Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01 Ran by amiko (administrator) on DESKTOP-3OODJP2 (Dell Inc. Vostro 5470) (21-07-2021 15:20:31) Running from C:\Users\amiko\Desktop Loaded Profiles: amiko & Platform: Windows 10 Education Version 21H1 19043.1110 (X64) Language: English (United Kingdom) -> English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\coredpussvr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8504064 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-06-27] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62620472 2020-05-12] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [5160248 2019-10-21] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKU\S-1-5-21-3236640263-339137666-2643196761-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3236640263-339137666-2643196761-1004\...\Run: [Discord] => C:\Users\furma\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3236640263-339137666-2643196761-1008\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-15] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2019-06-30] (pdfforge GmbH) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-21] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0932C461-18DF-40B8-8F75-F4693236F343} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4541312 2021-07-15] (Microsoft Corporation -> Microsoft Corporation) Task: {0D268491-C547-4F14-AFC8-6D2102BC1340} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-07-11] (Mozilla Corporation -> Mozilla Foundation) Task: {2092CE5E-2FDF-4CDB-9D59-7F2B0CBE5256} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {270B44E2-2B37-4B2C-A3B2-670527859929} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059872 2021-07-01] (Dell Inc -> Dell Inc.) Task: {391DE4D2-96EC-4333-98B2-C91127585A5A} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {3A7BF2CE-6C94-4207-9A96-BCA3B41B1411} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {4612DBA5-21DD-44DC-8B97-D899955227FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation) Task: {527BBCE2-6B05-4102-9B05-005D59547872} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation) Task: {55184301-5B59-437A-A5AC-4F2B3B9D5754} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-01] (Google Inc -> Google LLC) Task: {674047C0-BF01-4836-A816-BDD030C020D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-01] (Google Inc -> Google LLC) Task: {85E53311-E2FC-4CE1-9F82-27048447016E} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4082288 2021-06-28] (Microsoft Corporation -> Microsoft Corporation) Task: {9E5B7478-D6E3-4FBB-B0A5-D08C80A8B0A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311392 2021-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {9E93F78F-8DFF-4097-8B1C-7B602A82F711} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AFB3165D-3A49-4FA2-B9ED-7FFEA840DE17} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform) Task: {BD837D39-B9C2-4000-AB65-59C4701B5333} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {C430F6B5-DD3D-4BAE-B868-07AF8B2D844D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311392 2021-07-19] (Microsoft Corporation -> Microsoft Corporation) Task: {C7FE2B54-98B8-4B41-8A72-FB944BDBC851} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1722880 2019-06-25] () [File not signed] Task: {DC614D1B-FEFA-4FBF-8DB0-429C2C85D620} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-09-06] (Microsoft Corporation -> Microsoft) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{30745dca-e0c7-4e9e-b3c2-a3600ef9726a}: [DhcpNameServer] 192.168.0.1 Edge: ======= DownloadDir: C:\Users\amiko\Downloads Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge Profile: C:\Users\amiko\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-21] Edge DownloadDir: Default -> C:\Users\amiko\Downloads FireFox: ======== FF DefaultProfile: ltp3zggd.default FF ProfilePath: C:\Users\amiko\AppData\Roaming\Mozilla\Firefox\Profiles\ltp3zggd.default [2021-07-21] FF ProfilePath: C:\Users\amiko\AppData\Roaming\Mozilla\Firefox\Profiles\643ty57y.default-release [2021-07-21] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-07-21] Chrome: ======= CHR Profile: C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default [2021-07-21] CHR Notifications: Default -> hxxps://cgheannualconference2021.hubilo.com; hxxps://meet.google.com CHR HomePage: Default -> file:///C:/Users/AM/Desktop/PS502%20cogn%20psych%20and%20hist&conceptual%20issues/Hist&Conceptual%20Issues%20in%20Psychology CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-429&v=a12712-188&t=4","hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-429&v=a13203-188&t=4" CHR Session Restore: Default -> is enabled. CHR Extension: (Prezentacje) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-30] CHR Extension: (Dokumenty) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-30] CHR Extension: (Dysk Google) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-30] CHR Extension: (Honey) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-07-20] CHR Extension: (uBlock Origin) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-07-07] CHR Extension: (Tampermonkey) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-05-27] CHR Extension: (Arkusze) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-30] CHR Extension: (Dokumenty Google offline) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25] CHR Extension: (Rozszerzenie Cisco Webex) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-06-11] CHR Extension: (Przycisk Google Scholar) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2020-10-14] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\amiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-21] CHR HKU\S-1-5-21-3236640263-339137666-2643196761-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056672 2021-07-08] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422432 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3981856 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-06-21] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-05-27] (Dell Inc -> ) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncHelper.exe [3240296 2021-07-15] (Microsoft Corporation -> Microsoft Corporation) S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-04] (Malwarebytes Inc -> Malwarebytes) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.) S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-04-09] (Microsoft Windows -> Microsoft Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\OneDriveUpdaterService.exe [3703144 2021-07-15] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-01] (Dell Inc -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [61976 2015-07-31] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc -> OSR Open Systems Resources, Inc.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169368 2021-06-25] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123424 2021-06-25] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194728 2021-06-25] (ESET, spol. s r.o. -> ESET) S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43832 2021-06-25] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70184 2021-06-25] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107408 2021-06-25] (ESET, spol. s r.o. -> ESET) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-04] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-04] (Malwarebytes Inc -> Malwarebytes) R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-11-01] (TEFINCOM S.A. -> WireGuard LLC) R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2019-10-21] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-07-21 15:58 - 2021-07-21 15:58 - 000380928 _____ C:\Users\amiko\Desktop\zfj6r0tj.exe 2021-07-21 15:57 - 2021-07-21 15:57 - 002300416 _____ (Farbar) C:\Users\amiko\Desktop\FRST64.exe 2021-07-21 15:20 - 2021-07-21 15:21 - 000023898 _____ C:\Users\amiko\Desktop\FRST.txt 2021-07-21 15:02 - 2021-07-21 15:20 - 000000000 ____D C:\FRST 2021-07-21 14:16 - 2021-07-21 14:16 - 000036192 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2021-07-21 14:15 - 2021-07-21 14:15 - 002646176 _____ C:\Users\amiko\Downloads\ProcessExplorer.zip 2021-07-21 14:15 - 2021-07-21 14:15 - 000000000 ____D C:\Users\amiko\Desktop\proce expo 2021-07-21 13:55 - 2021-07-21 13:55 - 000002016 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk 2021-07-21 13:55 - 2021-07-21 13:55 - 000000000 ____D C:\Users\amiko\AppData\Local\ESET 2021-07-21 13:54 - 2021-07-21 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2021-07-21 13:54 - 2021-07-21 13:54 - 000000000 ____D C:\ProgramData\ESET 2021-07-21 13:54 - 2021-07-21 13:54 - 000000000 ____D C:\Program Files\ESET 2021-07-21 13:48 - 2021-07-21 13:48 - 008702880 _____ (ESET) C:\Users\amiko\Downloads\eset_nod32_antivirus_live_installer.exe 2021-07-21 13:42 - 2021-07-21 12:52 - 000000000 ____D C:\Windows.old 2021-07-21 13:38 - 2021-07-21 13:42 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2021-07-21 13:37 - 2021-07-21 13:38 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-07-21 13:36 - 2021-07-21 13:36 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-07-21 13:32 - 2021-07-21 13:32 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-07-21 13:32 - 2021-07-21 13:32 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-07-21 13:32 - 2021-07-21 13:32 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-07-21 13:32 - 2021-07-21 13:32 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-07-21 13:31 - 2021-07-21 13:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-07-21 13:31 - 2021-07-21 13:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-07-21 13:31 - 2021-07-21 13:31 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-07-21 13:31 - 2021-07-21 13:31 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-07-21 13:31 - 2021-07-21 13:31 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-21 13:31 - 2021-07-21 13:31 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-07-21 13:31 - 2021-07-21 13:31 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-21 13:31 - 2021-07-21 13:31 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-21 13:31 - 2021-07-21 13:31 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-07-21 13:31 - 2021-07-21 13:31 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-07-21 13:31 - 2021-07-21 13:31 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-07-21 13:31 - 2021-07-21 13:31 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-21 13:31 - 2021-07-21 13:31 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-21 13:31 - 2021-07-21 13:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-21 13:31 - 2021-07-21 13:31 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-07-21 13:30 - 2021-07-21 13:30 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-21 13:30 - 2021-07-21 13:30 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-07-21 13:30 - 2021-07-21 13:30 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-07-21 13:30 - 2021-07-21 13:30 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-07-21 13:30 - 2021-07-21 13:30 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-07-21 13:30 - 2021-07-21 13:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-07-21 13:30 - 2021-07-21 13:30 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-07-21 13:30 - 2021-07-21 13:30 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-07-21 13:30 - 2021-07-21 13:30 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-07-21 13:24 - 2021-07-21 13:56 - 000748758 _____ C:\WINDOWS\system32\perfh015.dat 2021-07-21 13:24 - 2021-07-21 13:56 - 000144494 _____ C:\WINDOWS\system32\perfc015.dat 2021-07-21 13:24 - 2021-07-21 13:24 - 000343212 _____ C:\WINDOWS\system32\perfi015.dat 2021-07-21 13:24 - 2021-07-21 13:24 - 000041370 _____ C:\WINDOWS\system32\perfd015.dat 2021-07-21 13:24 - 2021-07-21 13:24 - 000000000 ____D C:\WINDOWS\SysWOW64\pl 2021-07-21 13:24 - 2021-07-21 13:24 - 000000000 ____D C:\WINDOWS\system32\pl 2021-07-21 13:16 - 2021-07-21 13:16 - 000000000 ____D C:\Users\amiko\AppData\Local\D3DSCache 2021-07-21 13:10 - 2021-07-21 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2021-07-21 13:10 - 2021-07-21 13:10 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-07-21 13:08 - 2021-07-21 13:08 - 000000020 ___SH C:\Users\amiko\ntuser.ini 2021-07-21 12:54 - 2021-07-21 13:56 - 001678234 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-07-21 