Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2022 02
Ran by Karen (administrator) on HPPC (HP HP Desktop M01-F1xxx) (18-04-2022 05:11:57)
Running from C:\Users\Karen\Desktop
Loaded Profiles: Karen
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\GlassWire\GWCtlSrv.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\BridgeCommunication.exe
(DriverStore\FileRepository\u0373572.inf_amd64_20b1fa37f72a81a5\B372529\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373572.inf_amd64_20b1fa37f72a81a5\B372529\atieclxx.exe
(explorer.exe ->) (Lansweeper -> Fing Ltd) C:\Program Files\Fing\Fing.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) () [File not signed] C:\Program Files\PrivateWin10\PrivateService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373572.inf_amd64_20b1fa37f72a81a5\B372529\atiesrxx.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe <3>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fshoster64.exe <2>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fsorsp64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fsulprothoster.exe
(services.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\101.0.4951.13\remoting_host.exe <2>
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (Lansweeper -> Fing Limited) C:\Program Files\Fing\resources\extraResources\fingagent.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c3f6cdb5c1120dad\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\ad2f1837.myhp_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.581_none_0484ba814ca7afc5\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKU\S-1-5-21-3156834934-4281094725-2595025550-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [9763272 2022-02-18] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-3156834934-4281094725-2595025550-1001\...\Run: [electron.app.Fing] => C:\Program Files\Fing\Fing.exe [136142896 2022-03-28] (Lansweeper -> Fing Ltd)
HKU\S-1-5-21-3156834934-4281094725-2595025550-1001\...\Run: [com.fing.app] => C:\Program Files\Fing\Fing.exe [136142896 2022-03-28] (Lansweeper -> Fing Ltd)
HKU\S-1-5-21-3156834934-4281094725-2595025550-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\Karen\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-12] (Google LLC -> Google LLC)
IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe
GroupPolicy: Restriction - Edge <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04B66874-940D-4D88-9B06-8ECE91F1356E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2022-03-28] (HP Inc. -> HP Inc.)
Task: {099C7EC7-DE5F-43C3-A901-ED9C90A9094C} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c3f6cdb5c1120dad\RtkAudUService64.exe [1258568 2021-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {38F76D66-CFB8-47CB-BB2E-919186F74A87} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\Charter Security Suite\fsscan.exe [287896 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
Task: {3FB87084-86FA-4430-ADFF-3D20BBD6B9EA} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {43956FD0-2308-4EDD-8EA0-135A5972742A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4496D305-E9DC-4E03-A451-68F67F605866} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E052D69-6D36-4559-A6CB-4BA06FD2A323} - System32\Tasks\GoogleUpdateTaskMachineUA{6C4BD147-C273-4949-882D-D4C457486DAA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-24] (Google LLC -> Google LLC)
Task: {532EE0A4-AC57-4604-B9C4-DB339A0EB54E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {6D7B2D25-EE69-4412-B1A5-02F2E01B3112} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {6ECF5E95-6DE7-42A0-90CF-3F038ABB1591} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145944 2022-03-28] (HP Inc. -> HP Inc.)
Task: {85D0BD8D-A6C4-47D6-B744-0B2D14D93750} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145944 2022-03-28] (HP Inc. -> HP Inc.)
Task: {8F7BF44A-E93D-4C03-82FC-5F08842350ED} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A970732A-7128-46AB-B645-22A753C33119} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Charter Security Suite\fs_hotfix.exe [291992 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
Task: {B610C874-FC10-45DC-A1D9-3C5944A4FBE6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8A0CE8E-1DB6-43B8-8F62-1D25741E18AF} - System32\Tasks\GoogleUpdateTaskMachineCore{238A8A3C-9172-4284-83FC-B74A68E0EA85} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-24] (Google LLC -> Google LLC)
Task: {CB264D5C-AB5D-485C-ACC3-402ED2836A81} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {DCC99E0F-F493-4E3A-AB83-387AF87F83F8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F068786F-C811-4553-98E4-F0F7D9F6D813} - \Microsoft\XblGameSave\XblGameSaveTask -> No File <==== ATTENTION
