Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2022 Ran by User (administrator) on DELL (Dell Inc. Inspiron 5547) (11-07-2022 07:10:47) Running from C:\Users\User\Desktop\FRST Loaded Profiles: User & jtxqbdzueqsz Platform: Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe <2> (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe <2> (C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe <6> (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe <2> (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe <2> (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe <2> (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe <2> (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <6> (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <2> (DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe <2> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe <2> (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe <2> (SearchIndexer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1737_none_7dec0d8c7ca729de\TiWorker.exe (svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <2> (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194736 2022-07-09] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3955888 2015-09-01] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [362056 2022-05-05] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Zwift] => C:\Program Files (x86)\Zwift\ZwiftLauncher.exe [18036608 2019-09-05] (Zwift, Inc. -> Zwift, Inc) [File not signed] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-10-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Run: [electron.app.Loom] => C:\Users\User\AppData\Local\Programs\Loom\Loom.exe [139767008 2022-06-10] (Loom, Inc. -> Loom, Inc.) HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\MountPoints2: {06d52b93-0120-11ec-83bf-34de1a1ceec6} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\MountPoints2: {12b50b74-bc93-11eb-83a0-34de1a1ceec6} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-139916497-3742323812-500074900-1009\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jtxqbdzueqsz\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File) HKU\S-1-5-21-139916497-3742323812-500074900-1009\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jtxqbdzueqsz\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File) HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.DLL [92680 2019-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.) HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [25600 2019-05-15] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\CutePDF Writer Monitor v3.2: C:\WINDOWS\system32\cpwmon64_v32.dll [90096 2017-05-26] (Acro Software Inc -> ) HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\WINDOWS\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-06] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Pervasive.SQL Workgroup Engine.lnk [2018-11-05] ShortcutTarget: Pervasive.SQL Workgroup Engine.lnk -> C:\PVSW\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2021-07-12] ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H1N1GQ05XJ;CONNECTION=USB;MONITOR=1; GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {162D3A0E-C2E8-48BC-9FA1-AC7E44B1F3D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116656 2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Task: {231FBFB8-BF55-4397-BB71-53677346CD4F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {2CD236E3-E784-43B5-AF15-0C27EA57D735} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116656 2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File) Task: {6613379E-90F7-4224-A454-A2ACDEC3DDF8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> ) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {74BDD868-B76F-4F3E-9CF5-B68C2982BAAA} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {779F1C92-25E8-4E37-AAAF-EF68E81934C9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File) Task: {80E63A93-C8BC-4BDE-A0E7-92CEE894F667} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378880 2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {87AA307C-44ED-4E20-905D-AE8D24F3CCD2} - System32\Tasks\PCDBackgroundMonSetup => C:\Program Files\My Dell\pcdrcui.exe -backgroundmonsetup (No File) Task: {8E79F55A-8EB3-403F-933A-ACBF0C6A7EA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378880 2022-07-09] (Microsoft Corporation -> Microsoft Corporation) Task: {93880007-352F-4888-A063-6F9FDD330BF6} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {A49B7CE2-3FA0-4F19-8A25-D983881DAF51} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (No File) Task: {BAB297D9-91F7-42EE-A1E7-393EC91E5448} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {DDCE9326-E336-480F-97C1-455473EC845B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {E6837F02-18AD-4332-8764-E9710E7BB516} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F661BE9D-3ADB-428D-A634-37A6F0649315} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-23] (Google Inc -> Google Inc.) Task: {F7B853F2-1FBA-42B2-9AC0-739780551F0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-23] (Google Inc -> Google Inc.) Task: {FAA85201-D5BB-4A6D-8A83-CDF93A0F797B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [715208 2022-07-09] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{13cd96fe-9e75-48a6-b2ca-8b5167cce406}: [DhcpNameServer] 10.0.0.2 Tcpip\..\Interfaces\{57c85a79-2acc-4aa7-920c-605db54869d9}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6c9d32de-5335-4fa2-8a34-f65bd46935e2}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{6c9d32de-5335-4fa2-8a34-f65bd46935e2}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b18e01f8-0bfc-4d6f-acf7-c90343f36464}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge DefaultProfile: Default Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-09] Edge Notifications: Default -> hxxps://meet.google.com Edge Extension: (DuckDuckGo) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2022-06-29] Edge Extension: (Alexa Traffic Rank) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2020-05-27] Edge Extension: (Auto History Wipe) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hdgnienkeomlaeeojaibeicglpoaadnj [2022-01-17] Edge Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2020-04-23] Edge Extension: (True Key™ by McAfee) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nbeldjopgciegccabfohnefghfpinncn [2020-12-17] Edge Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-06-29] Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-05-20] FireFox: ======== FF DefaultProfile: eys3jtko.default-1536150662053 FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\eys3jtko.default-1536150662053 [2022-07-06] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-07-11] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-07-11] CHR Notifications: Default -> hxxps://178887483213093.eu.webpush.freshchat.com; hxxps://book.qantas.com; hxxps://dnschecker.org; hxxps://elite-cv.com; hxxps://homes.trovit.co.za; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://messages.google.com; hxxps://petcube.com; hxxps://www.banggood.com; hxxps://www.indiatoday.in; hxxps://www.instagram.com; hxxps://www.makro.co.za; hxxps://www.netflix.com; hxxps://www.newsbreak.com; hxxps://www.oberlo.com; hxxps://www.pricecheck.co.za; hxxps://www.quickresults.net; hxxps://www.radissonhotels.com; hxxps://www.reddit.com; hxxps://www.shawacademy.com; hxxps://www.therapyroute.com; hxxps://www.tomsguide.com; hxxps://www.travelstart.co.za; hxxps://www.youtube.com