam/ipglist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipilist.db -> ESET/Config/Antispam/ipilist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipinflist.db -> ESET/Config/Antispam/ipinflist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipwlist.db -> ESET/Config/Antispam/ipwlist.db
[19:36:45.092] OK
[19:36:45.092] === Diag ===
[19:36:45.092] No files collected
[19:36:45.092] ===
[19:36:45.203] Saving text data to C:\Users\Admin\AppData\Local\Temp\elc7EE7.tmp
Continue reading...
[19:34:13.455] Copyright (c) 1992-2019 ESET, spol. s r.o. All rights reserved.
[19:34:13.455] [C:\Users\Admin\AppData\Local\Temp\ESETLogCollector64_11280.exe]
[19:34:13.455]
[19:34:13.455] Detected product type: ees
[19:34:37.516] ==============================
[19:34:37.516] ESET logs collection mode: Filtered binary
[19:34:37.516] Number of days to collect target files and log records for: 30
[19:34:37.516] Targets: [X] Proc, [X] Drives, [X] Devices, [X] SvcsReg, [X] EvLogApp, [X] EvLogSys, [X] SetupAPI, [X] EvLogLSM, [X] EvLogWMI, [X] SysIn, [X] DrvLog, [X] NetCnf, [X] WinsockCat, [X] WFPFil, [X] AllReg, [X] TmpList, [X] SchedTasks, [X] WmiRepo, [X] ProdCnf, [X] DirList, [X] Drivers, [X] EsetReg, [X] EsetCmpts, [X] QInfo, [X] QFiles, [X] Warn, [X] Threat, [X] OnDem, [X] Hips, [X] Fw, [X] FwCnf, [X] Web, [X] Dev, [X] WebCtl, [X] BlkF, [X] SentF, [X] Audit, [X] Spam, [X] ScanCache, [[19:34:37.516] Saving metadata to C:\Users\Admin\AppData\Local\Temp\elc8BEB.tmp
[19:34:37.516] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8BEB.tmp -> metadata.txt
[19:34:37.569] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8BEC.tmp -> info.xml
[19:34:37.569] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8C2B.tmp -> features_state.txt
[19:34:37.569] === Proc ===
[19:34:37.569] Exporting...
[19:34:45.707] OK
[19:34:45.707] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8C2C.tmp -> Windows/Processes.txt
[19:34:45.707] Adding file: C:\Users\Admin\AppData\Local\Temp\elc8C2D.tmp -> Windows/ProcessesTree.txt
[19:34:45.707] === Drives ===
[19:34:45.707] Adding file: C:\Users\Admin\AppData\Local\Temp\elcABFB.tmp -> Windows/drives.txt
[19:34:45.707] Exporting volume information...
[19:34:45.723] OK
[19:34:45.723] Adding file: C:\Users\Admin\AppData\Local\Temp\elcABFC.tmp -> Windows/volumes.txt
[19:34:45.723] === Devices ===
[19:34:46.674] Adding file: C:\Users\Admin\AppData\Local\Temp\elcAFC6.tmp -> Windows/devices/setupClasses.txt
[19:34:46.692] Adding file: C:\Users\Admin\AppData\Local\Temp\elcAFC7.tmp -> Windows/devices/interfaceClasses.txt
[19:34:46.694] === SvcsReg ===
[19:34:46.694] Exporting...
[19:34:47.213] OK
[19:34:47.213] Adding file: C:\Users\Admin\AppData\Local\Temp\elcAFD7.tmp -> Windows/Services.reg
[19:34:47.213] === EvLogApp ===
[19:34:47.213] Exporting...
[19:34:47.545] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB1DC.tmp -> Windows/Logs/Application.evtx
[19:34:47.545] OK
[19:34:47.545] === EvLogSys ===
[19:34:47.545] Exporting...
[19:34:47.661] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB325.tmp -> Windows/Logs/System.evtx
[19:34:47.661] OK
[19:34:47.661] === SetupAPI ===
[19:34:47.661] Adding file: C:\Windows\Inf\setupapi.dev.log -> Windows/Logs/SetupAPI/setupapi.dev.log
[19:34:47.661] Adding file: C:\Windows\Inf\setupapi.setup.log -> Windows/Logs/SetupAPI/setupapi.setup.log
[19:34:47.661] OK
[19:34:47.661] === EvLogLSM ===
[19:34:47.677] Exporting...