Task: {F753C99C-96D1-4052-95A6-DE349C6838E8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Scheduled scanning task.job => C:\Program Files (x86)\Charter Security Suite\fsscan.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1ca66196-4d0c-44be-9e29-12293b2c3645}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3d1e5312-15bd-4e3d-8abc-d0a8b8af0873}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c916ba87-be07-4b6c-91f3-fcfc863fb79b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd157b32-431a-4c64-b3b2-010bcf1ea8dd}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Karen\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-04-18]
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\Karen\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2022-04-05]
Edge Extension: (Microsoft Power Automate) - C:\Users\Karen\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2022-04-02]
Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKU\S-1-5-21-3156834934-4281094725-2595025550-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 9ww690h4.default
FF ProfilePath: C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\9ww690h4.default [2022-03-22]
FF ProfilePath: C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231 [2022-04-18]
FF Extension: (Disconnect) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\2.0@disconnect.me.xpi [2022-04-07]
FF Extension: (Clear Cache) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\clearcache@michel.de.almeida.xpi [2022-03-26]
FF Extension: (OneTab) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\extension@one-tab.com.xpi [2022-04-15]
FF Extension: (File Converter - By Online-Convert.com) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\firefox@online-convert.com.xpi [2022-03-29]
FF Extension: (VT4Browsers) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\info@virustotal.com.xpi [2022-04-08]
FF Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2022-04-02]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-04-08]
FF Extension: (Nimbus Screen Capture: Screenshots, Annotate) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2022-04-02]
FF Extension: (Browsing Protection by F-Secure) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\ols@f-secure.com.xpi [2022-04-12] [UpdateUrl:hxxps://download.sp.f-secure.com/online-safety/updates.json]
FF Extension: (Print Edit WE) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\printedit-we@DW-dev.xpi [2022-04-02]
FF Extension: (Private Bookmarks) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\private-bookmarks@rharel.xpi [2022-03-26]
FF Extension: (Chrome Remote Desktop) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\remotedesktop@google.com.xpi [2022-04-07] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json]
FF Extension: (Tabby - Window and Tab Manager) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\tabby@whatsyouridea.com.xpi [2022-03-26]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-04-13]
FF Extension: (Stylebot) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{52bda3fd-dc48-4b3d-a7b9-58af57879f1e}.xpi [2022-03-26]
FF Extension: (SingleFile) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2022-04-18]
FF Extension: (NoScript) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-04-18]
FF Extension: (History Cleaner) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{a138007c-5ff6-4d10-83d9-0afaf0efbe5e}.xpi [2022-03-26]
FF Extension: (Open Frame) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{c853c31a-d96d-4394-bff3-da25ba9ab8b9}.xpi [2022-04-02] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-04-09]
FF Extension: (No Name) - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5zt05l4.default-release-1648024858231\Extensions\{f6a13550-1f95-4c38-a8fa-fa56c17057f8}.xpi [2022-04-02]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default [2022-04-16]
CHR Notifications: Default -> hxxps://digits.t-mobile.com; hxxps://express.adobe.com; hxxps://www.youtube.com
CHR Extension: (Google Drive) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-24]
CHR Extension: (YouTube) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-24]
CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-03-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-04-08]
CHR Extension: (uBlock Origin) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (VT4Browsers) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2022-04-08]
CHR Extension: (Google Docs Offline) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-24]
CHR Extension: (HTML editor WebStudio for Webpages) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hchpnbmmbepldbfdgbjfigifhobbjcel [2022-03-28]
CHR Extension: (Show Frame) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgcfdnagjkihmgjhbiombjdcgckgnb [2022-04-02]
CHR Extension: (SwiftConverter | Free File Converter) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielmedmaojjcccenembkobaocbikcepl [2022-03-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