12:52 - 2021-07-21 13:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-21 12:52 - 2021-07-21 12:52 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-07-21 12:52 - 2021-07-21 12:52 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-21 12:52 - 2021-07-21 12:52 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-07-21 12:52 - 2021-07-21 12:52 - 000003268 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2021-07-21 12:52 - 2021-07-21 12:52 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-21 12:52 - 2021-07-21 12:52 - 000003180 _____ C:\WINDOWS\system32\Tasks\klcp_update 2021-07-21 12:52 - 2021-07-21 12:52 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-07-21 12:52 - 2021-07-21 12:52 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-07-21 12:52 - 2021-07-21 12:52 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-07-21 12:52 - 2021-07-21 12:52 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton 2021-07-21 12:52 - 2021-07-21 12:52 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-07-21 12:52 - 2021-07-21 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software 2021-07-21 12:52 - 2021-07-21 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-07-21 12:51 - 2021-07-21 12:52 - 000015243 _____ C:\WINDOWS\diagwrn.xml 2021-07-21 12:51 - 2021-07-21 12:52 - 000015243 _____ C:\WINDOWS\diagerr.xml 2021-07-21 12:45 - 2021-07-21 13:08 - 000000000 ____D C:\Users\amiko 2021-07-21 12:45 - 2021-07-21 12:51 - 000000000 ____D C:\Users\furma 2021-07-21 12:45 - 2021-07-21 12:49 - 000000000 ____D C:\Users\Test 2021-07-21 12:45 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-21 12:45 - 2019-12-07 10:10 - 000001105 _____ C:\Users\furma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-21 12:44 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2021-07-21 12:43 - 2021-07-21 13:51 - 000438032 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-07-21 12:43 - 2021-07-21 12:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-07-21 11:37 - 2021-07-21 13:09 - 000000000 ___DC C:\WINDOWS\Panther 2021-07-21 09:58 - 2021-07-21 10:38 - 000000000 ____D C:\ESD 2021-07-21 09:58 - 2021-07-21 09:58 - 000000000 ____D C:\Users\Test\Desktop\Zaproszenia 2021-07-21 09:43 - 2021-07-21 09:43 - 000000000 ____D C:\Users\Test\AppData\Local\Comms 2021-07-21 09:39 - 2021-07-21 09:39 - 000000000 ____D C:\Users\Test\AppData\LocalLow\Adobe 2021-07-21 09:39 - 2021-07-21 09:39 - 000000000 ____D C:\Users\Test\AppData\Local\Adobe 2021-07-21 09:35 - 2021-07-21 09:35 - 000000000 ___HD C:\$Windows.~WS 2021-07-21 09:28 - 2021-07-21 09:28 - 000000000 _____ C:\Users\Test\Desktop\New Text Document.txt 2021-07-21 09:27 - 2021-07-21 12:46 - 000000000 ____D C:\Users\Test\AppData\Local\Packages 2021-07-21 09:27 - 2021-07-21 09:39 - 000000000 ____D C:\Users\Test\AppData\Roaming\Adobe 2021-07-21 09:27 - 2021-07-21 09:34 - 000002348 _____ C:\Users\Test\Desktop\Microsoft Edge.lnk 2021-07-21 09:27 - 2021-07-21 09:27 - 000002338 _____ C:\Users\Test\Desktop\Google Chrome.lnk 2021-07-21 09:27 - 2021-07-21 09:27 - 000000000 __SHD C:\Users\Test\IntelGraphicsProfiles 2021-07-21 09:27 - 2021-07-21 09:27 - 000000000 ___RD C:\Users\Test\3D Objects 2021-07-21 09:27 - 2021-07-21 09:27 - 000000000 ____D C:\Users\Test\AppData\Local\VirtualStore 2021-07-21 09:27 - 2021-07-21 09:27 - 000000000 ____D C:\Users\Test\AppData\Local\Publishers 2021-07-21 09:27 - 2021-07-21 09:27 - 000000000 ____D C:\Users\Test\AppData\Local\NVIDIA 2021-07-21 09:27 - 2021-07-21 09:27 - 000000000 ____D C:\Users\Test\AppData\Local\ConnectedDevicesPlatform 2021-07-21 09:26 - 2021-07-21 09:27 - 000000000 ____D C:\Users\Test\AppData\Local\Google 2021-07-21 09:26 - 2020-09-07 07:46 - 000000000 ___RD C:\Users\Test\OneDrive 2021-07-21 09:20 - 2021-07-21 09:20 - 000000000 _____ C:\Users\furma\Desktop\New Text Document.txt 2021-07-21 08:48 - 2021-07-21 08:48 - 000000000 _____ C:\Users\amiko\Desktop\New Text Document.txt 2021-07-21 08:44 - 2021-07-21 09:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-07-21 08:42 - 2021-07-21 09:23 - 000000000 ____D C:\WINDOWS\pss 2021-07-21 08:05 - 2021-07-21 