[19:34:47.761] OK
[19:34:47.761] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB3A3.tmp -> Windows/Logs/LocalSessionManager-Operational.evtx
[19:34:47.761] === EvLogWMI ===
[19:34:47.761] Exporting...
[19:34:47.893] OK
[19:34:47.893] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB402.tmp -> Windows/Logs/WMI-Activity.evtx
[19:34:47.893] === SysIn ===
[19:34:47.893] SysInspector log is being generated...
[19:34:47.993] "C:\Program Files\ESET\SysInspector.exe" /wantcloud /silent /gen="C:\Users\Admin\AppData\Local\Temp\elcB48F.tmp.xml"
[19:36:40.677] SysInspector log created.
[19:36:40.677] OK
[19:36:40.677] Adding file: C:\Users\Admin\AppData\Local\Temp\elcB48F.tmp.xml -> Config/SysInspector.xml
[19:36:40.677] === DrvLog ===
[19:36:40.677] Adding file: C:\Windows\System32\catroot2\dberr.txt -> Windows/Logs/catroot2_dberr.txt
[19:36:40.677] === NetCnf ===
[19:36:40.677] "C:\Windows\System32\cmd.exe" /c chcp 65001 > nul & "C:\Windows\system32\ipconfig.exe" /all
[19:36:40.909] Saving text data to C:\Users\Admin\AppData\Local\Temp\elc6E08.tmp
[19:36:40.909] OK
[19:36:40.909] Adding file: C:\Users\Admin\AppData\Local\Temp\elc6E08.tmp -> Config/Network.txt
[19:36:40.924] === WinsockCat ===
[19:36:40.924] "C:\Windows\System32\cmd.exe" /c chcp 65001 > nul & "C:\Windows\system32\netsh.exe" winsock show catalog
[19:36:41.478] Saving text data to C:\Users\Admin\AppData\Local\Temp\elc703B.tmp
[19:36:41.478] OK
[19:36:41.478] Adding file: C:\Users\Admin\AppData\Local\Temp\elc703B.tmp -> Config/WinsockLSP.txt
[19:36:41.478] === WFPFil ===
[19:36:41.641] Adding file: C:\Users\Admin\AppData\Local\Temp\elc703C.tmp -> Config/WFPFilters.xml
[19:36:41.826] Adding file: C:\Users\Admin\AppData\Local\Temp\elc70DA.tmp -> Config/WFPState.xml
[19:36:41.826] OK
[19:36:41.826] === AllReg ===
[19:36:41.826] Exporting...
[19:36:44.179] OK
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc71A6.tmp -> Windows/Registry/HARDWARE
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc71F5.tmp -> Windows/Registry/SECURITY
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7206.tmp -> Windows/Registry/Users/.DEFAULT_DEFAULT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7235.tmp -> Windows/Registry/SYSTEM
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7330.tmp -> Windows/Registry/SOFTWARE
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc791D.tmp -> Windows/Registry/BCD
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc794D.tmp -> Windows/Registry/Users/S-1-5-20_NTUSER.DAT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc798C.tmp -> Windows/Registry/Users/S-1-5-19_NTUSER.DAT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc79AD.tmp -> Windows/Registry/Users/S-1-5-21-2954910558-3090857166-2756236921-1001_NTUSER.DAT
[19:36:44.179] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7A2B.tmp -> Windows/Registry/Users/S-1-5-21-2954910558-3090857166-2756236921-1001_Classes_UsrClass.dat
[19:36:44.179] === TmpList ===
[19:36:44.201] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AD8.tmp -> Windows/TmpDirs/Admin.txt
[19:36:44.217] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AF8.tmp -> Windows/TmpDirs/Default.txt
[19:36:44.217] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AF9.tmp -> Windows/TmpDirs/Default User.txt
[19:36:44.217] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7AFA.tmp -> Windows/TmpDirs/_Windows_temp.txt
[19:36:44.217] === SchedTasks ===
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319 64
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319 64 Critical
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical -> Windows/Scheduled Tasks/Microsoft/Windows/.NET Framework/.NET Framework NGEN v4.0.30319 Critical
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> Windows/Scheduled Tasks/Microsoft/Windows/Active Directory Rights Management Services Client/AD RMS Rights Policy Template Management (Automated)
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> Windows/Scheduled Tasks/Microsoft/Windows/Active Directory Rights Management Services Client/AD RMS Rights Policy Template Management (Manual)
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager -> Windows/Scheduled Tasks/Microsoft/Windows/AppID/EDP Policy Manager
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppID\PolicyConverter -> Windows/Scheduled Tasks/Microsoft/Windows/AppID/PolicyConverter
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> Windows/Scheduled Tasks/Microsoft/Windows/AppID/VerifiedPublisherCertStoreCheck
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/Microsoft Compatibility Appraiser
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/PcaPatchDbTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/ProgramDataUpdater