CHR Extension: (DuckDuckGo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-06-29] CHR Extension: (Alexa Traffic Rank) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2022-05-04] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-22] CHR Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-07-01] CHR Extension: (TweetDeck by Twitter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2017-05-23] CHR Extension: (Auto History Wipe) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgnienkeomlaeeojaibeicglpoaadnj [2020-11-11] CHR Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2017-07-24] CHR Extension: (Zoom Scheduler) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2022-06-29] CHR Extension: (True Key™ by McAfee) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeldjopgciegccabfohnefghfpinncn [2020-12-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-09] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-10] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111264 2022-07-09] (Microsoft Corporation -> Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3342536 2022-07-09] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3342536 2022-07-09] (ESET, spol. s r.o. -> ESET) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-19] (HP Inc. -> HP Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [192880 2022-07-09] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [116960 2022-07-09] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [234192 2022-07-09] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [52880 2022-07-09] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79216 2022-07-09] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [119528 2022-07-09] (ESET, spol. s r.o. -> ESET) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [52832 2012-01-17] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2018-06-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.) S3 PcaSp50; C:\WINDOWS\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (PRINTING COMMUNICATIONS ASSOC., INC. -> Printing Communications Assoc., Inc. (PCAUSA)) S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.) S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-14] (Microsoft Windows -> Microsoft Corporation) S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-07-11 07:13 - 2022-07-11 07:13 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\cache 2022-07-11 07:09 - 2022-07-11 07:09 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-139916497-3742323812-500074900-1009 2022-07-11 07:09 - 2022-07-11 07:09 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-139916497-3742323812-500074900-1009 2022-07-11 07:09 - 2022-07-11 07:09 - 000002422 _____ C:\Users\jtxqbdzueqsz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-11 07:08 - 2022-07-11 07:08 - 000000000 ___RD C:\Users\jtxqbdzueqsz\OneDrive 2022-07-11 07:08 - 2022-07-11 07:08 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\CrashDumps 2022-07-11 07:05 - 2022-07-11 07:05 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\Publishers 2022-07-11 07:03 - 2022-07-11 07:13 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\AMD 2022-07-11 07:03 - 2022-07-11 07:05 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\Packages 2022-07-11 07:03 - 2022-07-11 07:03 - 000002352 _____ C:\Users\jtxqbdzueqsz\Desktop\Microsoft Edge.lnk 2022-07-11 07:03 - 2022-07-11 07:03 - 000002334 _____ C:\Users\jtxqbdzueqsz\Desktop\Google Chrome.lnk 2022-07-11 07:03 - 2022-07-11 07:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-07-11 