Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022 Ran by Dan (administrator) on DESKTOP-KPERUJC (Micro-Star International Co., Ltd. MS-7C84) (24-04-2022 22:52:22) Running from C:\Users\Dan\Documents Loaded Profiles: Dan Platform: Microsoft Windows 10 Education Version 21H1 19043.1645 (X64) Language: Polish (Poland) -> English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe (C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\AOC G-Menu\CTHelper.exe (DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\atieclxx.exe (Electronic Arts, Inc. -> Respawn Entertainment) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\r5apex.exe (explorer.exe ->) (Acrox) [File not signed] C:\AOC G-Tools App\AOC G-Tools.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (emoacht) C:\Program Files\WindowsApps\10186emoacht.Monitorian_3.10.1.0_neutral__0q7myvhtpbc7w\MonitorianPlus\MonitorianPlus.exe (explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (explorer.exe ->) (Figma, Inc. -> ) C:\Users\Dan\AppData\Local\FigmaAgent\figma_agent.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe (explorer.exe ->) (RescueTime, Inc.) [File not signed] C:\Program Files (x86)\RescueTime\RescueTime.exe (explorer.exe ->) (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\atiesrxx.exe (services.exe ->) (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe (services.exe ->) (EasyAntiCheat Oy -> Epic Games, Inc) C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Dan\AppData\Local\slack\app-4.25.2\slack.exe <5> (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AOC G-Tools App] => C:\AOC G-Tools App\AOC G-Tools.exe [5110272 2020-11-25] (Acrox) [File not signed] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [DisplayTune.exe] => C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe [3378592 2021-10-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819672 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-04-24] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [277688 2021-04-21] (TEFINCOM S.A. -> TEFINCOM S.A.) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [Spotify] => C:\Users\Dan\AppData\Roaming\Spotify\Spotify.exe [19644904 2022-04-21] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32612832 2022-04-20] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [139936888 2022-04-14] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [Figma Agent] => C:\Users\Dan\AppData\Local\FigmaAgent\figma_agent.exe [6013152 2022-01-20] (Figma, Inc. -> ) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2582668551-3615273048-1737077342-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Dan\AppData\Local\slack\slack.exe [309056 2022-04-20] (Slack Technologies, Inc. -> Slack Technologies Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\NoMachine Port Monitor: C:\Program Files (x86)\NoMachine\bin\libnxlp64.dll [849408 2021-05-26] (NoMachine S.a.r.l. -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC) Lsa: [Authentication Packages] msv1_0 nxlsa Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2021-08-08] ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2022-04-23] ShortcutTarget: Update UWP App.lnk -> C:\Program Files (x86)\LastPass\lpwinmetro\AppxUpgradeUwp.exe (LogMeIn, Inc. -> ) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0454FFAF-8D3B-42D7-B66D-54568291A644} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0A8E359D-FAE3-4F1D-B816-601E7E2FF7FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-17] (Google LLC -> Google LLC) Task: {23E6A293-8200-4278-BD2B-EA5F941F1EF9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {2A3A0338-2362-4F24-B2AE-11FF7952FADB} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {2B0EACE9-4B72-4371-8607-9AF5F7514808} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [1320368 2022-04-11] (LogMeIn, Inc. -> GoTo Group, Inc.) Task: {2C7A81CC-DF25-4A5E-97F1-E36D3E487A62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2CD512AE-1955-46AA-B8E6-763FA9B98B98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3811E8D5-B6C7-4270-A809-A0434E3CEA6A} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-03-22] (Advanced Micro Devices, Inc.) [File not signed] Task: {3939AB23-7B3E-4625-8918-E95C2CBE708F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {675151A7-72C8-4A03-B187-3CF7DE20D3C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7BB18E12-1826-41FB-959E-8EB5DA07F499} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {A08BAF27-1A83-4C49-9BA8-EA45F6F4653C} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.50\Installer\setup.exe [3211712 2022-04-23] (Microsoft Corporation -> Microsoft Corporation) Task: {C08528EC-690D-455E-A86C-FF2E7C318FFF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2022-04-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {C35CA9D5-9DEB-4B60-8199-136671296921} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-04-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {CAA3CA6A-CD10-4B22-BA58-1C561C278206} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-01-11] (Bluestack Systems, Inc -> BlueStack Systems, Inc.) Task: {E0C453C7-87FC-423C-BE25-38616BA0D635} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-17] (Google LLC -> Google LLC) Task: {E872D3AE-0CFF-48D2-B2AC-7DE80A7535EB} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2574168 2022-04-19] (Overwolf Ltd -> Overwolf LTD) Task: {E9851053-1255-4A0A-99ED-98C973DE1F5E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9b423855-40a7-44b2-8423-080bbb1320a4}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b0fee27c-b089-422d-8f76-27ed725cbaf2}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge Profile: C:\Users\Dan\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-20] Edge Extension: (LastPass: Free Password Manager) - C:\Users\Dan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2022-04-20] Edge HKLM-x32\...\Edge\Extension: [bbcinlkgjjkejfdpemiealijmmooekmp] FireFox: ======== FF DefaultProfile: bgbim076.default FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bgbim076.default [2021-12-14] FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\tkzuwrm5.default-release [2021-12-14] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-10-05] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-04-24] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-04-24] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default [2022-04-24] CHR DownloadDir: H:\osint CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.fxmag.pl CHR HomePage: Default -> hxxp://natemat.pl/122411,kobiety-wariuja-na-widok-striptizera-bo-ich-faceci-sa-zaniedbani-lub-nie-potrafia-sprzedac-swojej-atrakcyjnosci CHR StartupUrls: Default -> "hxxp://9gag.com/gag/ae3exPv","hxxp://natemat.pl/122411,kobiety-wariuja-na-widok-striptizera-bo-ich-faceci-sa-zaniedbani-lub-nie-potrafia-sprzedac-swojej-atrakcyjnosci","hxxps://www.messenger.com/t/717028329","hxxps://trello.com/b/22b1A2lu/personal","hxxp://kokopeliseeds.com/" CHR Extension: (NooBoss) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aajodjghehmlpahhboidcpfjcncmcklf [2021-12-23] CHR Extension: (Prezentacje) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-17] CHR Extension: (Postman Interceptor) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2021-05-17] CHR Extension: (Dokumenty) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-17] CHR Extension: (Dysk Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-17] CHR Extension: (RescueTime for Chrome and Chrome OS) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2021-05-17] CHR Extension: (Sketchboard.io) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgafhjpdkfjfmmjbebbdckolonomaoil [2021-05-17] CHR Extension: (Octotree - GitHub code tree) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkhaagjahfmjljalopjnoealnfndnagc [2022-03-23] CHR Extension: (Połączenia przez Skype) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2021-05-17] CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-17] CHR Extension: (Pobieracz wideo dla Vimeo) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmcdpfpkoildicgacgldinemhgmcbgp [2022-03-27] CHR Extension: (Pushbullet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2021-05-17] CHR Extension: (RentalWatch - wyszukiwarka Gumtree / Olx) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjaiampoeklkdecjifpekmpjdmpailig [2021-10-15] CHR Extension: (uBlock Origin) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-09] CHR Extension: (Image Downloader) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2021-05-17] CHR Extension: (Story Wars) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coadbejlmmejdkpdcnbikfcplabhgmpo [2021-05-17] CHR Extension: (jQuery Debugger) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi [2021-05-17] CHR Extension: (Mailto: for Gmail™) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2021-05-17] CHR Extension: (Tampermonkey) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-04-09] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2021-05-17] CHR Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2022-04-20] CHR Extension: (IPvFoo) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecanpcehffngcegjmadlcijfolapggal [2021-09-08] CHR Extension: (Session Buddy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2021-05-17] CHR Extension: (VT4Browsers) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2022-04-05] CHR Extension: (Zoom Recording / Video Downloader) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehioimgmdbbkmbbimfjcdmonjnjjhgng [2021-05-17] CHR Extension: (Google Font Previewer for Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\engndlnldodigdjamndkplafgmkkencc [2021-05-17] CHR Extension: (Productivity Owl) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoagmdboiealblmpaahjlhajggndaahi [2021-05-17] CHR Extension: (Arkusze) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-17] CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2022-03-02] CHR Extension: (NordVPN – VPN Proxy for Privacy & Security) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2022-04-12] CHR Extension: (Dodatek Google Analytics Opt-out firmy Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-05-17] CHR Extension: (React Developer Tools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2022-04-06] CHR Extension: (Return YouTube Dislike) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-04-20] CHR Extension: (Dokumenty Google offline) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20] CHR Extension: (Screen Capture) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghihpjhpgdepnohngpgfcmcijmkggpaf [2021-05-17] CHR Extension: (Przycisk Zapisz Pinteresta) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-03-02] CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2022-04-02] CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2022-03-11] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-04-20] CHR Extension: (Aparat) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2021-05-17] CHR Extension: (Regulacja głośności dla Google Chrome™) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlfnonibbbggmlaacojkhhppaonibdp [2021-12-22] CHR Extension: (ModHeader) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2022-02-17] CHR Extension: (Social Fixer for Facebook) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2021-11-15] CHR Extension: (Chrome Remote Desktop) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-07-30] CHR Extension: (Stream Recorder - download HLS as MP4) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogidnfllpdhagebkblkgbfijkbkjdmm [2021-12-28] CHR Extension: (Tab Auto Refresh) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaioibhbkffompljnnipmpkeafhpicpd [2021-10-11] CHR Extension: (Wypełniacz loterii paragonowej) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jheghjhekamfaapalhjciimpegfohfnm [2021-05-17] CHR Extension: (Extensity) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg [2021-05-17] CHR Extension: (Floating for YouTube™) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2021-05-17] CHR Extension: (Grammarly for Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-20] CHR Extension: (TrackingTime | Time Tracker) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knailkjkjcfegledhjhcfacdngnicimb [2021-05-17] CHR Extension: (StayFocusd) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2021-05-17] CHR Extension: (Momentum) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2022-04-20] CHR Extension: (Loom – Free Screen and Cam Recorder) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-04-14] CHR Extension: (Redux DevTools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhkpmbekcpmknklioeibfkpmmfibljd [2022-04-06] CHR Extension: (Google Dictionary (by Google)) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2021-09-28] CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2022-04-07] CHR Extension: (drumbit) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mplpmdejoamenolpcojgegminhcnmibo [2021-05-17] CHR Extension: (Video Speed Controller) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2021-10-01] CHR Extension: (Vue.js devtools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdogjmejiglipccpnnnanhbledajbpd [2022-03-31] CHR Extension: (Save to Pocket) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-02-11] CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2022-04-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-17] CHR Extension: (JetBrains Toolbox Extension) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\offnedcbhjldheanlbojaefbfbllddna [2022-03-29] CHR Extension: (Neater Bookmarks) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2021-05-17] CHR Extension: (Książkowa Cebula) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkdbiepddofnnblfkaeogcfledfchcm [2021-05-17] CHR Extension: (Evernote Web Clipper) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2022-03-27] CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-17] CHR