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask -> Windows/Scheduled Tasks/Microsoft/Windows/Application Experience/StartupAppTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\appuriverifierdaily -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/appuriverifierdaily
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\appuriverifierinstall -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/appuriverifierinstall
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\CleanupTemporaryState -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/CleanupTemporaryState
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\applicationdata\DsSvcCleanup -> Windows/Scheduled Tasks/Microsoft/Windows/applicationdata/DsSvcCleanup
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup -> Windows/Scheduled Tasks/Microsoft/Windows/AppxDeploymentClient/Pre-staged app cleanup
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Autochk\Proxy -> Windows/Scheduled Tasks/Microsoft/Windows/Autochk/Proxy
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives -> Windows/Scheduled Tasks/Microsoft/Windows/BitLocker/BitLocker Encrypt All Drives
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh -> Windows/Scheduled Tasks/Microsoft/Windows/BitLocker/BitLocker MDM policy Refresh
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask -> Windows/Scheduled Tasks/Microsoft/Windows/Bluetooth/UninstallDeviceTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask -> Windows/Scheduled Tasks/Microsoft/Windows/BrokerInfrastructure/BgTaskRegistrationMaintenanceTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/AikCertEnrollTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/CryptoPolicyTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/KeyPreGenTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/SystemTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/UserTask
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> Windows/Scheduled Tasks/Microsoft/Windows/CertificateServicesClient/UserTask-Roam
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan -> Windows/Scheduled Tasks/Microsoft/Windows/Chkdsk/ProactiveScan
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair -> Windows/Scheduled Tasks/Microsoft/Windows/Chkdsk/SyspartRepair
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Clip\License Validation -> Windows/Scheduled Tasks/Microsoft/Windows/Clip/License Validation
[19:36:44.217] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask -> Windows/Scheduled Tasks/Microsoft/Windows/CloudExperienceHost/CreateObjectTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> Windows/Scheduled Tasks/Microsoft/Windows/Customer Experience Improvement Program/Consolidator
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> Windows/Scheduled Tasks/Microsoft/Windows/Customer Experience Improvement Program/UsbCeip
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan -> Windows/Scheduled Tasks/Microsoft/Windows/Data Integrity Scan/Data Integrity Check And Scan
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan -> Windows/Scheduled Tasks/Microsoft/Windows/Data Integrity Scan/Data Integrity Scan
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery -> Windows/Scheduled Tasks/Microsoft/Windows/Data Integrity Scan/Data Integrity Scan for Crash Recovery
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag -> Windows/Scheduled Tasks/Microsoft/Windows/Defrag/ScheduledDefrag
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Device Information\Device -> Windows/Scheduled Tasks/Microsoft/Windows/Device Information/Device
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Device Information\Device User -> Windows/Scheduled Tasks/Microsoft/Windows/Device Information/Device User
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh -> Windows/Scheduled Tasks/Microsoft/Windows/Device Setup/Metadata Refresh
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/HandleCommand
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/HandleWnsCommand
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/IntegrityCheck
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/LocateCommandUserSession
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceAccountChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceLocationRightsChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDevicePeriodic24
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDevicePolicyChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceProtectionStateChanged
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterDeviceSettingChange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice -> Windows/Scheduled Tasks/Microsoft/Windows/DeviceDirectoryClient/RegisterUserDevice
