Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2023 Ran by maxxy (administrator) on DESKTOP-JSB8L0E (Gigabyte Technology Co., Ltd. B550M DS3H) (17-02-2023 22:14:06) Running from C:\Users\maxxy\Desktop Loaded Profiles: maxxy Platform: Microsoft Windows 11 Home Version 22H2 22621.963 (X64) Language: English (United Kingdom) Default browser: Edge Boot Mode: Normal ==================== Processes (All) ================= (C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\conhost.exe <3> (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3000.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe <6> (C:\Users\maxxy\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\maxxy\AppData\Local\Programs\Opera\95.0.4635.46\opera_crashreporter.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\explorer.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\winlogon.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\csrss.exe <2> (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\smss.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\wininit.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Norway AS -> Opera Software) C:\Users\maxxy\AppData\Local\Programs\Opera\opera.exe <13> (SearchIndexer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\SearchFilterHost.exe (SearchIndexer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\SearchProtocolHost.exe <2> (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\SearchIndexer.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\spoolsv.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\VSSVC.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\WINDOWS\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\Sgrm\SgrmBroker.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\svchost.exe <79> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\WINDOWS\System32\RtkAudUService64.exe <2> (services.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\AggregatorHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\ApplicationFrameHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\ctfmon.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\oobe\UserOOBEBroker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\RuntimeBroker.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\sihost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\SystemSettingsBroker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\taskhostw.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wbem\WmiPrvSE.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3000.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe (wininit.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\lsass.exe (wininit.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\WINDOWS\System32\services.exe (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dwm.exe (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\fontdrvhost.exe <2> ==================== Registry (All) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [266240 2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1090784 2020-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [182888 2021-11-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [114688 2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe [5001112 2022-12-24] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4432032 2022-12-24] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [544768 2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [544768 2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [OneDrive] => C:\Users\maxxy\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2626480 2022-12-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [MicrosoftEdgeAutoLaunch_EA410C61FB31D73AFA3C71DD38F22C9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32613856 2022-04-29] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Discord] => C:\Users\maxxy\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-589984618-1337359365-324211944-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7313360 2022-04-21] (Voicemod Sociedad Limitada -> Voicemod) HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [225280 2022-12-24] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [1343488 2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [69632 2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\Appmon: C:\Windows\system32\AppMon.dll [126976 2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\EPSON Universal Print Driver 64MonitorBE: C:\Windows\system32\E_2LM0DE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\Local Port: C:\Windows\system32\localspl.dll [1421312 2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\Windows\system32\FXSMON.DLL [106496 2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\Windows\system32\tcpmon.dll [266240 2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\USB Monitor: C:\Windows\system32\usbmon.dll [1196032 2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\WSD Port: C:\Windows\system32\APMon.dll [1482752 2022-10-30] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\system32\unregmp2.exe [2022-05-06] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\Windows\system32\themeui.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\unregmp2.exe [2022-05-06] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\Windows\system32\shell32.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\mscories.dll [2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\chrmstp.exe [2023-02-17] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\110.0.1587.41\Installer\setup.exe [2023-02-13] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2022-05-06] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2022-05-06] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\mscories.dll [2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{01A30791-40AE-4653-AB2E-FD210019AE88}] -> C:\WINDOWS\system32\mgmtrefreshcredprov.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{1b283861-754f-4022-ad47-a5eaaa618894}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{1ee7337f-85ac-45e2-a23c-37c753209769}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{2135f72a-90b5-4ed3-a7f1-8bb705ac276a}] -> C:\WINDOWS\system32\credprovslegacy.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\WINDOWS\system32\credprovs.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD}] -> C:\WINDOWS\system32\TrustedSignalCredProv.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\WINDOWS\system32\credprovs.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{48B4E58D-2791-456C-9091-D524C6C706F2}] -> C:\Windows\System32\devicengccredprov.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{600e7adb-da3e-41a4-9225-3c0399e88c0c}] -> C:\WINDOWS\system32\cngcredui.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}] -> C:\WINDOWS\system32\credprovs.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\System32\FaceCredentialProvider.dll [2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{8FD7E19C-3BF7-489B-A72C-846AB3678C96}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{BEC09223-B018-416D-A0AC-523971B639F5}] -> C:\WINDOWS\System32\BioCredProv.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{C5D7540A-CD51-453B-B22B-05305BA03F07}] -> C:\Windows\System32\cxcredprov.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> HKLM\Software\...\Authentication\Credential Providers: [{cb82ea12-9f71-446d-89e1-8d0924e1256e}] -> C:\WINDOWS\system32\credprovslegacy.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{D6886603-9D2F-4EB2-B667-1971041FA96B}] -> C:\Windows\System32\ngccredprov.dll [2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{e74e57b0-6c6d-44d5-9cda-fb2df5ed7435}] -> C:\WINDOWS\system32\certCredProvider.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\WINDOWS\system32\wlidcredprov.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{F8A1793B-7873-4046-B2A7-1F318747F427}] -> C:\WINDOWS\system32\fidocredprov.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\WINDOWS\system32\credprovs.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\PLAP Providers: [{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D}] -> C:\WINDOWS\system32\rasplap.