Extension: (DEPRECATED Secure Shell App) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhechapfaindjhompbnflcldabbghjo [2022-03-02] CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-24] CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-21] CHR Notifications: Profile 1 -> hxxps://meet.google.com; hxxps://viasat.zoom.us CHR Extension: (Prezentacje) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-08] CHR Extension: (The Great Suspender Original) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahmkjjgdligadogjedmnogbpbcpofeeo [2021-10-28] CHR Extension: (Dokumenty) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-08] CHR Extension: (Dysk Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-08] CHR Extension: (RescueTime for Chrome and Chrome OS) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2021-08-08] CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-08] CHR Extension: (Pobieracz wideo dla Vimeo) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgmcdpfpkoildicgacgldinemhgmcbgp [2022-03-30] CHR Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2022-04-20] CHR Extension: (Session Buddy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2021-08-08] CHR Extension: (Adobe Acrobat: edycja plików PDF, konwertowanie, narzędzia podpisywania) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-30] CHR Extension: (Arkusze) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-08] CHR Extension: (React Developer Tools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2022-04-20] CHR Extension: (Dokumenty Google offline) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20] CHR Extension: (Integracja z GNOME Shell) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gphhapmejobijbbhgpjhcjognlahblep [2021-10-19] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-04-20] CHR Extension: (Aparat) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2022-01-13] CHR Extension: (GeForce Now Web Enabler) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioaplpondpicpdlfoccpaenbdinbdbpi [2021-10-01] CHR Extension: (Grammarly for Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-20] CHR Extension: (BrowserStack) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkihdmlheodkdfojglpcjjmioefjahjb [2021-08-08] CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2022-04-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-08] CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-08] CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-04-24] CHR Extension: (Prezentacje) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-29] CHR Extension: (Dokumenty) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-29] CHR Extension: (Dysk Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-29] CHR Extension: (RescueTime for Chrome and Chrome OS) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2021-09-29] CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-29] CHR Extension: (uBlock Origin) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-20] CHR Extension: (Session Buddy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2021-09-29] CHR Extension: (Arkusze) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-04-20] CHR Extension: (File System for Dropbox) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hlffpaajmfllggclnjppbblobdhokjhe [2021-09-29] CHR Extension: (Grammarly for Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-20] CHR Extension: (Extensions switcher) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mapmknaogodpakjopdhmdcilahbfbjpc [2021-09-29] CHR Extension: (Text) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mmfbcljfglbokpmkimbfghdkjmjhdgbg [2022-04-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-29] CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-29] CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-20] CHR Notifications: Profile 5 -> hxxps://calendar.google.com CHR DefaultSearchURL: Profile 5 -> hxxps://search.tosdr.org/search?q={searchTerms} CHR DefaultSearchKeyword: Profile 5 -> tosdr CHR DefaultSuggestURL: Profile 5 -> hxxps://search.tosdr.org/autocompleter?q={searchTerms} CHR Extension: (Prezentacje) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-01] CHR Extension: (Postman Interceptor) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2021-10-01] CHR Extension: (Dokumenty) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-01] CHR Extension: (Dysk Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-01] CHR Extension: (RescueTime for Chrome and Chrome OS) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2021-10-01] CHR Extension: (Web Developer) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2021-10-01] CHR Extension: (ColorZilla) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-10-01] CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-01] CHR Extension: (Honey) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-04-20] CHR Extension: (Fake Filler) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2021-10-01] CHR Extension: (Floating Video Player) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bnkfdgkccidbedkfoneaajldjgagjhib [2021-10-01] CHR Extension: (DevTools Theme: Zero Dark Matrix) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bomhdjeadceaggdgfoefmpeafkjhegbo [2021-10-01] CHR Extension: (uBlock Origin) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-20] CHR Extension: (Wysoki kontrast.) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2021-10-01] CHR Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2022-04-20] CHR Extension: (Gitpod - Always ready to code) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dodmmooeoklaejobgleioelladacbeki [2022-03-16] CHR Extension: (Xdebug helper) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eadndfjplgieldjbigjakmdgkmoaaaoc [2021-10-01] CHR Extension: (Session Buddy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2021-10-01] CHR Extension: (Adobe Acrobat: edycja plików PDF, konwertowanie, narzędzia podpisywania) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-20] CHR Extension: (Focus 45) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efjdfkfpnffgkdgehkenoikpbadfgple [2021-10-01] CHR Extension: (BlockSite: Block Websites & Stay Focused) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2022-02-03] CHR Extension: (Floating Player) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ekajjllcmeckibblgckgoceinmmgnfop [2021-10-01] CHR Extension: (uBlock) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2021-10-01] CHR Extension: (Emmet Re:view) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\epejoicbhllgiimigokgjdoijnpaphdp [2021-10-01] CHR Extension: (Arkusze) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-01] CHR Extension: (NordVPN – VPN Proxy for Privacy & Security) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2022-04-20] CHR Extension: (ChromeiQL) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fkkiamalmpiidkljmicmjfbieiclmeij [2021-10-01] CHR