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner -> Windows/Scheduled Tasks/Microsoft/Windows/Diagnosis/RecommendedTroubleshootingScanner
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled -> Windows/Scheduled Tasks/Microsoft/Windows/Diagnosis/Scheduled
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater -> Windows/Scheduled Tasks/Microsoft/Windows/DirectX/DirectXDatabaseUpdater
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache -> Windows/Scheduled Tasks/Microsoft/Windows/DirectX/DXGIAdapterCache
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup -> Windows/Scheduled Tasks/Microsoft/Windows/DiskCleanup/SilentCleanup
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> Windows/Scheduled Tasks/Microsoft/Windows/DiskDiagnostic/Microsoft-Windows-DiskDiagnosticDataCollector
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> Windows/Scheduled Tasks/Microsoft/Windows/DiskDiagnostic/Microsoft-Windows-DiskDiagnosticResolver
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics -> Windows/Scheduled Tasks/Microsoft/Windows/DiskFootprint/Diagnostics
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense -> Windows/Scheduled Tasks/Microsoft/Windows/DiskFootprint/StorageSense
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\DUSM\dusmtask -> Windows/Scheduled Tasks/Microsoft/Windows/DUSM/dusmtask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/EDP App Launch Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/EDP Auth Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/EDP Inaccessible Credentials Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task -> Windows/Scheduled Tasks/Microsoft/Windows/EDP/StorageCardEncryption Task
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh -> Windows/Scheduled Tasks/Microsoft/Windows/ExploitGuard/ExploitGuard MDM policy Refresh
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient -> Windows/Scheduled Tasks/Microsoft/Windows/Feedback/Siuf/DmClient
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> Windows/Scheduled Tasks/Microsoft/Windows/Feedback/Siuf/DmClientOnScenarioDownload
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Windows/Scheduled Tasks/Microsoft/Windows/File Classification Infrastructure/Property Definition Sync
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) -> Windows/Scheduled Tasks/Microsoft/Windows/FileHistory/File History (maintenance mode)
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/FeatureConfig/ReconcileFeatures
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/FeatureConfig/UsageDataFlushing
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/FeatureConfig/UsageDataReporting
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache -> Windows/Scheduled Tasks/Microsoft/Windows/Flighting/OneSettings/RefreshCache
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask -> Windows/Scheduled Tasks/Microsoft/Windows/HelloFace/FODCleanupTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/LocalUserSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/MouseSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/PenSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable -> Windows/Scheduled Tasks/Microsoft/Windows/Input/TouchpadSyncDataAvailable
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/ScanForUpdates
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/ScanForUpdatesAsUser
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\SmartRetry -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/SmartRetry
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/WakeUpAndContinueUpdates
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates -> Windows/Scheduled Tasks/Microsoft/Windows/InstallService/WakeUpAndScanForUpdates
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings -> Windows/Scheduled Tasks/Microsoft/Windows/International/Synchronize Language Settings
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation -> Windows/Scheduled Tasks/Microsoft/Windows/LanguageComponentsInstaller/Installation
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources -> Windows/Scheduled Tasks/Microsoft/Windows/LanguageComponentsInstaller/ReconcileLanguageResources
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation -> Windows/Scheduled Tasks/Microsoft/Windows/LanguageComponentsInstaller/Uninstallation
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange -> Windows/Scheduled Tasks/Microsoft/Windows/License Manager/TempSignedLicenseExchange
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Location\Notifications -> Windows/Scheduled Tasks/Microsoft/Windows/Location/Notifications
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog -> Windows/Scheduled Tasks/Microsoft/Windows/Location/WindowsActionDialog
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\WinSAT -> Windows/Scheduled Tasks/Microsoft/Windows/Maintenance/WinSAT