12:49 - 000023660 _____ C:\WINDOWS\system32\emptyregdb.dat 2021-07-21 07:58 - 2021-07-21 13:51 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-21 06:47 - 2021-07-21 06:50 - 000000036 _____ C:\WINDOWS\progress.ini 2021-07-21 06:38 - 2021-07-21 08:09 - 000000000 ___HD C:\$GetCurrent 2021-07-21 06:37 - 2021-07-21 08:18 - 000000000 ____D C:\Windows10Upgrade 2021-07-21 06:37 - 2021-07-21 06:37 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk 2021-07-21 06:37 - 2021-07-21 06:37 - 000000719 _____ C:\Users\amiko\Desktop\Windows 10 Update Assistant.lnk 2021-07-21 06:36 - 2021-07-21 06:36 - 000072272 _____ C:\Users\amiko\Desktop\cc_20210721_063555.reg 2021-07-21 06:36 - 2021-07-21 06:36 - 000000000 ____D C:\Users\amiko\Documents\Dell 2021-07-21 06:33 - 2021-07-21 06:35 - 000000000 ____D C:\AdwCleaner 2021-07-20 18:41 - 2021-07-20 18:41 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2021-07-20 10:49 - 2021-07-20 10:49 - 001234944 _____ C:\Users\amiko\Desktop\h.exe 2021-07-20 10:48 - 2021-07-20 11:27 - 000000000 ____D C:\Users\amiko\AppData\Roaming\Notepad++ 2021-07-20 10:47 - 2021-07-20 10:48 - 000023698 _____ C:\Users\amiko\Desktop\New AutoHotkey Script.ahk.ahk 2021-07-20 10:45 - 2021-07-21 13:42 - 000000000 ____D C:\WINDOWS\ShellNew 2021-07-20 10:45 - 2021-07-21 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2021-07-20 10:45 - 2021-07-20 10:45 - 000000000 ____D C:\Program Files\AutoHotkey 2021-07-20 10:44 - 2021-07-20 10:44 - 000000000 ____D C:\Program Files\HitmanPro 2021-07-20 10:43 - 2021-07-20 11:18 - 000000000 ____D C:\ProgramData\HitmanPro 2021-07-20 09:26 - 2021-07-21 12:46 - 000000000 ____D C:\Users\amiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak 2021-07-20 09:26 - 2021-07-20 09:26 - 000287220 _____ C:\Users\amiko\Downloads\keytweak_install.exe 2021-07-20 09:26 - 2021-07-20 09:26 - 000000000 ____D C:\Program Files (x86)\KeyTweak 2021-07-11 10:54 - 2021-07-20 09:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-06 19:44 - 2021-07-06 19:44 - 000238656 _____ C:\Users\amiko\Downloads\Demo_ConeriaScript.ttf 2021-07-05 15:37 - 2021-07-05 15:37 - 000002359 _____ C:\Users\amiko\AppData\Local\recently-used.xbel 2021-07-05 14:42 - 2021-07-06 15:10 - 000000000 ____D C:\Users\amiko\AppData\Local\babl-0.1 2021-07-05 14:42 - 2021-07-05 14:42 - 000000000 ____D C:\Users\amiko\AppData\Roaming\GIMP 2021-07-05 14:42 - 2021-07-05 14:42 - 000000000 ____D C:\Users\amiko\AppData\Local\GIMP 2021-07-05 14:42 - 2021-07-05 14:42 - 000000000 ____D C:\Users\amiko\AppData\Local\gegl-0.4 2021-07-05 14:42 - 2021-07-05 14:42 - 000000000 ____D C:\Users\amiko\.cache 2021-07-05 14:41 - 2021-07-05 14:41 - 002133168 _____ C:\Users\amiko\Downloads\Angielskie-zaproszenia-Mikolajewska-Furmanek.zip 2021-07-03 13:40 - 2021-07-03 14:19 - 000011448 _____ C:\Users\amiko\Documents\Zaproszenia.xlsx 2021-07-01 22:21 - 2021-07-01 22:21 - 000004799 _____ C:\Users\furma\AppData\Local\recently-used.xbel 2021-07-01 21:13 - 2021-07-01 21:13 - 000000000 ____D C:\Users\furma\AppData\Local\gtk-2.0 2021-07-01 20:54 - 2021-07-01 22:22 - 000000000 ____D C:\Users\furma\Downloads\ZAPRO 2021-07-01 20:53 - 2021-07-01 20:53 - 000000000 ____D C:\Users\furma\Downloads\coneria_script 2021-07-01 20:52 - 2021-07-01 20:52 - 004244288 _____ (Don HO don.h@free.fr) C:\Users\furma\Downloads\npp.8.1.Installer.x64.exe 2021-07-01 20:52 - 2021-07-01 20:52 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2021-07-01 20:52 - 2021-07-01 20:52 - 000000000 ____D C:\Users\furma\Downloads\open-sans 2021-07-01 20:52 - 2021-07-01 20:52 - 000000000 ____D C:\Users\furma\AppData\Roaming\Notepad++ 2021-07-01 20:52 - 2021-07-01 20:52 - 000000000 ____D C:\Program Files\Notepad++ 2021-07-01 20:48 - 2021-07-01 20:48 - 001967523 _____ C:\Users\furma\Downloads\ZAPRO.7z 2021-07-01 20:48 - 2021-07-01 20:48 - 001144178 _____ C:\Users\furma\Downloads\open-sans.zip 2021-07-01 20:48 - 2021-07-01 20:48 - 000498409 _____ C:\Users\furma\Downloads\coneria_script.zip 2021-07-01 20:47 - 2021-07-01 22:21 - 000000000 ____D C:\Users\furma\AppData\Local\babl-0.1 2021-07-01 20:47 - 2021-07-01 20:47 - 000000000 ____D C:\Users\furma\AppData\Roaming\GIMP 