07:03 - 2022-07-11 07:03 - 000000020 ___SH C:\Users\jtxqbdzueqsz\ntuser.ini 2022-07-11 07:03 - 2022-07-11 07:03 - 000000000 __SHD C:\Users\jtxqbdzueqsz\IntelGraphicsProfiles 2022-07-11 07:03 - 2022-07-11 07:03 - 000000000 ___RD C:\Users\jtxqbdzueqsz\3D Objects 2022-07-11 07:03 - 2022-07-11 07:03 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Roaming\Adobe 2022-07-11 07:03 - 2022-07-11 07:03 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\VirtualStore 2022-07-11 07:03 - 2022-07-11 07:03 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\Google 2022-07-11 07:03 - 2022-07-11 07:03 - 000000000 ____D C:\Users\jtxqbdzueqsz\AppData\Local\ConnectedDevicesPlatform 2022-07-11 07:02 - 2022-07-11 07:08 - 000000000 ____D C:\Users\jtxqbdzueqsz 2022-07-10 09:28 - 2022-07-10 09:28 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\52712712.sys 2022-07-10 07:40 - 2022-07-10 07:40 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-07-10 07:39 - 2022-07-10 07:39 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\43730560.sys 2022-07-10 07:38 - 2022-07-10 12:30 - 000000000 ____D C:\Users\User\Desktop\mbar 2022-07-10 07:38 - 2022-07-10 12:30 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2022-07-10 07:38 - 2022-07-10 09:12 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2022-07-10 07:37 - 2022-07-10 07:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.10.3.1001.exe 2022-07-10 07:37 - 2022-07-10 07:37 - 002556344 _____ (Malwarebytes) C:\Users\User\Downloads\MBSetup-ABF19A2B-130589.130589.exe 2022-07-09 12:05 - 2022-07-09 12:05 - 000234192 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2022-07-09 12:05 - 2022-07-09 12:05 - 000192880 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2022-07-09 12:05 - 2022-07-09 12:05 - 000119528 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2022-07-09 12:05 - 2022-07-09 12:05 - 000079216 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2022-07-09 12:05 - 2022-07-09 12:05 - 000052880 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys 2022-07-09 09:05 - 2022-07-09 09:07 - 190186360 _____ (Intel(R) Corporation) C:\Users\User\Downloads\wifi_21.10.1_proset64_win10 (2).exe 2022-07-08 14:45 - 2022-07-08 14:45 - 001949514 _____ C:\Users\User\Downloads\data-visualization-2.1.pdf 2022-07-08 08:53 - 2022-07-08 08:53 - 000065338 _____ C:\Users\User\Downloads\E-TICKET FOR WILLIAMS 13 JULY 22.pdf 2022-07-08 08:53 - 2022-07-08 08:53 - 000065324 _____ C:\Users\User\Downloads\E-TICKET FOR WILLIAMS 12 JULY 22.pdf 2022-07-07 14:43 - 2022-07-10 08:27 - 000000000 ____D C:\Users\User\Documents\R Projects 2022-07-06 17:08 - 2022-07-06 17:08 - 042696144 _____ (Intel Corporation) C:\Users\User\Downloads\WiFi-22.140.0-Driver64-Win10-Win11.exe 2022-07-06 17:06 - 2022-07-06 17:06 - 008914768 _____ (Intel Corporation) C:\Users\User\Downloads\WiFi-22.140.0-Driver32-Win10.exe 2022-07-06 10:16 - 2022-07-09 09:23 - 000001040 _____ C:\Users\User\Desktop\LatencyMon.lnk 2022-07-06 10:16 - 2022-07-06 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon 2022-07-06 10:16 - 2022-07-06 10:16 - 000000000 ____D C:\Program Files\LatencyMon 2022-07-06 10:16 - 2020-08-21 09:36 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys 2022-07-06 10:12 - 2022-07-06 10:13 - 000192515 _____ C:\Users\User\Desktop\Speccy.txt 2022-07-06 10:07 - 2022-07-06 10:07 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk 2022-07-06 10:07 - 2022-07-06 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2022-07-06 10:07 - 2022-07-06 10:07 - 000000000 ____D C:\Program Files\Speccy 2022-07-06 10:01 - 2022-07-06 10:01 - 000020171 _____ C:\junk.txt 2022-07-06 09:57 - 2022-07-06 09:57 - 000027171 _____ C:\Users\User\Desktop\Process.txt 