CHR Extension: (Disconnect) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2022-04-07]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2022-04-05]
CHR Extension: (Open Frame) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhjgkkaacdhdioocfbpmhjidbinfajj [2022-03-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-24]
CHR Extension: (Print Edit WE) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2022-03-28]
CHR Extension: (Gmail) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-24]
CHR Extension: (f*ck overlays) - C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppedokobpbdajgiejhnjfbdjlgobcpkp [2022-04-06]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
CHR HKU\S-1-5-21-3156834934-4281094725-2595025550-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\101.0.4951.13\remoting_host.exe [72024 2022-03-27] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [234648 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [234648 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fshoster64.exe [415968 2022-04-05] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fshoster64.exe [415968 2022-04-05] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fsorsp64.exe [106136 2022-04-05] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fsulprothoster.exe [415968 2022-04-05] (F-Secure Corporation -> F-Secure Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7289288 2022-02-18] (GlassWire -> SecureMix LLC)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-28] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R2 priv10; C:\Program Files\PrivateWin10\PrivateService.exe [135680 2022-04-07] () [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2203.40000.1.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [229888 2022-04-18] () [File not signed]
R2 Fing.Agent; C:\Program Files\Fing\resources\extraResources\fingagent.exe --servicemode Fing.Agent --agentroot "C:\Users\Karen\AppData\Roaming"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373572.inf_amd64_20b1fa37f72a81a5\B372529\amdkmdag.sys [80513416 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1649176966\fsulgk.sys [398792 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [51736 2022-04-07] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15816 2022-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\Charter Security Suite\Ultralight\nif2\1643898281\nif2s64.sys [172480 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-20] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195024 2022-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [158856 2022-04-18] (Malwarebytes Inc -> Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-03-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [439544 2022-03-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-22] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-18 05:11 - 2022-04-18 05:12 - 000029608 _____ C:\Users\Karen\Desktop\FRST.txt
2022-04-18 05:00 - 2022-04-18 05:00 - 000195024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-04-18 05:00 - 2022-04-18 05:00 - 000158856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-04-18 05:00 - 2022-04-18 05:00 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-04-18 04:59 - 2022-04-18 04:59 - 000000938 _____ C:\Users\Karen\Desktop\mwb.txt
2022-04-18 03:49 - 2022-04-18 03:49 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-18 03:49 - 2022-04-18 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-18 03:49 - 2022-04-18 03:49 - 000000000 ____D C:\Program Files\WinRAR
2022-04-18 03:48 - 2022-04-18 03:48 - 000000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2022-04-18 03:48 - 2022-04-18 03:48 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Notepad++
2022-04-18 03:48 - 2022-04-18 03:48 - 000000000 ____D C:\Program Files\Notepad++
2022-04-18 01:16 - 2022-04-18 05:00 - 000000000 ____D C:\Users\Karen\AppData\Local\PlaceholderTileLogoFolder
2022-04-18 00:54 - 2022-04-18 00:54 - 000000000 ____D C:\Users\Karen\Downloads\TIW11
2022-04-18 00:53 - 2022-04-18 00:53 - 000137166 _____ C:\Users\Karen\Downloads\TIW11.zip
2022-04-17 23:29 - 2022-04-17 23:29 - 000000336 _____ C:\Users\Karen\Desktop\Fixlog.txt
2022-04-17 17:20 - 2022-04-17 17:20 - 000000000 _____ C:\Users\Karen\Desktop\fixlist.txt
2022-04-17 17:14 - 2022-04-10 16:35 - 002365440 _____ (Farbar) C:\Users\Karen\Desktop\FRST64.exe
2022-04-16 17:32 - 2022-04-16 17:32 - 000004415 _____ C:\Users\Karen\Downloads\IMG_20220415_050107_ccexpress.jpeg
2022-04-15 00:53 - 2022-04-15 00:53 - 125991083 _____ C:\Users\Karen\Downloads\screencast-www.joesandbox.com-2022.04.15-00_50_19.webm
2022-04-13 08:40 - 2022-04-13 08:41 - 000000000 ____D C:\Users\Karen\AppData\Local\Notepad
2022-04-13 08:22 - 2022-04-13 08:22 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 08:20 - 2022-04-13 08:20 - 000000000 ___HD C:\$WinREAgent