2021-07-01 20:47 - 2021-07-01 20:47 - 000000000 ____D C:\Users\furma\AppData\Local\GIMP 2021-07-01 20:47 - 2021-07-01 20:47 - 000000000 ____D C:\Users\furma\AppData\Local\gegl-0.4 2021-07-01 20:47 - 2021-07-01 20:47 - 000000000 ____D C:\Users\furma\.cache 2021-07-01 20:36 - 2021-07-01 20:36 - 000000934 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk 2021-07-01 20:32 - 2021-07-01 20:33 - 000000000 ____D C:\Program Files\GIMP 2021-07-01 20:31 - 2021-07-01 20:32 - 253914240 _____ (The GIMP Team ) C:\Users\amiko\Downloads\gimp-2.10.24-setup-3.exe 2021-06-30 23:27 - 2021-06-30 23:27 - 002828656 _____ C:\Users\amiko\Desktop\Ph.d._afhandling_2019_Nissen SOREN 2013.pdf 2021-06-30 15:50 - 2021-06-30 15:50 - 000132489 _____ C:\Users\amiko\Desktop\(Doiz, Lasagabaster, & Sierra, 2013).pdf 2021-06-30 15:46 - 2021-06-30 15:46 - 004475669 _____ C:\Users\amiko\Desktop\(Coleman, 2011) Dreams and Realities.pdf 2021-06-30 15:24 - 2021-06-30 15:24 - 001072439 _____ C:\Users\amiko\Desktop\(Bolitho, & West, 2017) internationalisation in Ukraine.pdf 2021-06-25 19:32 - 2021-06-25 19:32 - 000000080 ___SH C:\bootTel.dat 2021-06-25 13:01 - 2021-06-25 13:01 - 000194728 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2021-06-25 13:01 - 2021-06-25 13:01 - 000169368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2021-06-25 13:01 - 2021-06-25 13:01 - 000123424 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2021-06-25 13:01 - 2021-06-25 13:01 - 000107408 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2021-06-25 13:01 - 2021-06-25 13:01 - 000070184 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2021-06-25 13:01 - 2021-06-25 13:01 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys 2021-06-23 22:33 - 2021-06-23 22:33 - 000950447 _____ C:\Users\amiko\Desktop\(Galloway, 2021) EMI in HE, Part 1 - BC report.pdf 2021-06-21 14:23 - 2021-06-21 14:23 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-07-21 15:17 - 2019-07-01 00:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-07-21 15:17 - 2019-07-01 00:18 - 000000000 __SHD C:\Users\amiko\IntelGraphicsProfiles 2021-07-21 15:17 - 2019-06-30 22:09 - 000000000 ____D C:\Program Files (x86)\Google 2021-07-21 15:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-21 15:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-07-21 14:21 - 2019-06-30 21:31 - 000000000 ____D C:\ProgramData\Validity 2021-07-21 13:54 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-07-21 13:53 - 2021-06-04 10:23 - 000000000 ____D C:\Program Files\CCleaner 2021-07-21 13:51 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-07-21 13:51 - 2019-06-30 22:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-07-21 13:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-07-21 13:45 - 2019-06-30 22:16 - 000000000 ____D C:\Users\amiko\AppData\Local\PlaceholderTileLogoFolder 2021-07-21 13:42 - 2021-05-23 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2021-07-21 13:42 - 2020-09-07 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git 2021-07-21 13:42 - 2020-09-06 19:06 - 000000000 ____D C:\Program Files\IIS 2021-07-21 13:42 - 2020-09-06 19:04 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2021-07-21 13:42 - 2020-09-06 19:04 - 000000000 ____D C:\WINDOWS\system32\1033 2021-07-21 13:42 - 2020-08-22 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R 2021-07-21 13:42 - 2020-08-22 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio 2021-07-21 13:42 - 2020-07-06 09:55 - 000000000 ____D C:\WINDOWS\system32\Samsung 2021-07-21 13:42 - 2020-06-18 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2021-07-21 13:42 - 2020-06-01 14:26 - 000000000 ____D C:\Program Files\UNP 2021-07-21 13:42 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2021-07-21 13:42 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\WCN 2021-07-21 13:42 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup 2021-07-21 13:42 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate 2021-07-21 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-07-21 13:42 - 2019-11-12 20:43 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2021-07-21 