2022-07-06 09:53 - 2022-07-06 09:53 - 002839416 _____ (Sysinternals - www.sysinternals.com) C:\Users\User\Desktop\procexp (3).exe 2022-07-05 17:53 - 2022-07-11 07:10 - 000000000 ____D C:\Users\User\Desktop\FRST 2022-07-05 09:06 - 2022-07-05 09:13 - 485595672 _____ (AMD Inc.) C:\Users\User\Downloads\radeon-software-adrenalin-2020-22.6.1-win10-win11-64bit-legacyasics-june23-2022-legacy.exe 2022-07-05 09:05 - 2022-07-05 09:13 - 483208432 _____ (AMD Inc.) C:\Users\User\Downloads\radeon-software-adrenalin-2020-21.5.2-win10-64bit-legacyasics-june21-legacy.exe 2022-07-05 09:05 - 2022-07-05 09:05 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2022-07-05 08:49 - 2022-07-05 08:49 - 006460120 _____ (Intel) C:\Users\User\Downloads\Intel-Driver-and-Support-Assistant-Installer (1).exe 2022-07-04 19:13 - 2022-07-04 19:13 - 000057302 _____ C:\Users\User\Downloads\62426877281-confirmation (2).pdf 2022-07-04 11:19 - 2022-07-04 11:19 - 000194853 _____ C:\Users\User\Downloads\1002361731-20220624-28394.pdf 2022-07-04 08:18 - 2022-07-04 08:18 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2022-07-01 10:40 - 2022-07-10 09:14 - 000000000 ____D C:\Users\User\AppData\Roaming\RStudio 2022-07-01 10:40 - 2022-07-10 09:14 - 000000000 ____D C:\Users\User\AppData\Local\RStudio 2022-07-01 10:40 - 2022-07-01 10:40 - 000000943 _____ C:\Users\User\Desktop\RStudio.lnk 2022-07-01 10:40 - 2022-07-01 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio 2022-07-01 10:39 - 2022-07-01 10:40 - 000000000 ____D C:\Program Files\RStudio 2022-07-01 10:36 - 2022-07-01 10:38 - 177264296 _____ (RStudio, PBC) C:\Users\User\Downloads\RStudio-2022.02.3-492.exe 2022-07-01 09:38 - 2022-07-10 08:26 - 000000170 _____ C:\Users\User\Documents\.Rhistory 2022-07-01 09:38 - 2022-07-01 09:38 - 000000049 _____ C:\Users\User\Documents\.RData 2022-07-01 09:31 - 2022-07-07 11:02 - 000000000 ____D C:\Users\User\AppData\Local\R 2022-06-30 15:54 - 2022-06-30 15:54 - 000001106 _____ C:\Users\Public\Desktop\R 4.2.1.lnk 2022-06-30 15:54 - 2022-06-30 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R 2022-06-30 15:53 - 2022-06-30 15:53 - 000000000 ____D C:\Program Files\R 2022-06-30 15:52 - 2022-06-30 15:52 - 082615168 _____ (R Core Team ) C:\Users\User\Downloads\R-4.2.1-win.exe 2022-06-30 12:30 - 2022-06-30 12:30 - 002488367 _____ C:\Users\User\Downloads\qtCZpDBbQdmQmaQwW3HZaw_2cb723c3463247219f33eabec643213e_Demystifying-Value-Presentation.pptx 2022-06-30 12:07 - 2022-06-30 12:07 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-139916497-3742323812-500074900-1001 2022-06-30 12:07 - 2022-06-30 12:07 - 000002414 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-06-29 15:18 - 2022-06-29 15:18 - 000000000 ____D C:\Users\User\.ms-ad 2022-06-29 14:23 - 2022-06-29 14:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-06-29 14:22 - 2022-06-29 14:22 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-06-29 14:22 - 2022-06-29 14:22 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-06-29 11:05 - 2022-06-29 11:05 - 005324808 _____ C:\Users\User\Downloads\Diagnostics_Logs-OLK-UTC.2022.6.29.9.5.19.657.zip 2022-06-28 15:03 - 2022-06-28 15:03 - 000385897 _____ C:\Users\User\Downloads\Linking Data in Tableau.pptx 2022-06-28 12:53 - 2022-06-28 12:53 - 000167457 _____ C:\Users\User\Downloads\SampleSuperstore.csv.zip 2022-06-28 12:51 - 2022-06-28 12:51 - 003384320 _____ C:\Users\User\Downloads\Sample - Superstore.xls 2022-06-28 12:29 - 2022-06-28 12:29 - 001499420 _____ C:\Users\User\Downloads\Demo manufacturing dashboards.twbx 2022-06-28 09:50 - 2022-06-28 13:13 - 000000000 ____D C:\Users\User\Downloads\Tableau 2022-06-28 09:46 - 2022-06-28 09:46 - 000000000 ____D