2022-04-13 06:22 - 2022-04-16 20:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-13 04:25 - 2022-04-13 04:25 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 04:25 - 2022-04-13 04:25 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 04:25 - 2022-04-13 04:25 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 04:25 - 2022-04-13 04:25 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 04:25 - 2022-04-13 04:25 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-04-13 04:25 - 2022-04-13 04:25 - 000000000 ____D C:\Users\Karen\AppData\Local\mbam
2022-04-13 04:25 - 2022-04-13 04:24 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 04:24 - 2022-04-13 04:24 - 002443448 _____ (Malwarebytes) C:\Users\Karen\Downloads\MBSetup(1).exe
2022-04-13 04:24 - 2022-04-13 04:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-12 21:05 - 2022-04-12 21:05 - 000000112 ___SH C:\bootTel.dat
2022-04-12 07:48 - 2022-04-12 07:48 - 001077060 _____ C:\Users\Karen\Downloads\farbar1.pdf
2022-04-12 07:45 - 2022-04-12 07:45 - 000693693 _____ C:\Users\Karen\Downloads\FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials (4_12_2022 7_45_12 AM).html
2022-04-12 07:44 - 2022-04-12 07:44 - 000693840 _____ C:\Users\Karen\Downloads\FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials (4_12_2022 7_44_41 AM).html
2022-04-12 07:44 - 2022-04-12 07:44 - 000693692 _____ C:\Users\Karen\Downloads\FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials (4_12_2022 7_43_55 AM).html
2022-04-12 07:43 - 2022-04-12 07:43 - 000698698 _____ C:\Users\Karen\Downloads\FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials (4_12_2022 7_43_19 AM).html
2022-04-12 07:41 - 2022-04-12 07:41 - 000700208 _____ C:\Users\Karen\Downloads\FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials (4_12_2022 7_41_10 AM).html
2022-04-12 07:31 - 2022-04-12 07:31 - 000000000 _____ C:\Users\Karen\Downloads\732168 (1).pdf
2022-04-12 07:29 - 2022-04-12 07:30 - 000000000 _____ C:\Users\Karen\Downloads\732168.pdf
2022-04-12 06:08 - 2022-04-12 06:08 - 000001120 _____ C:\Users\Karen\Desktop\whatsapp.DMP - Shortcut.lnk
2022-04-11 06:39 - 2022-04-18 04:59 - 000000000 ____D C:\Users\Karen\Downloads\usbdeview-x64
2022-04-11 06:36 - 2022-04-12 17:33 - 000000000 ____D C:\Users\Karen\Downloads\appnetworkcounter-x64
2022-04-11 06:36 - 2022-04-11 06:36 - 000080359 _____ C:\Users\Karen\Downloads\appnetworkcounter-x64.zip
2022-04-11 06:33 - 2022-04-13 08:40 - 000000000 ____D C:\Users\Karen\Downloads\livetcpudpwatch-x64
2022-04-11 06:33 - 2022-04-11 06:33 - 000098250 _____ C:\Users\Karen\Downloads\livetcpudpwatch-x64.zip
2022-04-11 06:27 - 2022-04-11 06:28 - 000000000 ____D C:\Users\Karen\Downloads\tcplogview-x64
2022-04-11 06:27 - 2022-04-11 06:27 - 000102699 _____ C:\Users\Karen\Downloads\tcplogview-x64.zip
2022-04-11 06:26 - 2022-04-11 06:26 - 000124890 _____ C:\Users\Karen\Downloads\usbdeview-x64.zip
2022-04-11 06:20 - 2022-04-11 06:20 - 000000738 _____ C:\Users\Karen\Desktop\User Logon ListREMOTE.txt
2022-04-11 06:11 - 2022-04-11 06:11 - 000000738 _____ C:\Users\Karen\Downloads\User Logon List.html
2022-04-11 06:06 - 2022-04-11 06:06 - 000000738 _____ C:\Users\Karen\Downloads\User Logon ListREMOTE.txt
2022-04-11 05:52 - 2022-04-11 12:12 - 000000000 ____D C:\Users\Karen\Downloads\wifihistoryview
2022-04-11 05:50 - 2022-04-11 05:50 - 000080493 _____ C:\Users\Karen\Downloads\wifihistoryview.zip
2022-04-11 05:47 - 2022-04-12 17:33 - 000000000 ____D C:\Users\Karen\Downloads\winlogonview
2022-04-11 04:42 - 2022-04-11 04:42 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-04-11 04:25 - 2022-04-11 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2022-04-11 04:25 - 2022-04-11 04:25 - 000000000 ____D C:\Program Files (x86)\WinPcap
2022-04-10 19:07 - 2022-04-10 19:07 - 000012560 _____ C:\WINDOWS\system32\tasklist41022.txt
2022-04-10 19:01 - 2022-04-10 19:01 - 000000000 ____D C:\ViveTool
2022-04-10 18:59 - 2022-04-10 18:59 - 000012123 _____ C:\Users\Karen\Downloads\ViVeTool-v0.2.1.zip
2022-04-10 16:42 - 2022-04-12 04:59 - 000035159 _____ C:\Users\Karen\Downloads\Shortcut.txt
2022-04-10 16:41 - 2022-04-12 04:59 - 000081740 _____ C:\Users\Karen\Downloads\Addition.txt
2022-04-10 16:40 - 2022-04-17 17:09 - 000261568 _____ C:\Users\Karen\Downloads\FRST.txt
2022-04-10 16:39 - 2022-04-18 05:12 - 000000000 ____D C:\FRST
2022-04-10 16:35 - 2022-04-10 16:35 - 002365440 _____ (Farbar) C:\Users\Karen\Downloads\FRST64.exe
2022-04-10 15:15 - 2022-04-10 15:16 - 005191992 _____ C:\Users\Karen\Downloads\MyLanViewer_portable.zip
2022-04-10 15:09 - 2022-04-10 15:09 - 000000000 ____D C:\Users\Karen\Downloads\network-ip-scanner
2022-04-10 15:08 - 2022-04-10 15:08 - 002459333 _____ C:\Users\Karen\Downloads\network-ip-scanner.zip
2022-04-10 09:28 - 2022-04-10 09:28 - 000809832 _____ C:\Users\Karen\Downloads\quick-start(2).pdf
2022-04-10 07:06 - 2022-04-10 07:06 - 000002694 _____ C:\Users\Karen\Desktop\Adobe Creative Cloud Express.lnk