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/Cellular
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/Logon
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/Retry
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot -> Windows/Scheduled Tasks/Microsoft/Windows/Management/Provisioning/RunOnReboot
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Maps\MapsToastTask -> Windows/Scheduled Tasks/Microsoft/Windows/Maps/MapsToastTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask -> Windows/Scheduled Tasks/Microsoft/Windows/Maps/MapsUpdateTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents -> Windows/Scheduled Tasks/Microsoft/Windows/MemoryDiagnostic/ProcessMemoryDiagnosticEvents
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic -> Windows/Scheduled Tasks/Microsoft/Windows/MemoryDiagnostic/RunFullMemoryDiagnostic
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> Windows/Scheduled Tasks/Microsoft/Windows/Mobile Broadband Accounts/MNO Metadata Parser
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\MUI\LPRemove -> Windows/Scheduled Tasks/Microsoft/Windows/MUI/LPRemove
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService -> Windows/Scheduled Tasks/Microsoft/Windows/Multimedia/SystemSoundsService
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo -> Windows/Scheduled Tasks/Microsoft/Windows/NetTrace/GatherNetworkInfo
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask -> Windows/Scheduled Tasks/Microsoft/Windows/NlaSvc/WiFiTask
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization -> Windows/Scheduled Tasks/Microsoft/Windows/Offline Files/Background Synchronization
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization -> Windows/Scheduled Tasks/Microsoft/Windows/Offline Files/Logon Synchronization
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update -> Windows/Scheduled Tasks/Microsoft/Windows/PI/Secure-Boot-Update
[19:36:44.233] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks -> Windows/Scheduled Tasks/Microsoft/Windows/PI/Sqm-Tasks
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy -> Windows/Scheduled Tasks/Microsoft/Windows/Plug and Play/Device Install Group Policy
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required -> Windows/Scheduled Tasks/Microsoft/Windows/Plug and Play/Device Install Reboot Required
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers -> Windows/Scheduled Tasks/Microsoft/Windows/Plug and Play/Sysprep Generalize Drivers
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> Windows/Scheduled Tasks/Microsoft/Windows/Power Efficiency Diagnostics/AnalyzeSystem
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Printing\EduPrintProv -> Windows/Scheduled Tasks/Microsoft/Windows/Printing/EduPrintProv
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck -> Windows/Scheduled Tasks/Microsoft/Windows/PushToInstall/LoginCheck
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\PushToInstall\Registration -> Windows/Scheduled Tasks/Microsoft/Windows/PushToInstall/Registration
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Ras\MobilityManager -> Windows/Scheduled Tasks/Microsoft/Windows/Ras/MobilityManager
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE -> Windows/Scheduled Tasks/Microsoft/Windows/RecoveryEnvironment/VerifyWinRE
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup -> Windows/Scheduled Tasks/Microsoft/Windows/Registry/RegIdleBackup
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> Windows/Scheduled Tasks/Microsoft/Windows/RemoteAssistance/RemoteAssistanceTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent -> Windows/Scheduled Tasks/Microsoft/Windows/RetailDemo/CleanupOfflineContent
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup -> Windows/Scheduled Tasks/Microsoft/Windows/Servicing/StartComponentCleanup
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask -> Windows/Scheduled Tasks/Microsoft/Windows/SettingSync/BackgroundUploadTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask -> Windows/Scheduled Tasks/Microsoft/Windows/SettingSync/NetworkStateChangeTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask -> Windows/Scheduled Tasks/Microsoft/Windows/Setup/SetupCleanupTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup -> Windows/Scheduled Tasks/Microsoft/Windows/SharedPC/Account Cleanup
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/CreateObjectTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/FamilySafetyMonitor
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/FamilySafetyRefreshTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/IndexerAutomaticMaintenance