Extension: (Dodatek Google Analytics Opt-out firmy Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-10-01] CHR Extension: (React Developer Tools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2022-04-20] CHR Extension: (Accessibility Developer Tools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fpkknkljclfencbdbgkenhalefipecmb [2021-10-01] CHR Extension: (Authy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-10-01] CHR Extension: (+ GGather) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gafpjkhbdpfnmlhddohonnainilaoehb [2021-10-01] CHR Extension: (Edytor Office) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2022-04-20] CHR Extension: (Dokumenty Google offline) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20] CHR Extension: (VPN Free - Betternet Unlimited VPN Proxy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gjknjjomckknofjidppipffbpoekiipm [2021-10-01] CHR Extension: (Ninja Download Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gklhnpfkcfpkjcihhjbgmhgkcajamlmd [2021-10-01] CHR Extension: (Zapisz na Dysku Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2021-10-01] CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2022-04-20] CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2022-04-20] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-04-20] CHR Extension: (Aparat) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2021-10-01] CHR Extension: (ToS;DR Search) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hjdoplcnndgiblooccencgcggcoihigg [2021-10-01] CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2021-11-24] CHR Extension: (ModHeader) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2022-04-20] CHR Extension: (Kreator aplikacji Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ighkikkfkalojiibipjigpccggljgdff [2021-10-01] CHR Extension: (WhatFont) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-10-01] CHR Extension: (Apollo Client Devtools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jdkknkkbebbapilgoeccciglkfbmbnfm [2021-10-17] CHR Extension: (Volume Master - kontroler głośności) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2022-01-17] CHR Extension: (Floating for YouTube™) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2021-10-01] CHR Extension: (Web Scraper - Free Web Scraping) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jnhgnonknehpejjnehehllkliplmbmhn [2021-10-23] CHR Extension: (Grid Ruler) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\joadogiaiabhmggdifljlpkclnpfncmj [2021-10-01] CHR Extension: (Private Internet Access) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jplnlifepflhkbkgonidnobkakhmpnmh [2022-04-20] CHR Extension: (Grammarly for Chrome) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-20] CHR Extension: (Copy Folder) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kfbicpdhiofpicipfggljdhjokjblnhl [2021-10-01] CHR Extension: (Forest: stay focused, be present) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kjacjjdnoddnpbbcjilcajfhhbdhkpgk [2022-04-20] CHR Extension: (StayFocusd) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2021-10-01] CHR Extension: (Allow CORS: Access-Control-Allow-Origin) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lhobafahddgcelffkeicbaginigeejlf [2021-10-01] CHR Extension: (Loom – Free Screen and Cam Recorder) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-04-20] CHR Extension: (Redux DevTools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmhkpmbekcpmknklioeibfkpmmfibljd [2022-04-20] CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2021-10-01] CHR Extension: (Chrono menadżer pobierania) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-10-01] CHR Extension: (BrowserStack Local) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mfiddfehmfdojjfdpfngagldgaaafcfo [2021-10-01] CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2022-04-20] CHR Extension: (Open-as-Popup) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ncppfjladdkdaemaghochfikpmghbcpc [2021-10-01] CHR Extension: (Vue.js devtools) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nhdogjmejiglipccpnnnanhbledajbpd [2022-04-20] CHR Extension: (Niesamowity zrzut ekranu i rejestrator ekranu) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2022-04-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01] CHR Extension: (Checker Plus for Gmail™) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2022-04-20] CHR Extension: (Neater Bookmarks) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2021-10-01] CHR Extension: (TYPO3 - BE/FE/Env Handy Switcher) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ohemimdlihjdeacgbccdkafckackmcmn [2021-12-15] CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2021-10-01] CHR Extension: (ScriptSafe) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2021-10-01] CHR Extension: (User CSS) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\okpjlejfhacmgjkmknjhadmkdbcldfcb [2021-10-01] CHR Extension: (Proxy SwitchyOmega) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\padekgcemlokbadohgkifijomclgjgif [2021-10-01] CHR Extension: (TDFB) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pffbbpegcmjjkgkefanlcbklhgkmlfoj [2021-10-01] CHR Extension: (Evernote Web Clipper) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2022-04-20] CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-01] CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-04-03] CHR Extension: (Prezentacje) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-04] CHR Extension: (Dokumenty) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-04] CHR Extension: (Dysk Google) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-04] CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-04] CHR Extension: (Adobe Acrobat: edycja plików PDF, konwertowanie, narzędzia podpisywania) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-03] CHR Extension: (Arkusze) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-04] CHR Extension: (Dokumenty Google offline) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-03] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-04-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-04] CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-04] CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-24] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "EasyAntiCheatSys" => service could not be unlocked. <==== ATTENTION HKLM\SYSTEM\ControlSet001\Services\EasyAntiCheatSys => C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [7450648 2022-04-24] (EasyAntiCheat Oy -> EasyAntiCheat Oy) <==== ATTENTION (Rootkit!