2022-04-10 07:06 - 2022-04-10 07:06 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2022-04-10 06:46 - 2022-04-10 06:46 - 000000000 ____D C:\Users\Karen\AppData\Roaming\MightyText
2022-04-08 22:26 - 2022-04-08 22:26 - 000002222 _____ C:\WINDOWS\system32\net48.txt
2022-04-08 22:23 - 2022-04-08 22:23 - 000013340 _____ C:\WINDOWS\system32\tasklist48.txt
2022-04-08 15:44 - 2022-04-08 15:44 - 000142744 _____ C:\Users\Karen\Downloads\vtuploader2.2(1).exe
2022-04-08 15:44 - 2022-04-08 15:44 - 000002155 _____ C:\Users\Karen\Desktop\VirusTotal Uploader 2.2.lnk
2022-04-08 15:44 - 2022-04-08 15:44 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2022-04-08 15:44 - 2022-04-08 15:44 - 000000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2022-04-08 06:56 - 2022-04-12 07:24 - 000000000 ____D C:\Users\Karen\Desktop\Flyer
2022-04-08 06:13 - 2022-04-08 06:13 - 000000000 ____D C:\Users\Karen\Desktop\fsdiag
2022-04-08 06:09 - 2022-04-08 06:09 - 007208890 _____ C:\Users\Karen\Desktop\fsdiag3.zip
2022-04-08 04:26 - 2022-04-08 04:26 - 000000000 ____D C:\LighhouseRocky
2022-04-07 22:24 - 2022-04-07 22:24 - 000001064 _____ C:\Users\Karen\Downloads\my-ublock-backup_2022-04-07_22.24.43.txt
2022-04-07 12:33 - 2022-04-07 12:33 - 000000000 ____D C:\Users\Karen\AppData\LocalLow\Temp
2022-04-07 10:55 - 2022-04-07 10:55 - 000000000 ____D C:\ProgramData\Google
2022-04-07 10:50 - 2022-04-07 10:50 - 000000087 _____ C:\Users\Karen\Desktop\REM.txt
2022-04-07 10:31 - 2022-04-07 10:39 - 019636224 _____ C:\Users\Karen\Downloads\chromeremotedesktophost.msi
2022-04-07 10:22 - 2022-04-07 10:22 - 000000000 ____H C:\Users\Karen\Downloads\Documents\Default.rdp
2022-04-07 08:38 - 2022-04-07 13:35 - 1645791232 _____ C:\Users\Karen\Downloads\Simplewall-0.0.1.iso
2022-04-07 08:38 - 2022-04-07 08:39 - 000809832 _____ C:\Users\Karen\Downloads\quick-start(1).pdf
2022-04-07 08:37 - 2022-04-07 08:38 - 000809832 _____ C:\Users\Karen\Downloads\quick-start.pdf
2022-04-07 08:22 - 2022-04-07 08:37 - 000000000 ____D C:\ProgramData\PrivateWin10
2022-04-07 08:22 - 2022-04-07 08:22 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Private Win10.lnk
2022-04-07 08:22 - 2022-04-07 08:22 - 000000000 ____D C:\Program Files\PrivateWin10
2022-04-07 08:21 - 2022-04-07 08:21 - 002500608 _____ () C:\Users\Karen\Downloads\PrivateWin10-Setup-v0.85.exe
2022-04-07 03:33 - 2022-04-10 06:46 - 000000000 ____D C:\Users\Karen\AppData\Local\MightyText
2022-04-07 03:05 - 2022-04-07 03:05 - 000027864 _____ C:\Users\Karen\Downloads\288cfa680b4cf510e3a93e78ad5f2779.jpeg
2022-04-07 01:15 - 2022-04-07 01:15 - 000000144 _____ C:\Users\Karen\Desktop\net1.txt
2022-04-06 21:16 - 2022-04-06 21:24 - 014549380 _____ C:\Users\Karen\Downloads\sac34173302_2.pdf
2022-04-06 20:58 - 2022-04-10 06:46 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MightyText
2022-04-06 03:55 - 2022-04-06 03:55 - 728939357 _____ C:\Users\Karen\Downloads\msedge (2)(1).DMP
2022-04-06 03:47 - 2022-04-06 03:47 - 000389373 _____ C:\Users\Karen\Downloads\marker_medium_com-the-invention-of-jaywalking-afd48f994c05.pdf
2022-04-06 03:43 - 2022-04-06 03:43 - 000273314 _____ C:\Users\Karen\Downloads\104.26.7.mp4
2022-04-05 16:40 - 2022-04-05 16:40 - 002687561 _____ C:\Users\Karen\Downloads\NetGuard-v2.300-release.apk
2022-04-05 09:13 - 2022-04-16 20:36 - 000000414 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job
2022-04-05 09:13 - 2022-04-14 12:11 - 000003174 _____ C:\WINDOWS\system32\Tasks\Scheduled scanning task
2022-04-05 08:41 - 2022-04-05 08:39 - 000015816 _____ (F-Secure Corporation) C:\WINDOWS\system32\Drivers\fselms.sys
2022-04-05 08:38 - 2022-04-07 07:10 - 000051736 _____ (F-Secure Corporation) C:\WINDOWS\system32\Drivers\fsbts.sys
2022-04-05 08:35 - 2022-04-05 08:35 - 000002053 _____ C:\Users\Public\Desktop\Security Suite.lnk
2022-04-05 08:35 - 2022-04-05 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\F-Secure
2022-04-05 08:35 - 2022-04-05 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charter Security Suite
2022-04-05 08:35 - 2022-04-05 08:35 - 000000000 ____D C:\Program Files (x86)\Charter Security Suite
2022-04-05 08:19 - 2022-04-08 22:21 - 000000000 ____D C:\Users\Karen\AppData\Local\FSDART
2022-04-05 06:22 - 2022-04-05 06:23 - 003009091 _____ C:\Users\Karen\Downloads\Charter D31 eMTA - E31N2V1 User Guide.pdf
2022-04-05 06:22 - 2022-04-05 06:23 - 003009091 _____ C:\Users\Karen\Downloads\Charter D31 eMTA - E31N2V1 User Guide(1).pdf
2022-04-05 05:55 - 2022-04-05 05:55 - 001099523 _____ C:\Users\Karen\Downloads\roku2-xs-uk-qsg.pdf
2022-04-05 01:58 - 2022-04-07 09:08 - 000000000 ____D C:\ProgramData\F-Secure
2022-04-05 01:58 - 2022-04-05 09:19 - 000000000 ____D C:\Users\Karen\AppData\Local\F-Secure
2022-04-05 01:58 - 2022-04-05 01:58 - 000412712 _____ (F-Secure Corporation) C:\Users\Karen\Downloads\CharterOnlineScanner.exe