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask -> Windows/Scheduled Tasks/Microsoft/Windows/Shell/UpdateUserPictureTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> Windows/Scheduled Tasks/Microsoft/Windows/SoftwareProtectionPlatform/SvcRestartTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon -> Windows/Scheduled Tasks/Microsoft/Windows/SoftwareProtectionPlatform/SvcRestartTaskLogon
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork -> Windows/Scheduled Tasks/Microsoft/Windows/SoftwareProtectionPlatform/SvcRestartTaskNetwork
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask -> Windows/Scheduled Tasks/Microsoft/Windows/SpacePort/SpaceAgentTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask -> Windows/Scheduled Tasks/Microsoft/Windows/SpacePort/SpaceManagerTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask -> Windows/Scheduled Tasks/Microsoft/Windows/Speech/SpeechModelDownloadTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks -> Windows/Scheduled Tasks/Microsoft/Windows/StateRepository/MaintenanceTasks
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization -> Windows/Scheduled Tasks/Microsoft/Windows/Storage Tiers Management/Storage Tiers Management Initialization
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization -> Windows/Scheduled Tasks/Microsoft/Windows/Storage Tiers Management/Storage Tiers Optimization
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition -> Windows/Scheduled Tasks/Microsoft/Windows/Subscription/EnableLicenseAcquisition
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition -> Windows/Scheduled Tasks/Microsoft/Windows/Subscription/LicenseAcquisition
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/HybridDriveCachePrepopulate
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/HybridDriveCacheRebalance
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/ResPriStaticDbSync
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask -> Windows/Scheduled Tasks/Microsoft/Windows/Sysmain/WsSwapAssessmentTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore\SR -> Windows/Scheduled Tasks/Microsoft/Windows/SystemRestore/SR
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager\Interactive -> Windows/Scheduled Tasks/Microsoft/Windows/Task Manager/Interactive
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask -> Windows/Scheduled Tasks/Microsoft/Windows/termsrv/RemoteFX/RemoteFXvGPUDisableTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask -> Windows/Scheduled Tasks/Microsoft/Windows/termsrv/RemoteFX/RemoteFXWarningTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> Windows/Scheduled Tasks/Microsoft/Windows/TextServicesFramework/MsCtfMonitor
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime -> Windows/Scheduled Tasks/Microsoft/Windows/Time Synchronization/ForceSynchronizeTime
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime -> Windows/Scheduled Tasks/Microsoft/Windows/Time Synchronization/SynchronizeTime
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone -> Windows/Scheduled Tasks/Microsoft/Windows/Time Zone/SynchronizeTimeZone
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr -> Windows/Scheduled Tasks/Microsoft/Windows/TPM/Tpm-HASCertRetr
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance -> Windows/Scheduled Tasks/Microsoft/Windows/TPM/Tpm-Maintenance
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr -> Windows/Scheduled Tasks/Microsoft/Windows/UNP/RunUpdateNotificationMgr
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Reboot_AC
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Reboot_Battery
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Report policies
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Maintenance Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Scan
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Scan Static Task
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Wake To Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/Schedule Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/UpdateModelTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> Windows/Scheduled Tasks/Microsoft/Windows/UpdateOrchestrator/USO_UxBroker
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig -> Windows/Scheduled Tasks/Microsoft/Windows/UPnP/UPnPHostConfig
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\USB\Usb-Notifications -> Windows/Scheduled Tasks/Microsoft/Windows/USB/Usb-Notifications
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask -> Windows/Scheduled Tasks/Microsoft/Windows/User Profile Service/HiveUploadTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation -> Windows/Scheduled Tasks/Microsoft/Windows/WaaSMedic/PerformRemediation