13:42 - 2019-06-30 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics 2021-07-21 13:42 - 2019-06-30 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2021-07-21 13:42 - 2019-06-30 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2021-07-21 13:42 - 2019-06-30 21:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-07-21 13:42 - 2019-06-30 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-07-21 13:42 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-07-21 13:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-07-21 13:38 - 2020-12-09 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2021-07-21 13:38 - 2020-09-06 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure 2021-07-21 13:38 - 2020-09-06 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019 2021-07-21 13:38 - 2019-12-07 15:49 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-07-21 13:38 - 2019-12-07 15:49 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-07-21 13:38 - 2019-12-07 15:47 - 000000000 ____D C:\WINDOWS\OCR 2021-07-21 13:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-07-21 13:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-07-21 13:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-07-21 13:38 - 2019-10-16 09:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QSR 2021-07-21 13:38 - 2019-07-01 00:18 - 000000000 ____D C:\Program Files\Intel 2021-07-21 13:38 - 2019-06-30 21:34 - 000000000 ____D C:\WINDOWS\system32\SRSLabs 2021-07-21 13:38 - 2019-06-30 21:34 - 000000000 ____D C:\Program Files\Realtek 2021-07-21 13:34 - 2019-12-07 15:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-07-21 13:34 - 2019-12-07 15:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-07-21 13:34 - 2019-12-07 15:46 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-07-21 13:34 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB 2021-07-21 13:34 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\en-GB 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-07-21 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-21 13:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-07-21 13:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-07-21 13:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2021-07-21 13:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2021-07-21 13:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2021-07-21 13:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\winrm 2021-07-21 13:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\slmgr 2021-07-21 13:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2021-07-21 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-07-21 13:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-07-21 13:09 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-07-21 13:09 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-21 13:09 - 2019-06-30 22:01 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-07-21 13:09 - 2019-06-30 22:01 - 000000000 ___RD C:\Users\amiko\3D Objects 2021-07-21 13:09 - 2019-06-30 22:01 - 000000000 ____D C:\Users\amiko\AppData\Local\Packages 2021-07-21 12:52 - 2019-12-24 12:16 - 000000400 __RSH C:\ProgramData\ntuser.pol 2021-07-21 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-07-21 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-07-21 12:52 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-07-21 12:49 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media 2021-07-21 12:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2021-07-21 12:46 - 2021-02-03 12:04 - 000000000 ____D C:\Users\amiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-07-21 12:45 - 2020-09-28 23:22 - 000000000 ____D C:\Users\furma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios 2021-07-21 12:45 - 2020-05-19 08:53 - 000000000 ____D C:\Users\furma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-07-21 12:45 - 2020-05-18 12:04 - 000000000 ____D C:\Users\furma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-07-21 12:45 - 2020-05-18 11:48 - 000000000 ____D C:\Users\furma\AppData\Local\Packages 2021-07-21 12:44 - 2020-10-21 11:02 - 000000000 ____D