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\system32\wlgpclnt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> C:\Windows\system32\auditcse.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\system32\fdeploy.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] -> HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINDOWS\System32\dskquota.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\system32\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4bcd6cde-777b-48b6-9804-43568e23545d}] -> C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyExtension.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\Windows\System32\iedkcs32.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}] -> C:\Windows\System32\tsworkspace.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> C:\Windows\system32\WorkFoldersGPExt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\system32\dmenrollengine.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{7933F41E-56F8-41d6-A31C-4148A711EE93}] -> C:\WINDOWS\System32\srchadmin.dll [2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\Windows\System32\iedkcs32.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\system32\scecli.dll [2022-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{8472C2C4-6B70-4301-A20D-A6CEA5F82B7E}] -> C:\WINDOWS\System32\StartTileData.dll [2022-12-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{8A28E2C5-8D06-49A4-A08C-632DAA493E17}] -> C:\WINDOWS\system32\gpprnext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\system32\dot3gpclnt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> C:\Windows\system32\pwlauncher.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> C:\Windows\system32\pwlauncher.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\system32\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\Windows\System32\iedkcs32.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{CFF649BD-601D-4361-AD3D-0FC365DB4DB7}] -> C:\WINDOWS\system32\domgmt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINDOWS\System32\polstore.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> C:\Windows\system32\auditcse.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\system32\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\system32\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [134872 2022-12-03] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) AppInit_DLLs-x32: C:\PROGRA~1\VIRTUA~1\VIRTUA~3.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector32.dll [114904 2022-11-30] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: credssp.dll BootExecute: autocheck autochk * AlternateShell: cmd.exe ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0418EB53-E754-4DDB-AF11-8778E3C6D314} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {090F80DE-71A7-431C-B9B6-9891F2D5152E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0A9B675E-3D6A-4AB6-8904-85C969D6256C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {19BFBE79-ADBF-4B24-B0BF-6C2E7393A663} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File) Task: {202FAAA2-A05F-4EEA-8C68-1B643FE31001} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {2B53FD03-D693-4F40-A3D1-E624091CED95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5B6CBD17-E4AD-4FF6-AC33-8E8BF9A26E3D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5C93D029-D6DD-4A3B-A3D8-E1A45CCE348A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {5D6F7FD4-CF08-481C-8327-94DE8C184853} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File) Task: {5F5594FD-6902-4932-8EF2-7C10C498B136} - System32\Tasks\GoogleUpdateTaskMachineCore{A77350C9-322E-4254-8650-68CD3162CCC0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-13] (Google LLC -> Google LLC) Task: {7616873D-6E2C-4895-A01E-DB2601ACFD8C} - System32\Tasks\GoogleUpdateTaskMachineUA{9DA7A8AF-DF37-42FB-B619-FCB471490DBF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-13] (Google LLC -> Google LLC) Task: {87FACB63-E6D8-4842-9D68-C183027AD9F3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File) Task: {93DB6238-2CE7-44C1-BB42-8AF9C66F7A75} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {96B3D3BF-F4AD-4E73-871C-1E1858C5105B} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-10-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B0C596CC-ABE3-4972-909F-5A466C1EC69C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {BA34769F-FB6D-458D-9A38-028113600E69} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed] Task: {BDA47919-4A96-4370-B35B-C6C257713B10} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File) Task: {D7450E21-60F9-4049-BEDD-F844E64E9DCA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) Task: {DC8B05AB-67DA-42B0-9251-9DB07CB74D77} - System32\Tasks\Opera scheduled Autoupdate 1676651608 => C:\Users\maxxy\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File) Task: {ED342AD8-BAF0-4B18-A8E7-03A88E6D4508} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation) Task: {FE0C3551-D3FE-422A-8031-89B2FBEA8EED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (All) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [68696 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [71680 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [71680 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\winrnr.dll [45496 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\wshbth.dll [54272 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\nlansp_c.dll [82432 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [321376 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [104712 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [110592 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [110592 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 04 C:\Windows\System32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 05 C:\Windows\System32\winrnr.dll [79896 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 06 C:\Windows\system32\wshbth.dll [86016 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Windows\system32\nlansp_c.dll [135168 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog9-x64 14 C:\Windows\system32\mswsock.dll [439408 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1acad439-652f-45f3-a3ff-e410298e2d98}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1eb97fbb-e8b2-4061-b146-11cd0c7910fa}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{595ff362-39cb-43c0-98e0-46e620079cc4}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{a2afe84f-84f3-4927-9eee-da24f6ce7302}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{a2afe84f-84f3-4927-9eee-da24f6ce7302}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c646682c-8898-42ab-812b-3452646595dc}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\maxxy\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-17] Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.duolingo.com Edge HomePage: Default -> hxxp://www.google.co.uk/ Edge StartupUrls: Default -> "hxxps://www.google.co.uk/" Edge Extension: (Google Docs Offline) - C:\Users\maxxy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-17] StartMenuInternet: Microsoft Edge - "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" Chrome: ======= CHR Profile: C:\Users\maxxy\AppData\Local\Google\Chrome\User Data\Default [2023-02-13] CHR Extension: (Google Docs Offline) - C:\Users\maxxy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\maxxy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-13] StartMenuInternet: Google Chrome - "C:\Program Files\Google\Chrome\Application\chrome.exe" Opera: ======= OPR Profile: C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable [2023-02-17] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Session Restore: Opera Stable -> is enabled. OPR Extension: (Rich Hints Agent) - C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-02-17] OPR Extension: (Opera Wallet) - C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-17] OPR Extension: (Amazon Assistant Promotion) - C:\Users\maxxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-02-17] StartMenuInternet: (HKU\S-1-5-21-589984618-1337359365-324211944-1001) OperaStable - "C:\Users\maxxy\AppData\Local\Programs\Opera\Launcher.exe"