Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2023 Ran by maxxy (administrator) on DESKTOP-JSB8L0E (Gigabyte Technology Co., Ltd. B550M DS3H) (17-02-2023 16:56:52) Running from C:\Users\maxxy\Desktop Loaded Profiles: maxxy Platform: Microsoft Windows 11 Home Version 22H2 22621.963 (X64) Language: English (United Kingdom) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe ->) (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Streamer.exe (C:\Users\maxxy\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\maxxy\AppData\Local\Programs\Opera\95.0.4635.46\opera_crashreporter.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Norway AS -> Opera Software) C:\Users\maxxy\AppData\Local\Programs\Opera\opera.exe <16> (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\WINDOWS\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\Sgrm\SgrmBroker.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\WINDOWS\System32\RtkAudUService64.exe <2> (services.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (services.exe ->) (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe (svchost.exe ->) (iolo technologies, LLC -> iolo technologies, LLC) [File not signed] C:\Program Files (x86)\Phoenix360\System Mechanic\ioloGovernor64.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\UUS\amd64\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.898_none_6b467c06908d3d29\TiWorker.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1090784 2020-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [182888 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [MicrosoftEdgeAutoLaunch_EA410C61FB31D73AFA3C71DD38F22C9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32613856 2022-04-29] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Discord] => C:\Users\maxxy\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7313360 2022-04-21] (Voicemod Sociedad Limitada -> Voicemod) HKLM\...\Print\Monitors\EPSON Universal Print Driver 64MonitorBE: C:\Windows\system32\E_2LM0DE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.97\Installer\chrmstp.exe [2023-02-13] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [134872 2022-12-03] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) AppInit_DLLs-x32: C:\PROGRA~1\VIRTUA~1\VIRTUA~3.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector32.dll [114904 2022-11-30] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0418EB53-E754-4DDB-AF11-8778E3C6D314} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {19BFBE79-ADBF-4B24-B0BF-6C2E7393A663} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File) Task: {202FAAA2-A05F-4EEA-8C68-1B643FE31001} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {33942BC2-782A-4FE3-B955-8643255A0AE0} - System32\Tasks\ioloSystemShield => C:\Program Files (x86)\Phoenix360\System Mechanic\ioloSSTray.exe [344304 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC) Task: {441F6C7F-8BAB-44C7-A14A-6C53C7CDE757} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveMessenger.exe [323328 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) Task: {4608EE82-2324-4B9F-B280-4CAECD489D08} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\Phoenix360\System Mechanic\iologovernor64.exe [713648 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) [File not signed] Task: {47CCF1DC-86EC-4F7E-B333-ECA12ECB9E05} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files (x86)\Phoenix360\System Mechanic\SSDefs.exe [134888 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC) Task: {5C93D029-D6DD-4A3B-A3D8-E1A45CCE348A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {5D6F7FD4-CF08-481C-8327-94DE8C184853} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File) Task: {5F5594FD-6902-4932-8EF2-7C10C498B136} - System32\Tasks\GoogleUpdateTaskMachineCore{A77350C9-322E-4254-8650-68CD3162CCC0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-13] (Google LLC -> Google LLC) Task: {7616873D-6E2C-4895-A01E-DB2601ACFD8C} - System32\Tasks\GoogleUpdateTaskMachineUA{9DA7A8AF-DF37-42FB-B619-FCB471490DBF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-13] (Google LLC -> Google LLC) Task: {87FACB63-E6D8-4842-9D68-C183027AD9F3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File) Task: {93DB6238-2CE7-44C1-BB42-8AF9C66F7A75} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {95CB09EA-1ADC-4A59-AB41-BBEB7ABA4C51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {96B3D3BF-F4AD-4E73-871C-1E1858C5105B} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-10-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9C59FF48-5D64-410E-B834-911D96546B6E} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\Phoenix360\System Mechanic\systemmechanic.exe [414968 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC) Task: {B0815A57-15C1-47BD-9760-679B30CB5076} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) Task: {B0C596CC-ABE3-4972-909F-5A466C1EC69C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {BA34769F-FB6D-458D-9A38-028113600E69} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed] Task: {BBFA1805-340F-4F5F-BD50-75540A53D069} - System32\Tasks\ioloTUDsDownloader => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) Task: {BDA47919-4A96-4370-B35B-C6C257713B10} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {C03A0CA9-61E4-447F-BB1D-E6E19E9BAB96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File) Task: {D7450E21-60F9-4049-BEDD-F844E64E9DCA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {DC8B05AB-67DA-42B0-9251-9DB07CB74D77} - System32\Tasks\Opera scheduled Autoupdate 1676651608 => C:\Users\maxxy\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File) Task: {E7F32B52-A864-4614-BE72-56AECBE24658} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EBD8D12C-7D6F-4410-900E-C9B361FD2B1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ED342AD8-BAF0-4B18-A8E7-03A88E6D4508} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation) Task: {FE0C3551-D3FE-422A-8031-89B2FBEA8EED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1acad439-652f-45f3-a3ff-e410298e2d98}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1eb97fbb-e8b2-4061-b146-11cd0c7910fa}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{595ff362-39cb-43c0-98e0-46e620079cc4}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{a2afe84f-84f3-4927-9eee-da24f6ce7302}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{a2afe84f-84f3-4927-9eee-da24f6ce7302}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c646682c-8898-42ab-812b-3452646595dc}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\maxxy\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-17] Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.duolingo.com Edge HomePage: Default -> hxxp://www.google.co.uk/ Edge StartupUrls: Default -> "hxxps://www.google.co.uk/" Edge Extension: (Google Docs Offline) - C:\Users\maxxy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-17] Chrome: ======= CHR Profile: C:\Users\maxxy\AppData\Local\Google\Chrome\User Data\Default [2023-02-13] CHR Extension: (Google Docs Offline) - C:\Users\maxxy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\maxxy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-13] Opera: ======= OPR Profile: C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable [2023-02-17] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Session Restore: Opera Stable -> is enabled. OPR Extension: (Rich Hints Agent) - C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-02-17] OPR Extension: (Opera Wallet) - C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-17] OPR Extension: (Amazon Assistant Promotion) - C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-02-17] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-12-25] (BattlEye Innovations e.K. -> ) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [231528 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [205928 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [81512 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-03-04] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.) S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-16] (Microsoft Windows -> Microsoft Corporation) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-16] (Microsoft Windows -> Microsoft Corporation) S3 Updater; C:\Program Files\Virtual Desktop Streamer\Updater.exe [1163480 2022-12-19] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.) R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [10657496 2022-12-16] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [129696 2022-04-29] (Skutta, Kristjan -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-04] (Microsoft Windows -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-16] (Microsoft Windows -> Microsoft Corporation) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-09] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-09] (Microsoft Corporation) [File not signed] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed] S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [46600 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22536 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2023-02-17] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> ) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [44936 2022-05-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [77864 2022-05-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.) S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2022-03-08] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-17] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-17] (Microsoft Windows -> Microsoft Corporation) R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-02-17 16:52 - 2023-02-17 16:52 - 000000000 ____D C:\Users\maxxy\Desktop\FRST-OlderVersion 2023-02-17 16:33 - 2023-02-17 16:33 