/Locked Service) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-24] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AOCDTAOCGMenuService; C:\Program Files\Portrait Displays\AOC G-Menu\DisplayTuneService.exe [212768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-09-23] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2021-12-15] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-05] (Epic Games Inc. -> Epic Games, Inc.) R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [42488 2017-11-02] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11458168 2022-04-14] (Logitech Inc -> Logitech, Inc.) S3 LxssManagerUser; C:\Windows\system32\lxss\wslclient.dll [301056 2022-03-09] (Microsoft Windows -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-01] (Malwarebytes Inc -> Malwarebytes) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-04-21] (TEFINCOM S.A. -> TEFINCOM S.A.) S3 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice64.exe [898560 2021-05-26] (NoMachine S.a.r.l. -> ) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2574168 2022-04-19] (Overwolf Ltd -> Overwolf LTD) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2020144 2021-10-01] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [33728 2021-12-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 AMDRyzenMasterDriverV19; C:\Windows\system32\AMDRyzenMasterDriver.sys [43336 2022-03-17] (Advanced Micro Devices INC. -> Advanced Micro Devices) R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\amdkmdag.sys [90150488 2022-04-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-01-11] (Bluestack Systems, Inc -> Bluestack System Inc.) R2 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [826360 2017-11-02] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [33528 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech) R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [21704 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech) R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [62904 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223688 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-04-01] (Malwarebytes Inc -> Malwarebytes) S3 MpKsl5a7af463; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B9BD2212-C7AD-43CD-AE27-369C27709E33}\MpKslDrv.sys [137464 2022-04-24] (Microsoft Windows -> Microsoft Corporation) R2 NDivert; C:\Windows\System32\drivers\NDivert.sys [105184 2021-03-28] (TEFINCOM S.A. -> ) R3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2021-05-20] (TEFINCOM S.A. -> WireGuard LLC) R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.) R2 nxaudio; C:\Windows\system32\drivers\nxaudio.sys [38200 2019-10-08] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine) R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [66032 2020-02-18] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine) R2 nxusbf; C:\Windows\System32\drivers\nxusbf.sys [122880 2020-05-19] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine) R3 nxusbh; C:\Windows\System32\drivers\nxusbh.sys [151040 2020-05-19] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine) R3 nxusbs; C:\Windows\System32\drivers\nxusbs.sys [30208 2020-05-19] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine) S3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1049936 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation) R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation) S3 HWiNFO_161; \??\C:\Users\Dan\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-04-24 22:32 - 2022-04-24 22:32 - 000024552 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_64937375998546.dll 2022-04-24 22:19 - 2022-04-24 22:19 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk 2022-04-24 22:11 - 2022-04-24 22:11 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2022-04-24 22:11 - 2022-04-24 22:11 - 000001356 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2022-04-24 22:07 - 2022-04-24 22:07 - 000000000 ____D C:\Users\Dan\Documents\dnd export 2022-04-24 22:06 - 2022-04-24 22:06 - 000000000 ____D C:\Users\Dan\Documents\motioncam-tools-win-0.13 2022-04-24 22:05 - 2022-04-24 22:06 - 033513118 _____ C:\Users\Dan\Documents\motioncam-tools-win-0.13.zip 2022-04-24 21:59 - 2022-04-24 22:06 - 3612537122 _____ C:\Users\Dan\Documents\VIDEO_20220424_192458.0.container 2022-04-24 21:16 - 2022-04-24 21:16 - 002366976 _____ (Farbar) C:\Users\Dan\Documents\FRST64.exe 2022-04-23 20:04 - 2022-04-23 20:04 - 000003790 _____ C:\Windows\system32\Tasks\LastPassUpdater 2022-04-23 20:04 - 2022-04-23 20:04 - 000001108 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk 2022-04-23 20:04 - 2022-04-23 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass 2022-04-22 01:55 - 2022-04-22 01:55 - 000000000 ____D C:\Users\Dan\Documents\Teardown 2022-04-22 01:54 - 2022-04-22 02:55 - 000000000 ____D C:\Users\Dan\AppData\Local\Teardown 2022-04-20 10:11 - 2022-04-20 10:11 - 000038033 _____ C:\Users\Dan\Downloads\Faktura_PL3938562.pdf 2022-04-20 10:10 - 2022-04-20 10:10 - 000038033 _____ C:\Users\Dan\Documents\Faktura_PL3938562.pdf 2022-04-20 10:07 - 2022-04-20 10:07 - 000022916 _____ C:\Users\Dan\Downloads\INVWR2022-1467.PDF 2022-04-20 10:06 - 2022-04-20 10:06 - 000058701 _____ C:\Users\Dan\Downloads\Adobe_Transaction_No_2129739409_20220316.pdf 2022-04-20 10:05 - 2022-04-20 10:05 - 000029530 _____ C:\Users\Dan\Downloads\GCPLD0000657782.pdf 2022-04-20 10:05 - 2022-04-20 10:05 - 000029481 _____ C:\Users\Dan\Downloads\GCPLD0000718115.pdf 2022-04-20 10:04 - 2022-04-20 10:04 - 000085240 _____ C:\Users\Dan\Downloads\faktura_3_2022_31-03-2022.pdf 2022-04-14 22:34 - 2022-04-14 22:34 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk 2022-04-14 22:34 - 2022-04-14 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2022-04-13 11:14 - 2022-04-13 11:14 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2022-04-13 11:14 - 2022-04-13 11:14 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2022-04-13 11:14 - 2022-04-13 11:14 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2022-04-13 11:14 - 2022-04-13 11:14 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-04-13 11:11 - 2022-04-13 11:11 - 000000000 ___HD C:\$WinREAgent 2022-04-13 05:49 - 2022-04-13 05:49 - 000000000 ___SH C:\Users\Public\Shared Files 2022-04-13 01:11 - 2022-04-13 01:11 - 000000380 _____ C:\Users\Dan\Desktop\Sid Meier's Civilization VI.url 2022-04-13 00:56 - 2022-04-13 00:56 - 000000354 _____ C:\Users\Dan\Desktop\Fortnite.url 2022-04-10 01:27 - 2022-04-10 01:27 - 001185484 _____ C:\Windows\Minidump\041022-8125-01.dmp 2022-04-10 00:59 - 2022-04-10 00:59 - 000024552 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_46770405357753.dll 2022-04-09 23:27 - 2022-04-09 23:27 - 093094045 _____ (The Monero Developer Community ) C:\Users\Dan\Downloads\monero-gui-install-win-x64-v0.17.3.1.exe 2022-04-09 23:13 - 2022-04-09 23:13 - 000000000 ____D C:\Users\Dan\Documents\Max 8 2022-04-09 23:13 - 2022-04-09 23:13 - 000000000 ____D C:\Users\Dan\Documents\Ableton 2022-04-09 23:13 - 2022-04-09 23:13 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Cycling '74 2022-04-09 23:13 - 2022-04-09 23:13 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Ableton 2022-04-09 23:13 - 2022-04-09 23:13 - 000000000 ____D C:\Users\Dan\AppData\Local\Ableton 2022-04-09 23:13 - 2022-04-09 23:13 - 000000000 ____D C:\ProgramData\Max 8 2022-04-09 23:11 - 2022-04-09 23:12 - 000645729 _____ (WDS Team) C:\Users\Dan\Documents\windirstat1_1_2_setup.exe 2022-04-09 21:29 - 2022-04-09 21:29 - 000223688 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2022-04-06 17:40 - 2022-04-06 17:40 - 617372659 _____ (SimBin ) C:\Users\Dan\Documents\Volvo_TheGame_1.0_Setup_(dobreprogramy.pl).exe 2022-04-06 17:40 - 2022-04-06 17:40 - 005260248 _____ (InstBase S.R.L.) C:\Users\Dan\Downloads\Volvo The Game _vA5b.exe 2022-04-03 22:26 - 2022-04-03 22:26 - 002972447 _____ C:\Users\Dan\Downloads\kunda1990.pdf 2022-04-03 22:14 - 2022-04-03 22:14 - 002572596 _____ C:\Users\Dan\Documents\Wartosc_poznawcza_badan_empirycznych.pdf 2022-04-03 21:56 - 2022-04-03 21:56 - 006323921 _____ C:\Users\Dan\Documents\Czy-władza-szczęście-daje-Władza-a-nastrój-emocje-i-satysfakcja-z-życia.