C:\Users\User\Documents\My Tableau Repository 2022-06-28 09:46 - 2022-06-28 09:46 - 000000000 ____D C:\Users\User\AppData\Local\Tableau 2022-06-28 09:46 - 2022-06-28 09:46 - 000000000 ____D C:\ProgramData\FLEXnet 2022-06-27 17:44 - 2022-06-27 17:44 - 000001335 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tableau 2022.1.lnk 2022-06-27 17:44 - 2022-06-27 17:44 - 000001323 _____ C:\Users\Public\Desktop\Tableau 2022.1.lnk 2022-06-27 17:44 - 2022-06-27 17:44 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared 2022-06-27 17:42 - 2022-06-27 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2022-06-27 17:42 - 2022-06-27 17:42 - 000000000 ____D C:\WINDOWS\system32\1033 2022-06-27 17:42 - 2022-06-27 17:42 - 000000000 ____D C:\Program Files\Tableau 2022-06-27 17:42 - 2022-06-27 17:42 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2022-06-27 17:42 - 2022-06-27 17:42 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2022-06-27 17:35 - 2022-06-27 17:39 - 534162096 _____ (Tableau Software) C:\Users\User\Downloads\TableauDesktop-64bit-2022-1-3.exe 2022-06-27 17:12 - 2022-06-27 17:12 - 000009463 _____ C:\Users\User\Downloads\1CatA2d3QAqmrQNndzAKQg_420b4adfcdec47a0b0c67d6c5cea0641_Cosmetics-Inc..xlsx 2022-06-27 17:03 - 2022-06-27 17:03 - 000038617 _____ C:\Users\User\Downloads\FjjVu8DkTk641bvA5A5O3w_70aeb58ebd4b4b9c844f269637422799_Customer-service-survey-responses.xlsx 2022-06-27 14:25 - 2022-06-27 14:25 - 001589933 _____ C:\Users\User\Downloads\CO2.xlsx 2022-06-27 14:25 - 2022-06-27 14:25 - 000138992 _____ C:\Users\User\Downloads\TotalPopulation.xlsx 2022-06-27 14:25 - 2022-06-27 14:25 - 000077406 _____ C:\Users\User\Downloads\GDP_Total.xlsx 2022-06-27 14:25 - 2022-06-27 14:25 - 000069074 _____ C:\Users\User\Downloads\Energy_Data.xlsx 2022-06-26 14:11 - 2022-06-26 14:12 - 000120655 _____ C:\Users\User\Downloads\Booking Confirmation [WG28KSC].pdf 2022-06-24 15:43 - 2022-06-26 17:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Loom 2022-06-24 15:43 - 2022-06-24 15:43 - 000002278 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Loom.lnk 2022-06-24 15:43 - 2022-06-24 15:43 - 000002270 _____ C:\Users\User\Desktop\Loom.lnk 2022-06-24 15:43 - 2022-06-24 15:43 - 000000000 ____D C:\Users\User\AppData\Local\loom-updater 2022-06-24 15:29 - 2022-06-24 15:29 - 088444168 _____ (Loom, Inc.) C:\Users\User\Downloads\Loom Setup 0.134.0.exe 2022-06-24 14:05 - 2022-06-24 14:05 - 000457752 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-06-24 11:19 - 2022-06-24 11:19 - 001589933 _____ C:\Users\User\Downloads\7b-USYCkQvy_lEmApJL8Pg_c340efec81fd455384064564678892f1_CO2-Dataset.xlsx 2022-06-22 14:56 - 2022-06-22 14:56 - 000940796 _____ C:\Users\User\Downloads\bquxjob_32762fb8_1818b7a673b.csv 2022-06-22 14:33 - 2022-06-22 14:33 - 000042989 _____ C:\Users\User\Downloads\Products.csv 2022-06-22 14:32 - 2022-06-22 14:32 - 000057587 _____ C:\Users\User\Downloads\Inventory.csv 2022-06-22 14:14 - 2022-06-22 14:14 - 008027704 _____ C:\Users\User\Downloads\Sales.csv 2022-06-22 09:58 - 2022-06-22 09:58 - 000643781 _____ C:\Users\User\Downloads\archive.zip 2022-06-21 12:01 - 2022-06-21 12:01 - 000360454 _____ C:\Users\User\Downloads\7wHK8ZKvRoGByvGSr1aBNw_5433b9c9b98d41b09152b3331141def1_Warehouse-Orders---Orders.csv 2022-06-21 12:01 - 2022-06-21 12:01 - 000000484 _____ C:\Users\User\Downloads\imJai0YnRlyiWotGJ4Zc4g_681d60c67a5c443f90940a3e3b548cf1_Warehouse-Orders---Warehouse.csv 2022-06-21 10:29 - 2022-06-21 10:29 - 000802977 _____ C:\Users\User\Desktop\Rodger Williams CV.pdf 2022-06-20 18:28 - 2022-06-20 18:39 - 000000000 ____D C:\Users\User\AppData\Local\Notepad 2022-06-20 14:11 - 2022-06-20 14:11 - 000000241 _____ C:\Users\User\Downloads\ac7_JD2BTbyO_yQ9gU28iw_55306ffc65874fedb9efbd01809bfcf1_Employees-Table---Understanding-JOINS.csv 2022-06-20 14:11 - 2022-06-20 14:11 - 000000077 _____ C:\Users\User\Downloads\EovSmanLQh6L0pmpy4Iedg_fe20c7a8eeed4cdfa40aaa02889759f1_Departments-Table---Understanding-JOINS.csv 2022-06-20 11:11 - 2022-06-20 11:11 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-06-20 11:11 - 2022-06-20 11:11 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-06-20 11:10 - 2022-06-20 11:10 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-06-20 11:09 - 2022-06-20 11:09 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-06-20 11:09 - 2022-06-20 11:09 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-20 11:05 - 2022-06-24 08:54 - 000000000 ____D C:\Users\User\AppData\Local\SaraResults 2022-06-20 10:58 - 2022-06-20 10:58 - 000000000 ____D C:\Users\User\AppData\Local\IsolatedStorage 2022-06-20 10:51 - 2022-06-24 08:48 - 000000000 ____D C:\Users\User\AppData\Local\SaRALogs 2022-06-20 10:50 - 2022-06-20 10:50 - 000000520 _____ C:\Users\User\Desktop\Microsoft Support and Recovery Assistant.appref-ms 2022-06-20 10:50 - 2022-06-20 10:50 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2022-06-20 10:47 - 2022-06-29 11:07 - 000000000 ____D C:\Users\User\AppData\Local\Deployment 2022-06-20 10:01 - 2022-06-20 10:01 - 000000000 ___HD C:\$WinREAgent 2022-06-15 10:45 - 2022-06-15 10:45 - 000102899 _____ C:\Users\User\Downloads\KNFbyUKxRKiRW8lCsQSo8A_8adeac50825b4df68daaf6055c404ef1_Movie-Data.csv 2022-06-14 11:30 - 2022-06-14 11:30 - 000002359 _____ C:\Users\User\Downloads\Hhbf0PXYQVmW39D12OFZ8A_ef465a1628a943b98ba9d0e7696877f1_Lauren-s-Furniture-Store-Transaction-Table.csv 2022-06-14 10:16 - 2022-06-14 10:16 - 000019802 _____ C:\Users\User\Downloads\automobile_data.csv 2022-06-13 17:46 - 2022-06-13 17:46 - 000001872 _____ C:\Users\User\Downloads\F0iSyYcLT9iIksmHCw_Y-Q_191f150a80d74fda96f9df2aa2e3b533_Customer-Table---Sheet1.csv 2022-06-13 13:29 - 2022-06-13 13:29 - 000008082 _____ C:\Users\User\Downloads\9Ss-5kXlRP6rPuZF5VT-qA_d5c83c4e13d643cd87cb22632fcaa9c6_Data-Spreadsheet-for-Cleaning-with-Spreadsheets.xlsx 2022-06-13 11:36 - 2022-06-13 11:36 - 000085858 _____ C:\Users\User\Downloads\5yy51M8xSPesudTPMVj3QQ_8eae23a8b98d4e339061bd9252c073f1_Margin-of-Error-Calculator.xlsx 2022-06-13 11:21 - 2022-06-13 11:21 - 000064991 _____ C:\Users\User\Downloads\wdJjVp9YQpuSY1afWKKbTQ_952d20cf319a47adb84197abb66cf0f1_Sample-Size-Calculator.xlsx 2022-06-13 10:13 - 2022-06-13 10:13 - 001104479 _____ C:\Users\User\Downloads\ACCA-Membership-Certificate-01257441-4772497-MSC (2).pdf 2022-06-13 10:12 - 2022-06-13 10:12 - 000067794 _____ C:\Users\User\Downloads\ExamHistoryTranscript4771252083144543759.pdf 2022-06-13 10:12 - 2022-06-13 10:12 - 000067794 _____ C:\Users\User\Downloads\ExamHistoryTranscript3933612103932851478.pdf 2022-06-12 16:44 - 2022-06-12 16:44 - 001115512 _____ C:\Users\User\Downloads\e-vaccination-certificate-2022-6-12-v2.pdf 2022-06-12 16:27 - 2022-06-12 16:27 - 001643406 _____ C:\Users\User\Downloads\Academic Certificates.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-07-11 07:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-11 07:15 - 2017-05-24 17:36 - 000000000 ____D C:\Users\User\Documents\Outlook Files 2022-07-11 07:12 - 2021-09-20 10:25 - 000000000 ____D C:\FRST 2022-07-11 07:08 - 2021-09-15 15:44 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2022-07-11 07:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-07-11 07:04 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-07-11 07:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-11 07:03 - 2017-05-23 18:38 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-07-11 07:03 - 