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1676651608 2023-02-17 16:33 - 2023-02-17 16:33 - 000001409 _____ C:\Users\maxxy\Desktop\Opera browser.lnk 2023-02-17 16:33 - 2023-02-17 16:33 - 000001399 _____ C:\Users\maxxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk 2023-02-17 16:33 - 2023-02-17 16:33 - 000000000 ____D C:\Users\maxxy\AppData\Local\Opera Software 2023-02-17 16:31 - 2023-02-17 16:31 - 002863312 _____ (Opera Software) C:\Users\maxxy\Downloads\OperaSetup.exe 2023-02-17 16:31 - 2023-02-17 16:31 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Opera Software 2023-02-13 21:00 - 2023-02-13 21:00 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-02-13 21:00 - 2023-02-13 21:00 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-02-13 21:00 - 2023-02-13 21:00 - 000000000 ____D C:\Program Files\Google 2023-02-13 20:59 - 2023-02-13 20:59 - 001427176 _____ (Google LLC) C:\Users\maxxy\Downloads\ChromeSetup (1).exe 2023-02-13 20:59 - 2023-02-13 20:59 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{9DA7A8AF-DF37-42FB-B619-FCB471490DBF} 2023-02-13 20:59 - 2023-02-13 20:59 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{A77350C9-322E-4254-8650-68CD3162CCC0} 2023-02-13 19:58 - 2023-02-13 20:00 - 000040348 _____ C:\Users\maxxy\Desktop\Addition.txt 2023-02-13 19:56 - 2023-02-17 16:58 - 000025390 _____ C:\Users\maxxy\Desktop\FRST.txt 2023-02-13 19:55 - 2023-02-17 16:57 - 000000000 ____D C:\FRST 2023-02-13 19:55 - 2023-02-17 16:52 - 002378240 _____ (Farbar) C:\Users\maxxy\Desktop\FRST64.exe 2023-02-13 19:53 - 2023-02-13 19:54 - 000000000 ____D C:\Users\maxxy\Desktop\PC Maintenance Tools - Do Not Delete 2023-02-13 19:42 - 2023-02-13 19:43 - 008995336 _____ (Piriform Software Ltd) C:\Users\maxxy\Downloads\spsetup132 (1).exe 2023-02-12 20:55 - 2023-02-17 16:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-02-12 20:16 - 2022-10-14 17:40 - 000001491 _____ C:\Users\Public\Desktop\Riot Client.lnk 2023-02-12 20:16 - 2022-09-23 18:45 - 000001627 _____ C:\Users\Public\Desktop\VALORANT.lnk 2023-02-12 19:49 - 2023-02-12 21:01 - 000000000 ____D C:\$Windows.~BT 2023-02-12 19:49 - 2023-02-12 20:36 - 000000000 ___HD C:\$SysReset 2023-02-12 14:08 - 2023-02-12 14:08 - 000000000 ___HD C:\$WinREAgent 2023-02-11 14:36 - 2023-02-11 14:36 - 001726298 _____ C:\Users\maxxy\Desktop\dofe-self-teach-workbook-1 (2).pdf 2023-02-11 13:58 - 2023-02-11 13:58 - 001705187 _____ C:\Users\maxxy\Downloads\dofe-self-teach-workbook-1 (1).pdf 2023-02-11 13:38 - 2023-02-11 13:38 - 001698940 _____ C:\Users\maxxy\Downloads\dofe-self-teach-workbook-1.pdf 2023-02-11 13:36 - 2023-02-11 13:37 - 000000000 ____D C:\Users\maxxy\AppData\LocalLow\Adobe 2023-02-11 13:36 - 2023-02-11 13:36 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\com.adobe.dunamis 2023-02-11 13:36 - 2023-02-11 13:36 - 000000000 ____D C:\Users\maxxy\AppData\Local\SolidDocuments 2023-02-11 13:36 - 2023-02-11 13:36 - 000000000 ____D C:\Users\maxxy\.ms-ad 2023-02-11 13:30 - 2023-02-11 13:30 - 000000000 ____D C:\Program Files\Adobe 2023-02-11 13:27 - 2023-02-11 13:37 - 000000000 ____D C:\ProgramData\Adobe 2023-02-11 13:27 - 2023-02-11 13:30 - 000000000 ____D C:\Program Files\Common Files\Adobe 2023-02-11 13:25 - 2023-02-11 13:37 - 000000000 ____D C:\Users\maxxy\AppData\Local\Adobe 2023-02-11 09:38 - 2023-02-12 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link 2023-02-11 09:36 - 2023-02-12 10:18 - 000000000 ____D C:\Users\maxxy\AppData\Local\TP-Link 2023-02-11 09:36 - 2023-02-11 09:36 - 000000000 ____D C:\ProgramData\TP-Link 2023-02-11 09:35 - 2023-02-11 09:35 - 047560044 _____ C:\Users\maxxy\Downloads\Archer T3U(EUUS)_V1_180724_Win.zip 2023-02-10 20:23 - 2023-02-12 10:19 - 000000000 ____D C:\Users\maxxy\AppData\Local\MicroApp 2023-02-10 20:23 - 2023-02-12 10:18 - 000000000 ____D C:\Users\maxxy\AppData\Local\ServiceApp 2023-02-10 20:23 - 2023-02-10 20:23 - 000000000 ____D C:\Program Files\Edge Extension 2023-02-10 19:04 - 2023-02-10 19:04 - 000000016 _____ C:\Users\maxxy\Desktop\pword.txt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-02-17 16:55 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-02-17 16:52 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-02-17 16:50 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-02-17 16:49 - 2022-01-03 19:27 - 000000000 ____D C:\Users\maxxy\AppData\Local\CrashDumps 2023-02-17 16:49 - 2021-12-26 06:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-02-17 16:49 - 2021-12-25 22:08 - 000000000 ____D C:\ProgramData\NVIDIA 2023-02-17 16:48 - 2022-10-21 18:26 - 000000000 ____D C:\Program Files (x86)\Google 2023-02-17 16:47 - 2022-10-09 14:21 - 000000000 ____D C:\Users\maxxy 2023-02-17 16:47 - 2022-05-07 05:22 - 000000000 ____D C:\WINDOWS\INF 2023-02-17 16:45 - 2022-10-09 18:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-02-17 16:45 - 2021-12-26 06:06 - 000012288 ___SH C:\DumpStack.log.tmp 2023-02-17 16:35 - 2021-12-25 22:09 - 