-Przegląd-Psychologiczny-T.-53-nr-2-s.-125143.pdf 2022-04-02 23:12 - 2022-04-02 23:12 - 000024552 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_4548387120826.dll 2022-04-02 03:06 - 2022-04-02 03:06 - 000000000 ____D C:\Users\Dan\AppData\Local\ATI 2022-04-02 03:03 - 2022-04-02 03:03 - 000003114 _____ C:\Windows\system32\Tasks\AMDInstallLauncher 2022-04-02 02:57 - 2022-04-02 02:57 - 000003102 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2022-04-02 02:57 - 2022-04-02 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2022-04-02 02:56 - 2022-04-02 03:05 - 000000000 ____D C:\ProgramData\AMD 2022-04-02 02:56 - 2022-04-02 02:56 - 000003160 _____ C:\Windows\system32\Tasks\StartCN 2022-04-02 02:56 - 2022-04-02 02:56 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR 2022-04-02 02:56 - 2022-04-02 02:56 - 000002622 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask 2022-04-02 02:56 - 2022-04-02 02:56 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\AMD 2022-04-02 02:56 - 2022-04-02 02:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition 2022-04-02 02:56 - 2022-04-02 02:46 - 000101392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys 2022-04-02 02:56 - 2022-03-22 23:36 - 002901560 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe 2022-04-02 02:49 - 2022-04-02 02:56 - 000000000 ____D C:\Program Files\AMD 2022-04-02 02:47 - 2022-04-02 02:47 - 000000000 ____D C:\Users\Dan\AppData\Roaming\ATI 2022-04-02 02:46 - 2022-04-02 02:46 - 090032216 _____ C:\Windows\system32\amd_comgr.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 074244696 _____ C:\Windows\SysWOW64\amd_comgr32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 069194840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 056704640 _____ C:\Windows\system32\amdxc64.so 2022-04-02 02:46 - 2022-04-02 02:46 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap 2022-04-02 02:46 - 2022-04-02 02:46 - 003437632 _____ C:\Windows\system32\atiumd6a.cap 2022-04-02 02:46 - 2022-04-02 02:46 - 001963608 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 001963608 _____ C:\Windows\system32\vulkaninfo.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 001690456 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001528920 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiacm64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001520216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 001520216 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 001434232 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001434232 _____ C:\Windows\system32\vulkan-1.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001406552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001406552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001368784 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001145808 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 001145808 _____ C:\Windows\SysWOW64\vulkan-1.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000934488 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000883264 _____ (AMD) C:\Windows\system32\atieclxx.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000789592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000761944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000666712 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000571400 _____ C:\Windows\SysWOW64\atiapfxx.blb 2022-04-02 02:46 - 2022-04-02 02:46 - 000571400 _____ C:\Windows\system32\atiapfxx.blb 2022-04-02 02:46 - 2022-04-02 02:46 - 000551000 _____ C:\Windows\system32\amdgfxinfo64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000550464 _____ C:\Windows\system32\GameManager64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000538136 _____ C:\Windows\system32\amdmiracast.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000518232 _____ C:\Windows\system32\atieah64.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000493144 _____ C:\Windows\system32\dgtrayicon.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000484952 _____ C:\Windows\system32\EEURestart.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000461400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000459352 _____ C:\Windows\system32\amdlogum.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000414296 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000411712 _____ C:\Windows\SysWOW64\GameManager32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000386136 _____ C:\Windows\SysWOW64\atieah32.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000336984 _____ C:\Windows\system32\clinfo.exe 2022-04-02 02:46 - 2022-04-02 02:46 - 000253504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000212544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000194504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000186944 _____ C:\Windows\system32\mantle64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000171096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000170048 _____ C:\Windows\system32\mantleaxl64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000159296 _____ (AMD) C:\Windows\system32\atimuixx.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000158936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000151648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000148032 _____ C:\Windows\SysWOW64\mantle32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000142936 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000141264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000141264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000133720 _____ C:\Windows\SysWOW64\mantleaxl32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000133720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000132184 _____ C:\Windows\system32\atidxx64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000126648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000126040 _____ C:\Windows\system32\amdxc64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000123480 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000112648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000112624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000106072 _____ C:\Windows\SysWOW64\atidxx32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000100952 _____ C:\Windows\SysWOW64\amdxc32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000083544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000068184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000063064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000039512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000036440 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000020984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll 2022-04-02 02:46 - 2022-04-02 02:46 - 000020984 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll 2022-04-02 02:46 - 2021-12-13 21:01 - 000591792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrsr.exe 2022-04-02 02:46 - 2021-12-13 21:01 - 000164800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendr.sys 2022-04-02 02:46 - 2021-12-13 21:01 - 000033728 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendrmgr.sys 2022-04-02 02:46 - 2021-11-01 07:12 - 000246176 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys 2022-04-02 02:46 - 2021-08-17 18:34 - 000065168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdxe.sys 2022-04-02 01:17 - 2022-04-02 02:46 - 001874008 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2022-04-02 01:17 - 2022-04-02 02:46 - 000202720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll 2022-04-02 01:17 - 2022-04-02 02:46 - 000169248 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll 2022-04-02 01:17 - 2022-03-16 03:42 - 000139720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll 2022-04-02 01:17 - 2022-03-16 03:42 - 000115632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll 2022-04-02 01:17 - 2022-03-16 03:16 - 000010702 _____ C:\Windows\system32\atiacmLocalisation.ini 2022-04-02 01:17 - 2022-01-14 23:44 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat 2022-04-02 01:17 - 2022-01-14 23:44 - 000204952 _____ C:\Windows\system32\ativvsvl.dat 2022-04-02 01:17 - 2022-01-14 23:44 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat 2022-04-02 01:17 - 2022-01-14 23:44 - 000157144 _____ C:\Windows\system32\ativvsva.dat 2022-04-02 01:17 - 2022-01-14 23:44 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin 2022-04-02 01:17 - 2022-01-14 23:44 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin 2022-04-02 01:17 - 2022-01-14 23:44 - 000128048 _____ C:\Windows\system32\kapp_ci.sbin 2022-04-02 01:17 - 2022-01-14 23:44 - 000121168 _____ C:\Windows\system32\kapp_si.sbin 2022-04-02 01:17 - 2022-01-14 23:44 - 000012344 _____ C:\Windows\system32\brandingWS_RSX.bmp 2022-04-02 01:17 - 2022-01-14 23:44 - 000012344 _____ C:\Windows\system32\brandingRSX.bmp 2022-04-02 01:17 - 2022-01-14 23:44 - 000000822 _____ C:\Windows\system32\branding.bmp 2022-04-02 01:17 - 2022-01-14 23:43 - 000076237 _____ C:\Windows\system32\AMDKernelEvents.man 2022-04-02 01:14 - 2022-04-02 01:14 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AMD 2022-04-02 01:14 - 2022-04-02 01:14 - 000000000 ____D C:\Users\Dan\AppData\Local\setup 2022-04-02 01:14 - 2022-04-02 01:14 - 000000000 ____D C:\Program Files (x86)\AMD 2022-04-02 01:13 - 2022-04-02 01:13 - 039548016 _____ (AMD Inc.) C:\Users\Dan\Documents\amd-software-adrenalin-edition-22.3.2-minimalsetup-220323_web.exe 2022-04-02 00:03 - 2022-04-02 00:03 - 000299474 _____ C:\Users\Dan\Documents\obs-multi-rtmp-setup.exe 2022-04-02 00:03 - 2022-04-02 00:03 - 000000000 ____D C:\ProgramData\obs-studio 2022-04-01 23:55 - 2022-04-12 04:04 - 000000000 ____D C:\Users\Dan\AppData\Roaming\obs-studio 2022-04-01 23:55 - 2022-04-01 23:55 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2022-04-01 23:55 - 2022-04-01 23:55 - 000000000 ____D C:\ProgramData\obs-studio-hook 2022-04-01 23:55 - 2022-04-01 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2022-04-01 23:55 - 2022-04-01 23:55 - 000000000 ____D C:\Program Files\obs-studio 2022-04-01 23:50 - 2022-04-01 23:50 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-04-01 22:26 - 2022-04-01 22:26 - 000000000 ____D C:\Users\Dan\Documents\Bandicam 2022-04-01 22:26 - 2022-04-01 22:26 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Bandicam Company 2022-04-01 22:25 - 2022-04-01 22:25 - 031848192 _____ (Bandicam Company) C:\Users\Dan\Documents\bdcamsetup.exe 2022-04-01 22:23 - 2022-04-01 22:23 - 117961440 _____ (OBS Project) C:\Users\Dan\Documents\OBS-Studio-27.2.4-Full-Installer-x64.exe 2022-03-31 23:09 - 2022-03-31 23:09 - 483208432 _____ (AMD Inc.) C:\Users\Dan\Downloads\radeon-software-adrenalin-2020-21.5.2-win10-64bit-legacyasics-june21-legacy.exe 2022-03-31 23:08 - 2022-03-31 23:08 - 483208432 _____ (AMD Inc.) C:\Users\Dan\Documents\radeon-software-adrenalin-2020-21.5.2-win10-64bit-legacyasics-june21-legacy.exe 2022-03-31 23:04 - 2022-03-31 23:04 - 007444880 _____ (TechPowerUp (www.techpowerup.com)) C:\Users\Dan\Documents\GPU-Z.2.45.0.exe 2022-03-31 23:04 - 2022-03-31 23:04 - 000001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk 2022-03-31 23:04 - 2022-03-31 23:04 - 000001036 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk 2022-03-31 23:04 - 2022-03-31 23:04 - 000000000 ____D C:\Program Files (x86)\GPU-Z 2022-03-31 22:35 - 2022-03-31 22:35 - 000000000 ____D C:\Users\Dan\AppData\Local\AMDSoftwareInstaller 2022-03-31 03:51 - 2022-03-31 03:53 - 000000000 ____D C:\a 2022-03-31 03:45 - 2022-03-31 03:45 - 000000000 ____D C:\Users\Dan\AppData\Local\Package Cache 2022-03-31 03:44 - 2022-03-31 03:44 - 000523303 _____ C:\Users\Dan\Documents\gibMacOS-master.zip 2022-03-31 03:44 - 2022-03-31 03:44 - 000000000 ____D C:\Users\Dan\Documents\gibMacOS-master 2022-03-31 02:11 - 2022-03-31 02:11 - 563512520 _____ (AMD Inc.) C:\Users\Dan\Documents\whql-amd-software-adrenalin-edition-22.3.1-win10-win11-march17.exe 2022-03-30 02:32 - 2022-03-30 02:35 - 3721481711 _____ C:\Users\Dan\Documents\RBR 2020 Base Mod V3.7 NGP 6 FMOD.zip 2022-03-28 22:29 - 2022-03-28 22:29 - 000024552 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_5876359885317.dll 2022-03-25 01:44 - 2022-03-25 01:44 - 000066694 _____ C:\Users\Dan\Documents\Shortcut.txt 2022-03-25 01:43 - 2022-03-25 01:44 - 000075070 _____ C:\Users\Dan\Documents\Addition.txt 2022-03-25 01:42 - 2022-04-24 22:52 - 000061489 _____ C:\Users\Dan\Documents\FRST.txt 2022-03-25 01:41 - 2022-04-24 22:52 - 000000000 ____D C:\FRST ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-04-24 22:52 - 2022-01-12 01:53 - 000000000 ____D C:\Program Files (x86)\Steam 2022-04-24 22:49 - 2021-09-30 02:00 - 000000000 ____D C:\Users\Dan\AppData\Local\LGHUB 2022-04-24 22:48 - 2021-05-17 02:30 - 000000533 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2022-04-24 22:48 - 2021-05-17 00:03 - 000000000 ____D C:\Program Files (x86)\Google 2022-04-24 22:47 - 2021-09-30 02:00 - 000000000 ____D C:\Users\Dan\AppData\Roaming\LGHUB 2022-04-24 22:47 - 2021-08-08 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Slack 2022-04-24 22:47 - 2021-05-29 14:34 