2022-04-05 01:57 - 2022-04-05 01:57 - 001664664 _____ (F-Secure Corporation) C:\Users\Karen\Downloads\CharterNetworkInstaller_C-JRJNC-D74GZ-HDDEV-TQ8UB-WPXQW_.exe
2022-04-03 15:51 - 2022-04-03 15:51 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-04-03 15:51 - 2022-04-03 15:51 - 000000000 ____D C:\Program Files\MSBuild
2022-04-03 15:51 - 2022-04-03 15:51 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-04-03 15:51 - 2022-04-03 15:51 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-04-03 15:34 - 2022-04-03 15:34 - 000000000 ____D C:\SideSync
2022-04-03 14:24 - 2022-04-15 00:35 - 000000000 ____D C:\Users\Karen\Desktop\screenshots
2022-04-03 13:39 - 2022-04-03 13:39 - 000005710 _____ C:\Users\Karen\Downloads\contacts (1).csv
2022-04-03 13:38 - 2022-04-03 13:38 - 000004143 _____ C:\Users\Karen\Downloads\contacts.csv
2022-04-03 12:03 - 2022-04-03 12:03 - 000013184 _____ C:\Users\Karen\svhostkilled.txt
2022-04-03 12:00 - 2022-04-03 12:00 - 000000766 _____ C:\Users\Karen\4322Noon.txt
2022-04-03 01:01 - 2022-04-03 01:01 - 000001568 _____ C:\Users\Karen\Desktop\4322.txt
2022-04-02 18:27 - 2022-04-02 18:27 - 000000000 ____D C:\Users\Karen\AppData\Local\Apps\2.0
2022-04-02 18:13 - 2022-04-02 18:13 - 002644440 _____ (Advanced Micro Devices, Inc.) C:\Users\Karen\Downloads\amdcleanuputility.exe
2022-04-01 20:37 - 2022-04-01 20:37 - 164843002 _____ C:\Users\Karen\Desktop\GWCtlSrv.exe.5268.dmp
2022-04-01 14:32 - 2022-04-01 14:32 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-01 14:32 - 2022-04-01 14:32 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-01 14:32 - 2022-04-01 14:32 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-01 14:32 - 2022-04-01 14:32 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-01 14:32 - 2022-04-01 14:32 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-01 12:33 - 2022-04-01 12:33 - 000004994 _____ C:\Users\Karen\tasks.txt
2022-04-01 11:21 - 2022-04-01 11:21 - 174657247 _____ C:\Users\Karen\Desktop\GWCtlSrv.exe.4764.dmp
2022-04-01 11:19 - 2022-04-01 11:19 - 000000183 _____ C:\Users\Karen\Desktop\41.txt
2022-04-01 09:28 - 2022-04-10 19:04 - 000000000 ____D C:\Users\Karen\Downloads\lastactivityview
2022-04-01 09:16 - 2022-04-01 12:36 - 000000000 ____D C:\WINDOWS\pss
2022-04-01 02:05 - 2022-04-01 02:05 - 002964806 _____ C:\Users\Karen\Desktop\4.122networkchecknow.txt
2022-03-31 22:19 - 2022-03-31 22:19 - 000129380 _____ C:\Users\Karen\Desktop\331.txt
2022-03-31 22:16 - 2022-03-31 22:16 - 000000473 _____ C:\Users\Karen\Desktop\d.txt
2022-03-31 21:56 - 2022-03-31 21:56 - 000000000 ____D C:\New folder
2022-03-31 16:27 - 2022-03-31 16:27 - 000000000 ____D C:\Program Files\Fing
2022-03-31 15:31 - 2022-03-31 15:31 - 000141406 _____ C:\Users\Karen\Desktop\Linksys Official Support - Setting up the Linksys Dual-Band WiFi Router.htm
2022-03-31 15:31 - 2022-03-31 15:31 - 000000000 ____D C:\Users\Karen\Desktop\Linksys Official Support - Setting up the Linksys Dual-Band WiFi Router_files
2022-03-31 15:31 - 2022-03-31 15:31 - 000000000 _____ C:\Users\Karen\Desktop\1lyc.pdf
2022-03-31 15:30 - 2022-03-31 15:30 - 000000000 _____ C:\Users\Karen\Desktop\lyc.pdf
2022-03-31 10:24 - 2022-03-31 10:15 - 002294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Err_6.4.5.exe
2022-03-31 10:23 - 2022-03-31 10:15 - 002294520 _____ (Microsoft Corporation) C:\WINDOWS\Err_6.4.5.exe
2022-03-31 10:15 - 2022-03-31 10:15 - 002294520 _____ (Microsoft Corporation) C:\Users\Karen\Downloads\Err_6.4.5.exe
2022-03-30 22:54 - 2022-04-12 21:05 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-30 22:51 - 2022-03-30 22:51 - 000000935 _____ C:\Users\Karen\Desktop\cmmd.txt
2022-03-30 14:50 - 2022-03-30 14:50 - 000000000 ____D C:\Users\Karen\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2022-03-30 10:10 - 2022-04-07 10:35 - 000000258 __RSH C:\ProgramData\ntuser.pol
2022-03-30 10:04 - 2022-03-30 10:04 - 000000392 _____ C:\Users\Karen\Downloads\List.txt
2022-03-30 10:03 - 2022-03-30 10:03 - 000000393 _____ C:\Users\Karen\Downloads\gpedit-enabler.bat
2022-03-29 23:07 - 2022-03-29 23:07 - 055024082 _____ C:\Users\Karen\Downloads\svchost (6)(1).DMP
2022-03-29 22:50 - 2022-03-29 22:50 - 728939357 _____ C:\Users\Karen\Downloads\msedge (2).DMP
2022-03-29 22:50 - 2022-03-29 22:50 - 055024082 _____ C:\Users\Karen\Downloads\svchost (6).DMP
2022-03-28 21:37 - 2022-03-28 21:37 - 000002496 _____ C:\Users\Karen\Downloads\adware22.txt
2022-03-28 09:28 - 2022-03-28 09:45 - 049215520 _____ (Samsung) C:\Users\Karen\Downloads\SideSync_4.7.5.203(1).exe
2022-03-27 15:34 - 2022-03-27 15:34 - 000003254 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2022-03-27 12:12 - 2022-03-27 12:12 - 106370834 _____ C:\Users\Karen\BridgeCommunication.DMP
2022-03-27 10:03 - 2022-03-31 14:20 - 000000000 ____D C:\Users\Karen\AppData\Local\vysor
2022-03-27 03:09 - 2022-03-27 03:09 - 000092272 _____ C:\Users\Karen\Downloads\TCP_UDP Ports List.html