000000000 ____D C:\Users\maxxy\AppData\Local\D3DSCache 2023-02-17 16:34 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-02-17 16:34 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-02-13 21:49 - 2021-12-25 22:09 - 000000000 ____D C:\ProgramData\Packages 2023-02-13 21:00 - 2022-10-21 18:26 - 000000000 ____D C:\Users\maxxy\AppData\Local\Google 2023-02-13 19:43 - 2021-12-30 16:46 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk 2023-02-13 19:33 - 2021-12-26 06:08 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-02-13 19:33 - 2021-12-26 06:08 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-02-13 19:25 - 2022-10-09 18:46 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-02-13 19:25 - 2022-10-09 18:46 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-02-12 20:57 - 2022-10-09 18:44 - 000013338 _____ C:\WINDOWS\diagwrn.xml 2023-02-12 20:57 - 2022-10-09 18:44 - 000013338 _____ C:\WINDOWS\diagerr.xml 2023-02-12 20:53 - 2022-10-09 12:54 - 000000000 ___DC C:\WINDOWS\Panther 2023-02-12 20:44 - 2022-09-23 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2023-02-12 20:44 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2023-02-12 20:44 - 2021-12-30 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2023-02-12 20:44 - 2021-12-30 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2023-02-12 20:44 - 2021-12-25 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2023-02-12 19:51 - 2022-06-19 12:34 - 000000000 __SHD C:\found.000 2023-02-12 15:16 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-02-12 15:16 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-02-12 15:16 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-02-12 14:18 - 2022-05-07 05:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-02-12 14:02 - 2021-12-26 01:09 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-02-12 13:58 - 2021-12-26 01:08 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-02-12 10:22 - 2021-12-26 11:03 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2023-02-12 10:21 - 2022-05-07 10:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-02-12 10:21 - 2022-05-07 10:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-02-12 10:21 - 2022-05-07 10:17 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\lxss 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\dsc 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\downlevel 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Com 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\IME 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\DiagTrack 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2023-02-12 10:21 - 2022-05-07 05:24 - 000000000 ____D C:\Program Files\Common Files\System 2023-02-12 10:21 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\servicing 2023-02-12 10:20 - 2022-08-05 20:21 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Krnl 2023-02-12 10:20 - 2022-05-07 05:25 - 000000000 ____D C:\WINDOWS\system32\Pbr 2023-02-12 10:20 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\Containers 2023-02-12 10:20 - 2021-12-26 11:03 - 000000000 ____D C:\Users\maxxy\AppData\Local\Roblox 2023-02-12 10:19 - 2023-01-15 17:43 - 000000000 ____D C:\Users\maxxy\AppData\Local\Home2 2023-02-12 10:19 - 2023-01-15 17:26 - 000000000 ____D C:\Program Files\Oculus 2023-02-12 10:19 - 2021-12-26 01:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-02-12 10:19 - 2021-12-25 22:42 - 000000000 ____D C:\ProgramData\Package Cache 2023-02-12 10:19 - 2021-12-25 22:18 - 000000000 ____D C:\Program Files (x86)\Steam 2023-02-12 10:02 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\registration 2023-02-12 09:58 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemApps 2023-02-12 09:53 - 2022-10-09 14:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2023-02-12 09:53 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-02-11 14:49 - 2023-01-15 16:44 - 000000000 ____D C:\Users\maxxy\AppData\Local\Oculus 2023-02-11 14:43 - 2023-01-15 17:35 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\OculusClient 2023-02-11 14:11 - 2021-12-25 22:09 - 000000000 ____D C:\Users\maxxy\AppData\Local\Packages 2023-02-11 13:36 - 2021-12-25 22:09 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Adobe 2023-02-11 13:25 - 2023-01-01 18:53 - 000000000 ____D C:\ProgramData\Virtual Desktop 2023-02-11 09:37 - 2021-12-30 17:54 - 000000000 ____D C:\temp 2023-02-05 17:39 - 2023-01-15 17:35 - 000000000 ____D C:\Users\maxxy\AppData\Roaming\Oculus ==================== Files in the root of some directories ======== 2022-01-15 12:47 - 2022-11-06 19:49 - 000000396 _____ () C:\Users\maxxy\AppData\Roaming\jjv5conf.json 2022-03-18 18:02 - 2022-03-18 18:03 - 000000265 _____ () C:\Users\maxxy\AppData\Roaming\MelonLoader.Installer.cfg 2022-10-21 18:45 - 2022-10-21 18:45 - 000007626 _____ () C:\Users\maxxy\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================