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WCM\WiFiTask -> Windows/Scheduled Tasks/Microsoft/Windows/WCM/WiFiTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WDI\ResolutionHost -> Windows/Scheduled Tasks/Microsoft/Windows/WDI/ResolutionHost
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting -> Windows/Scheduled Tasks/Microsoft/Windows/Windows Error Reporting/QueueReporting
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> Windows/Scheduled Tasks/Microsoft/Windows/Windows Filtering Platform/BfeOnServiceStartTypeChange
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Windows/Scheduled Tasks/Microsoft/Windows/Windows Media Sharing/UpdateLibrary
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader -> Windows/Scheduled Tasks/Microsoft/Windows/WindowsColorSystem/Calibration Loader
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start -> Windows/Scheduled Tasks/Microsoft/Windows/WindowsUpdate/Scheduled Start
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Wininet\CacheTask -> Windows/Scheduled Tasks/Microsoft/Windows/Wininet/CacheTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync -> Windows/Scheduled Tasks/Microsoft/Windows/WlanSvc/CDSSync
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management -> Windows/Scheduled Tasks/Microsoft/Windows/WOF/WIM-Hash-Management
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation -> Windows/Scheduled Tasks/Microsoft/Windows/WOF/WIM-Hash-Validation
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization -> Windows/Scheduled Tasks/Microsoft/Windows/Work Folders/Work Folders Logon Synchronization
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work -> Windows/Scheduled Tasks/Microsoft/Windows/Work Folders/Work Folders Maintenance Work
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join -> Windows/Scheduled Tasks/Microsoft/Windows/Workplace Join/Automatic-Device-Join
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync -> Windows/Scheduled Tasks/Microsoft/Windows/Workplace Join/Device-Sync
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check -> Windows/Scheduled Tasks/Microsoft/Windows/Workplace Join/Recovery-Check
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask -> Windows/Scheduled Tasks/Microsoft/Windows/WwanSvc/NotificationTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery -> Windows/Scheduled Tasks/Microsoft/Windows/WwanSvc/OobeDiscovery
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask -> Windows/Scheduled Tasks/Microsoft/XblGameSave/XblGameSaveTask
[19:36:44.248] Adding file: C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2954910558-3090857166-2756236921-1001 -> Windows/Scheduled Tasks/OneDrive Standalone Update Task-S-1-5-21-2954910558-3090857166-2756236921-1001
[19:36:44.264] Adding file: C:\Windows\System32\Tasks\StartCN -> Windows/Scheduled Tasks/StartCN
[19:36:44.264] Adding file: C:\Windows\System32\Tasks\StartDVR -> Windows/Scheduled Tasks/StartDVR
[19:36:44.264] === WmiRepo ===
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\INDEX.BTR -> Windows/WMI Repository/INDEX.BTR
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\MAPPING1.MAP -> Windows/WMI Repository/MAPPING1.MAP
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\MAPPING2.MAP -> Windows/WMI Repository/MAPPING2.MAP
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\MAPPING3.MAP -> Windows/WMI Repository/MAPPING3.MAP
[19:36:44.264] Adding file: C:\Windows\System32\wbem\Repository\OBJECTS.DATA -> Windows/WMI Repository/OBJECTS.DATA
[19:36:44.264] === ProdCnf ===
[19:36:44.264] Exporting...
[19:36:44.302] Saving product configuration to file C:\Users\Admin\AppData\Local\Temp\elc7B49.tmp
[19:36:44.302] OK
[19:36:44.302] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B49.tmp -> ESET/Config/product_conf.xml
[19:36:44.302] === DirList ===
[19:36:44.302] Exporting...
[19:36:44.302] OK
[19:36:44.302] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B5A.tmp -> ESET/Config/data_dir_list.txt
[19:36:44.302] Exporting...
[19:36:44.317] OK
[19:36:44.317] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B5B.tmp -> ESET/Config/install_dir_list.txt
[19:36:44.317] === Drivers ===
[19:36:44.317] Exporting...
[19:36:44.333] OK
[19:36:44.333] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B6B.tmp -> ESET/Config/drivers.txt
[19:36:44.333] === EsetReg ===
[19:36:44.333] Exporting...
[19:36:44.417] OK
[19:36:44.417] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7B7C.tmp -> ESET/Config/ESET.reg
[19:36:44.417] === EsetCmpts ===
[19:36:44.464] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7BCB.tmp -> ESET/Config/msi_features.txt
[19:36:44.464] === QInfo ===
[19:36:44.464] Exporting...
[19:36:44.464] OK
[19:36:44.464] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7BFB.tmp -> ESET/Quarantine/quar_info.txt
[19:36:44.464] === QFiles ===
[19:36:44.464] Exporting...