2022-03-27 03:07 - 2022-03-27 03:07 - 000003186 _____ C:\Users\Karen\Downloads\Documents\cc.txt
2022-03-27 03:06 - 2022-03-27 03:06 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2022-03-27 03:06 - 2022-03-27 03:06 - 000000000 ____D C:\Users\DefaultAppPool
2022-03-27 03:06 - 2022-03-21 01:15 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\Packages
2022-03-27 03:06 - 2021-06-05 07:04 - 000001281 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-03-27 03:06 - 2021-06-05 07:04 - 000000407 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-03-27 02:27 - 2022-03-27 02:27 - 000020204 _____ C:\Users\Karen\bust.txt
2022-03-27 02:26 - 2022-04-06 00:42 - 000006829 _____ C:\WINDOWS\system32\net.txt
2022-03-26 21:43 - 2022-03-26 21:43 - 002687505 _____ C:\Users\Karen\Downloads\NetGuard no root firewall_v2.300_apkpure.com.apk
2022-03-26 19:52 - 2022-04-18 05:00 - 103546880 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-03-26 19:50 - 2022-03-26 19:52 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-03-26 16:50 - 2022-03-26 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2022-03-26 16:50 - 2022-03-26 16:50 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2022-03-26 16:50 - 2022-03-26 16:50 - 000000000 ____D C:\inetpub
2022-03-26 15:04 - 2022-03-26 15:05 - 006705440 _____ (EnigmaSoft Limited) C:\Users\Karen\Downloads\SpyHunter-Installer.exe
2022-03-26 11:15 - 2022-03-26 11:15 - 000000000 ____D C:\ProgramData\Intel
2022-03-26 10:29 - 2022-03-30 09:29 - 000007647 _____ C:\Users\Karen\AppData\Local\Resmon.ResmonCfg
2022-03-26 09:07 - 2022-03-26 09:07 - 000142744 _____ C:\Users\Karen\Downloads\vtuploader2.2.exe
2022-03-26 05:56 - 2022-03-26 05:56 - 000802135 _____ C:\Users\Karen\Downloads\c78f9967-7a8c-44b0-ad94-732b63c89638 (1).crx
2022-03-26 05:53 - 2022-03-26 05:53 - 000802135 _____ C:\Users\Karen\Downloads\c78f9967-7a8c-44b0-ad94-732b63c89638
2022-03-26 05:12 - 2022-03-26 05:12 - 000006607 _____ C:\Users\Karen\Downloads\FingNetworkExport-20220326-0449(1).xlsx
2022-03-26 05:04 - 2022-03-26 05:04 - 000006607 _____ C:\Users\Karen\Downloads\FingNetworkExport-20220326-0449.xlsx
2022-03-25 23:57 - 2022-03-25 23:57 - 000000381 _____ C:\Users\Karen\x.txt
2022-03-25 17:38 - 2022-03-25 17:39 - 000000000 ____D C:\Users\Karen\AppData\Local\glasswire
2022-03-25 17:38 - 2022-03-25 17:38 - 000001981 _____ C:\Users\Public\Desktop\GlassWire.lnk
2022-03-25 17:38 - 2022-03-25 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2022-03-25 17:38 - 2022-03-25 17:38 - 000000000 ____D C:\Program Files (x86)\GlassWire
2022-03-25 17:38 - 2015-05-29 02:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2022-03-25 17:38 - 2015-05-29 02:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2022-03-25 17:36 - 2022-03-25 17:36 - 000000000 ____N C:\Users\Karen\Downloads\AcronisTrueImageOEM_full_11690(1).exe
2022-03-25 17:24 - 2022-03-26 01:03 - 000000025 _____ C:\WINDOWS\system32\sharehosts.json
2022-03-25 17:24 - 2022-03-26 01:03 - 000000025 _____ C:\WINDOWS\system32\networkhosts.json
2022-03-25 17:24 - 2022-03-26 01:03 - 000000025 _____ C:\WINDOWS\system32\cmpmaphosts.json
2022-03-25 16:41 - 2022-03-25 16:41 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Hewlett-Packard
2022-03-25 13:07 - 2022-04-06 13:08 - 000000000 ____D C:\Users\Karen\Downloads\cports-x64
2022-03-25 12:44 - 2022-03-25 12:44 - 000892048 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2022-03-24 17:07 - 2022-03-24 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2022-03-24 17:07 - 2022-03-24 17:07 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2022-03-24 17:04 - 2022-03-24 17:07 - 017060864 _____ C:\Users\Karen\Downloads\UniversalAdbDriverSetup.msi
2022-03-24 16:33 - 2022-04-07 03:33 - 000000000 ____D C:\Users\Karen\AppData\Local\SquirrelTemp
2022-03-24 16:33 - 2022-03-31 14:20 - 000000000 ____D C:\Users\Karen\AppData\Roaming\vysor
2022-03-24 16:33 - 2022-03-31 14:20 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vysor Inc
2022-03-24 16:33 - 2022-03-24 16:33 - 000000000 ____D C:\Users\Karen\.android
2022-03-24 16:11 - 2022-03-24 16:33 - 115651304 _____ (Vysor Inc.) C:\Users\Karen\Downloads\Vysor-win-4.1.77 (1).exe
2022-03-24 16:05 - 2022-03-24 16:05 - 000039027 _____ C:\Users\Karen\Downloads\147224.pdf
2022-03-24 16:04 - 2022-03-24 16:04 - 000088949 _____ C:\Users\Karen\Downloads\147223.pdf
2022-03-24 16:00 - 2022-03-24 16:00 - 000000000 ____D C:\Users\Karen\AppData\Roaming\MiniTool ShadowMaker
2022-03-24 16:00 - 2022-03-24 16:00 - 000000000 ____D C:\Users\Karen\AppData\Local\MiniTool ShadowMaker
2022-03-24 15:55 - 2022-03-24 15:55 - 000084688 _____ C:\Users\Karen\AppData\LocalLow\wbk995F.tmp
2022-03-24 14:37 - 2022-03-24 14:38 - 000077103 _____ C:\Users\Karen\Downloads\installedpackagesview-x64.zip
2022-03-24 14:27 - 2022-03-24 14:28 - 000094458 _____ C:\Users\Karen\Downloads\taskschedulerview-x64.zip