C:\temp 2021-07-21 12:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-07-21 12:44 - 2019-06-30 23:10 - 000000000 ____D C:\ProgramData\NVIDIA 2021-07-21 12:44 - 2019-06-30 21:35 - 000849474 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat 2021-07-21 12:44 - 2019-06-30 21:35 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2021-07-21 12:44 - 2019-06-30 21:35 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2021-07-21 12:44 - 2019-06-30 21:34 - 000192907 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat 2021-07-21 12:44 - 2019-06-30 21:34 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2021-07-21 12:44 - 2019-06-30 21:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-07-21 12:44 - 2019-06-30 21:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2021-07-21 12:44 - 2019-06-30 21:20 - 000000000 ____D C:\Program Files\Elantech 2021-07-21 12:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat 2021-07-21 12:43 - 2019-07-01 00:18 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2021-07-21 09:34 - 2020-10-21 10:57 - 000000000 ____D C:\Program Files\Common Files\Apple 2021-07-21 09:34 - 2020-09-28 23:12 - 000000000 ____D C:\ProgramData\Apple 2021-07-21 09:03 - 2019-10-02 18:00 - 000000000 ____D C:\Users\amiko\AppData\Local\ElevatedDiagnostics 2021-07-21 08:59 - 2020-05-18 11:43 - 000000000 ____D C:\Users\amiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-07-21 08:19 - 2019-06-30 22:18 - 000000000 ____D C:\ProgramData\Packages 2021-07-21 08:05 - 2019-06-30 21:19 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-07-21 07:59 - 2020-07-09 13:24 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-21 07:04 - 2020-10-05 08:32 - 000000000 ____D C:\Users\furma\AppData\Roaming\MPC-HC 2021-07-21 07:04 - 2020-06-08 08:54 - 000000000 ____D C:\Users\furma\AppData\Roaming\TeamViewer 2021-07-21 07:04 - 2019-06-30 22:09 - 000000000 ____D C:\Users\amiko\AppData\Roaming\TeamViewer 2021-07-20 21:49 - 2021-05-15 23:39 - 000000000 ____D C:\Users\amiko\Documents\Outlook Files 2021-07-20 21:02 - 2019-07-02 22:17 - 000000000 ___RD C:\Users\amiko\OneDrive - University College London 2021-07-20 10:36 - 2019-06-30 22:10 - 000000000 ___RD C:\Users\amiko\Google Drive 2021-07-20 09:30 - 2020-07-09 13:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-20 09:21 - 2020-07-29 08:58 - 000000000 ____D C:\Users\amiko\AppData\LocalLow\Mozilla 2021-07-20 09:21 - 2020-07-09 13:17 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-20 09:21 - 2020-07-09 13:17 - 000000000 ____D C:\ProgramData\Mozilla 2021-07-19 09:28 - 2021-05-15 23:18 - 000000000 ____D C:\Program Files\Microsoft Office 2021-07-16 23:34 - 2021-06-17 11:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2021-07-16 20:53 - 2019-06-30 22:30 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-16 20:52 - 2019-07-02 21:52 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-16 20:43 - 2019-06-30 22:30 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-07-15 13:28 - 2020-09-07 07:46 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-15 13:28 - 2020-05-18 11:51 - 000000000 ___RD C:\Users\furma\OneDrive 2021-07-12 10:20 - 2021-06-13 18:17 - 000000000 ____D C:\ProgramData\PCDr 2021-07-12 10:20 - 2021-06-13 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-07-12 10:19 - 2021-06-13 18:15 - 000000000 ____D C:\Program Files\Dell 2021-07-10 07:42 - 2019-06-30 21:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-07-06 17:43 - 2021-05-24 10:06 - 000002364 _____ C:\Users\amiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-07-06 17:43 - 2021-05-24 10:06 - 000002356 _____ C:\Users\amiko\Desktop\Microsoft Teams.lnk 2021-07-05 14:42 - 2021-06-16 07:03 - 000000000 ____D C:\Users\amiko\AppData\Local\CrashDumps 2021-07-02 08:24 - 2020-05-18 11:48 - 000000000 __SHD C:\Users\furma\IntelGraphicsProfiles 2021-07-01 20:46 - 2020-05-18 11:48 - 000000000 ___RD C:\Users\furma\3D Objects ==================== Files in the root of some directories ======== 2021-07-05 15:37 - 2021-07-05 15:37 - 000002359 _____ () C:\Users\amiko\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================