2017-05-23 14:29 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-11 07:00 - 2017-05-23 09:54 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2022-07-11 06:57 - 2021-10-30 12:54 - 000008192 ___SH C:\DumpStack.log.tmp 2022-07-11 06:57 - 2020-09-11 15:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-07-11 06:57 - 2019-05-15 11:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-07-11 06:56 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2022-07-11 06:49 - 2020-09-11 15:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-07-10 14:16 - 2018-03-26 10:56 - 000000000 ____D C:\Users\User\Documents\Personal 2022-07-09 12:20 - 2017-12-12 19:47 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2022-07-09 12:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-07-09 12:05 - 2018-05-24 10:49 - 000116960 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2022-07-09 09:44 - 2017-05-23 18:33 - 000000000 ____D C:\ProgramData\Package Cache 2022-07-09 09:41 - 2019-04-05 16:55 - 000000000 ____D C:\Users\User\AppData\Roaming\Intel 2022-07-09 09:41 - 2019-04-05 16:54 - 000000000 ____D C:\ProgramData\Intel 2022-07-09 09:41 - 2017-05-23 18:33 - 000000000 ____D C:\Program Files\Intel 2022-07-09 09:40 - 2017-05-23 09:46 - 000000000 ____D C:\Program Files (x86)\Intel 2022-07-09 09:36 - 2017-05-24 16:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-07-09 08:53 - 2020-04-23 13:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-07 11:39 - 2021-04-19 13:08 - 000000000 ____D C:\Users\User\AppData\Local\AMD_Common 2022-07-07 08:11 - 2018-09-03 09:47 - 000000000 ____D C:\Program Files\Dell 2022-07-07 08:10 - 2017-05-23 09:54 - 000000000 ____D C:\ProgramData\Dell 2022-07-06 17:53 - 2019-01-09 18:33 - 000000000 ____D C:\Users\User\AppData\Local\Dell Inc 2022-07-06 09:54 - 2021-09-13 12:45 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2022-07-06 09:38 - 2017-05-23 14:30 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-05 09:03 - 2020-09-11 15:24 - 000777862 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-07-04 08:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2022-06-30 12:07 - 2021-12-19 08:18 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-139916497-3742323812-500074900-1001 2022-06-25 14:03 - 2018-06-27 08:06 - 000000000 ____D C:\ProgramData\Packages 2022-06-25 13:54 - 2018-10-10 15:31 - 000000000 ____D C:\Pastel12 2022-06-24 09:20 - 2021-09-29 16:47 - 000000000 ____D C:\Users\User\AppData\Roaming\BitTorrent 2022-06-24 09:20 - 2019-05-15 11:39 - 000000000 ____D C:\Users\User\AppData\Roaming\TeamViewer 2022-06-22 09:59 - 2019-10-01 09:54 - 001989197 _____ C:\Users\User\Downloads\avocado.csv 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-06-20 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-06-20 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-06-20 18:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-06-20 11:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-20 11:08 - 2020-09-11 15:09 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-06-20 09:06 - 2017-05-23 10:14 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-06-20 09:04 - 2017-05-23 10:13 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-06-14 13:09 - 2018-11-26 11:10 - 000000000 ____D C:\Users\User\Documents\62 6th Street ==================== Files in the root of some directories ======== 2018-10-10 15:29 - 2018-11-05 11:45 - 000000190 _____ () C:\Program Files (x86)\Common Files\psasetup.log 2018-10-11 13:45 - 2022-06-25 13:54 - 000835340 _____ () C:\Users\User\AppData\Local\BICPartnerV12.log 2018-06-28 12:10 - 2020-06-05 10:56 - 000007596 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================