[19:36:44.464] No files collected
[19:36:44.464] === Warn ===
[19:36:44.464] Exporting ESET log (warnlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7BFC.tmp
[19:36:44.565] OK
[19:36:44.565] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7BFC.tmp -> ESET/Logs/Common/warnlog.dat
[19:36:44.565] === Threat ===
[19:36:44.565] Exporting ESET log (virlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7C6A.tmp
[19:36:44.619] OK
[19:36:44.619] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7C6A.tmp -> ESET/Logs/Common/virlog.dat
[19:36:44.619] === OnDem ===
[19:36:44.619] Exporting ESET log (ndl29587.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7C9A.tmp
[19:36:44.687] OK
[19:36:44.687] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7C9A.tmp -> ESET/Logs/Common/eScan/ndl29587.dat
[19:36:44.687] Exporting ESET log (ndl41.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7CDA.tmp
[19:36:44.760] OK
[19:36:44.760] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7CDA.tmp -> ESET/Logs/Common/eScan/ndl41.dat
[19:36:44.760] === Hips ===
[19:36:44.760] Exporting ESET log (hipslog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D29.tmp
[19:36:44.798] OK
[19:36:44.798] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D29.tmp -> ESET/Logs/Common/hipslog.dat
[19:36:44.798] === Fw ===
[19:36:44.798] Exporting ESET log (epfwlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D49.tmp
[19:36:44.829] OK
[19:36:44.829] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D49.tmp -> ESET/Logs/Net/epfwlog.dat
[19:36:44.829] === FwCnf ===
[19:36:44.829] Adding file: C:\ProgramData\ESET\ESET Security\EpfwUser.dat -> ESET/Config/EpfwUser.dat
[19:36:44.829] Adding file: C:\ProgramData\ESET\ESET Security\EpfwPe.dat -> ESET/Config/EpfwPe.dat
[19:36:44.829] === Web ===
[19:36:44.829] Exporting ESET log (urllog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D69.tmp
[19:36:44.860] OK
[19:36:44.860] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D69.tmp -> ESET/Logs/Net/urllog.dat
[19:36:44.860] === Dev ===
[19:36:44.860] Exporting ESET log (devctrllog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7D89.tmp
[19:36:44.891] OK
[19:36:44.891] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7D89.tmp -> ESET/Logs/Common/devctrllog.dat
[19:36:44.891] === WebCtl ===
[19:36:44.891] Exporting ESET log (webctllog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7DAA.tmp
[19:36:44.913] OK
[19:36:44.913] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7DAA.tmp -> ESET/Logs/Net/webctllog.dat
[19:36:44.913] === BlkF ===
[19:36:44.913] Exporting ESET log (blocked.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7DCA.tmp
[19:36:44.945] OK
[19:36:44.945] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7DCA.tmp -> ESET/Logs/Common/blocked.dat
[19:36:44.945] === SentF ===
[19:36:44.945] Exporting ESET log (sent.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7DEA.tmp
[19:36:44.976] OK
[19:36:44.976] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7DEA.tmp -> ESET/Logs/Common/sent.dat
[19:36:44.976] === Audit ===
[19:36:44.976] Exporting ESET log (audit.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7E0A.tmp
[19:36:45.061] OK
[19:36:45.061] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7E0A.tmp -> ESET/Logs/Common/audit.dat
[19:36:45.061] === Spam ===
[19:36:45.061] Exporting ESET log (spamlog.dat) as filtered binary to file C:\Users\Admin\AppData\Local\Temp\elc7E5A.tmp
[19:36:45.076] OK
[19:36:45.076] Adding file: C:\Users\Admin\AppData\Local\Temp\elc7E5A.tmp -> ESET/Logs/Email/spamlog.dat
[19:36:45.076] === ScanCache ===
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\local.db -> ESET/Diagnostics/local.db
[19:36:45.076] === SpamDiag ===
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipblist.map -> ESET/Config/Antispam/domain_ipblist.map
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipglist.map -> ESET/Config/Antispam/domain_ipglist.map
[19:36:45.076] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipilist.map -> ESET/Config/Antispam/domain_ipilist.map
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipwlist.map -> ESET/Config/Antispam/domain_ipwlist.map
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\bodyipblist.db -> ESET/Config/Antispam/bodyipblist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\bodyipilist.db -> ESET/Config/Antispam/bodyipilist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipblist.db -> ESET/Config/Antispam/domain_ipblist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipglist.db -> ESET/Config/Antispam/domain_ipglist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipilist.db -> ESET/Config/Antispam/domain_ipilist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\domain_ipwlist.db -> ESET/Config/Antispam/domain_ipwlist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\horuscfg.db -> ESET/Config/Antispam/horuscfg.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipblist.db -> ESET/Config/Antispam/ipblist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipglist.db -> ESET/Config/Antispam/ipglist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipilist.db -> ESET/Config/Antispam/ipilist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipinflist.db -> ESET/Config/Antispam/ipinflist.db
[19:36:45.092] Adding file: C:\ProgramData\ESET\ESET Security\Antispam\ipwlist.db -> ESET/Config/Antispam/ipwlist.db
[19:36:45.092] OK
[19:36:45.092] === Diag ===
[19:36:45.092] No files collected
[19:36:45.092] ===
[19:36:45.203] Saving text data to C:\Users\Admin\AppData\Local\Temp\elc7EE7.tmp
Continue reading...