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Spotify 2022-04-24 22:47 - 2021-05-17 02:02 - 000000000 ___RD C:\Users\Dan\Creative Cloud Files 2022-04-24 22:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-04-24 22:46 - 2021-05-29 16:45 - 000000000 ____D C:\Program Files\TeamViewer 2022-04-24 22:46 - 2021-05-17 00:00 - 000000000 ____D C:\Users\Dan 2022-04-24 22:46 - 2021-05-16 23:54 - 000008192 ___SH C:\DumpStack.log.tmp 2022-04-24 22:46 - 2020-11-19 01:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-04-24 22:46 - 2020-11-19 00:38 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-04-24 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2022-04-24 22:45 - 2021-07-30 10:29 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-04-24 22:42 - 2021-05-29 14:34 - 000000000 ____D C:\Users\Dan\AppData\Local\Spotify 2022-04-24 22:20 - 2021-05-17 00:01 - 000000000 ____D C:\Users\Dan\AppData\Local\Packages 2022-04-24 22:20 - 2020-11-19 01:43 - 000000000 ____D C:\ProgramData\Packages 2022-04-24 22:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-04-24 22:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2022-04-24 22:19 - 2021-05-17 01:59 - 000000000 ____D C:\Program Files\Adobe 2022-04-24 22:18 - 2021-05-17 01:59 - 000000000 ____D C:\ProgramData\Adobe 2022-04-24 22:18 - 2021-05-17 01:59 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-04-24 22:11 - 2021-05-17 01:59 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-04-24 19:40 - 2021-10-09 23:40 - 000004408 _____ C:\Windows\system32\Tasks\Overwolf Updater Task 2022-04-24 19:40 - 2021-10-09 23:40 - 000000000 ____D C:\Program Files (x86)\Overwolf 2022-04-24 17:47 - 2021-05-17 00:01 - 001768984 _____ C:\Windows\system32\PerfStringBackup.INI 2022-04-24 17:47 - 2019-12-07 17:09 - 000784578 _____ C:\Windows\system32\perfh015.dat 2022-04-24 17:47 - 2019-12-07 17:09 - 000152474 _____ C:\Windows\system32\perfc015.dat 2022-04-24 17:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2022-04-24 03:15 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-04-23 20:04 - 2021-11-22 17:58 - 000000000 ____D C:\Program Files (x86)\LastPass 2022-04-23 20:01 - 2021-11-20 17:21 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2022-04-23 20:01 - 2020-11-19 01:41 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-23 20:01 - 2020-11-19 01:41 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-04-22 01:53 - 2021-10-03 14:20 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-04-20 21:26 - 2021-05-17 00:03 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-04-20 21:26 - 2021-05-17 00:03 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-04-20 21:21 - 2021-05-17 00:03 - 000003570 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-04-20 21:21 - 2021-05-17 00:03 - 000003446 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-04-20 10:02 - 2021-09-08 02:41 - 000000000 ____D C:\Users\Dan\AppData\Local\AMD_Common 2022-04-20 09:50 - 2021-12-11 01:12 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2582668551-3615273048-1737077342-1001 2022-04-20 09:50 - 2021-08-08 23:25 - 000002238 _____ C:\Users\Dan\Desktop\Slack.lnk 2022-04-20 09:50 - 2021-08-08 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc 2022-04-20 09:50 - 2021-08-08 23:25 - 000000000 ____D C:\Users\Dan\AppData\Local\SquirrelTemp 2022-04-20 09:50 - 2021-08-08 23:25 - 000000000 ____D C:\Users\Dan\AppData\Local\slack 2022-04-20 09:50 - 2021-05-17 00:02 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2582668551-3615273048-1737077342-1001 2022-04-20 09:50 - 2021-05-17 00:00 - 000002422 _____ C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-14 22:34 - 2021-09-30 02:00 - 000000000 ____D C:\Program Files\LGHUB 2022-04-14 01:30 - 2021-09-26 20:30 - 000000000 ____D C:\Users\Dan\AppData\Roaming\obsidian 2022-04-13 17:40 - 2021-05-17 02:24 - 000000000 ____D C:\Program Files\Hyper-V 2022-04-13 17:40 - 2020-11-19 00:38 - 000287600 _____ C:\Windows\system32\FNTCACHE.DAT 2022-04-13 17:40 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-04-13 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2022-04-13 11:16 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2022-04-13 11:11 - 2021-05-19 01:44 - 000000000 ____D C:\Windows\system32\MRT 2022-04-13 11:09 - 2021-05-19 01:44 - 143823848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-04-13 05:49 - 2019-12-07 11:14 - 000000000 __SHD C:\Users\Public\Libraries 2022-04-13 00:11 - 2021-09-23 23:35 - 000000000 ____D C:\Program Files\Epic Games 2022-04-12 23:06 - 2021-10-20 04:54 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2022-04-12 23:06 - 2021-10-20 04:54 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-04-12 02:31 - 2021-05-23 00:49 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps 2022-04-10 21:53 - 2021-05-17 00:01 - 000000000 ____D C:\Users\Dan\AppData\Local\D3DSCache 2022-04-10 01:27 - 2022-01-24 01:13 - 2732739571 _____ C:\Windows\MEMORY.DMP 2022-04-10 01:27 - 2021-11-06 22:30 - 000000000 ____D C:\Windows\Minidump 2022-04-09 23:27 - 2021-11-23 03:43 - 000000961 _____ C:\Users\Public\Desktop\GUI Wallet.lnk 2022-04-09 23:27 - 2021-11-23 03:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet 2022-04-09 23:27 - 2021-11-23 03:43 - 000000000 ____D C:\Program Files\Monero GUI Wallet 2022-04-09 23:12 - 2021-11-23 03:46 - 000001104 _____ C:\Users\Dan\Desktop\WinDirStat.lnk 2022-04-09 23:08 - 2021-09-19 23:48 - 000000000 ____D C:\Users\Dan\AppData\Local\UnrealEngine 2022-04-08 03:02 - 2020-11-19 01:39 - 000000000 ____D C:\Windows\system32\Drivers\wd 2022-04-06 17:28 - 2020-11-19 01:41 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-06 17:28 - 2020-11-19 01:41 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-06 17:22 - 2021-05-19 01:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-04-05 02:24 - 2021-05-17 00:28 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Code 2022-04-05 02:12 - 2021-11-14 22:54 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Figma 2022-04-03 16:19 - 2021-05-17 00:27 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2022-04-03 05:14 - 2021-05-17 00:01 - 000000000 ____D C:\Users\Dan\AppData\Local\AMD 2022-04-03 04:59 - 2021-05-17 00:00 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2022-04-02 22:52 - 2022-03-19 16:29 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\IGDump 2022-04-02 02:46 - 2021-09-08 02:36 - 000000000 ____D C:\AMD 2022-04-02 01:15 - 2021-09-08 02:38 - 000000000 ____D C:\Users\Dan\AppData\Local\cache 2022-03-31 23:15 - 2021-05-17 00:00 - 000000000 ____D C:\Windows\system32\AMD 2022-03-27 20:52 - 2021-05-17 02:25 - 000001162 _____ C:\Windows\system32\config\VSMIDK ==================== Files in the root of some directories ======== 2021-05-17 02:13 - 2021-05-17 02:13 - 000000000 _____ () C:\Users\Dan\AppData\Local\oobelibMkey.log 2021-10-18 03:29 - 2022-01-04 16:46 - 000000128 _____ () C:\Users\Dan\AppData\Local\PUTTY.RND 2021-10-25 15:04 - 2021-10-25 15:04 - 000007593 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================