2022-03-24 14:21 - 2022-03-24 14:21 - 000088232 _____ C:\Users\Karen\Downloads\lastactivityview.zip
2022-03-24 14:19 - 2022-03-24 14:19 - 000069740 _____ C:\Users\Karen\Downloads\winlogonview.zip
2022-03-24 14:12 - 2022-03-24 14:12 - 000149544 _____ C:\Users\Karen\Downloads\regscanner_setup.exe
2022-03-24 14:12 - 2022-03-24 14:12 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft RegScanner
2022-03-24 14:05 - 2022-03-24 14:12 - 000000000 ____D C:\Program Files (x86)\NirSoft
2022-03-24 14:05 - 2022-03-24 14:05 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2022-03-24 14:04 - 2022-03-24 14:04 - 000500408 _____ C:\Users\Karen\Downloads\wnetwatcher_setup.exe
2022-03-24 14:00 - 2022-03-24 14:00 - 000066361 _____ C:\Users\Karen\Downloads\sysexp-x64.zip
2022-03-24 13:54 - 2022-04-13 08:40 - 000000000 ____D C:\Users\Karen\Downloads\deviceioview-x64
2022-03-24 13:49 - 2022-03-24 13:49 - 000085350 _____ C:\Users\Karen\Downloads\deviceioview-x64.zip
2022-03-24 13:37 - 2022-03-24 13:37 - 000131251 _____ C:\Users\Karen\Downloads\cports-x64.zip
2022-03-24 13:32 - 2022-03-24 13:32 - 000044244 _____ C:\Users\Karen\Downloads\netresview.zip
2022-03-24 13:22 - 2022-03-24 13:22 - 000150936 _____ C:\Users\Karen\Downloads\searchmyfiles-x64.zip
2022-03-24 06:02 - 2022-03-24 06:02 - 000155536 _____ C:\Users\Karen\Downloads\uninstall_list.txt
2022-03-24 05:42 - 2022-03-24 05:42 - 000108770 _____ C:\Users\Karen\Downloads\fulleventlogview-x64.zip
2022-03-24 05:01 - 2022-04-12 15:24 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-24 05:01 - 2022-04-12 15:24 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-24 05:01 - 2022-03-24 05:01 - 000000000 ____D C:\Program Files\Google
2022-03-24 04:26 - 2022-03-25 00:04 - 000000993 _____ C:\Users\Karen\Desktop\HJ.lnk
2022-03-24 03:55 - 2022-03-24 03:55 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6C4BD147-C273-4949-882D-D4C457486DAA}
2022-03-24 03:55 - 2022-03-24 03:55 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{238A8A3C-9172-4284-83FC-B74A68E0EA85}
2022-03-24 03:53 - 2022-03-24 03:54 - 001343320 _____ (Google LLC) C:\Users\Karen\Downloads\ChromeSetup(1).exe
2022-03-24 03:42 - 2022-03-24 03:42 - 000000000 ____D C:\Users\Karen\Downloads\Documents\SideSync
2022-03-24 03:42 - 2022-03-24 03:42 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Samsung
2022-03-24 03:41 - 2022-04-04 21:58 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-03-24 03:41 - 2022-03-24 03:41 - 000000352 _____ C:\Users\Karen\Desktop\KD.lnk
2022-03-24 03:41 - 2022-03-24 03:41 - 000000000 ____D C:\ProgramData\Samsung
2022-03-24 03:41 - 2022-03-24 03:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2022-03-24 03:41 - 2022-03-24 03:41 - 000000000 ____D C:\Program Files\Samsung
2022-03-24 02:52 - 2022-04-01 08:41 - 000000000 ___RD C:\Users\Karen\Creative Cloud Files
2022-03-24 02:05 - 2022-04-02 18:21 - 000000000 ____D C:\Users\Karen\AppData\Local\ElevatedDiagnostics
2022-03-23 23:27 - 2022-04-01 10:41 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-03-23 23:27 - 2022-04-01 10:41 - 000000000 ____D C:\Program Files\Adobe
2022-03-23 23:27 - 2022-04-01 10:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-03-23 23:27 - 2022-03-24 02:47 - 000000000 ____D C:\ProgramData\Adobe
2022-03-23 17:28 - 2022-04-16 20:14 - 000000000 ____D C:\Users\Karen\AppData\Local\CrashDumps
2022-03-23 17:02 - 2022-03-26 12:16 - 000000000 ____D C:\Users\Karen\AppData\Roaming\QtProject
2022-03-23 17:02 - 2021-03-09 18:41 - 000037336 _____ C:\WINDOWS\system32\pwdrvio.sys
2022-03-23 17:02 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2022-03-23 17:02 - 2019-11-08 10:15 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2022-03-23 17:01 - 2022-03-26 12:17 - 000000000 ____D C:\Program Files\MiniTool ShadowMaker
2022-03-23 16:51 - 2022-03-26 01:19 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2022-03-23 16:51 - 2022-03-23 16:51 - 000001035 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard.lnk
2022-03-23 16:51 - 2022-03-23 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2022-03-23 13:07 - 2022-03-23 14:07 - 000000000 ____D C:\Users\Karen\AppData\Local\MyLanViewer
2022-03-23 11:57 - 2022-03-23 11:57 - 000069632 _____ C:\Users\Karen\Downloads\Documents\samepcname.evtx
2022-03-23 11:57 - 2022-03-23 11:57 - 000000000 ____D C:\Users\Karen\Downloads\Documents\LocaleMetaData
2022-03-23 11:56 - 2022-03-23 11:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Event Viewer Tasks
2022-03-23 11:36 - 2022-03-23 11:36 - 000000949 _____ C:\Users\Karen\Desktop\gpedit.dll - Shortcut.lnk
2022-03-23 07:10 - 2022-03-23 07:11 - 000000000 ____D C:\SWSetup
2022-03-23 07:10 - 2022-03-23 07:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-23 05:20 - 2022-03-23 05:34 - 049215520 _____ (Samsung) C:\Users\Karen\Downloads\SideSync_4.7.5.203.exe
2022-03-23 04:04 - 2022-03-23 04:04 - 000834374 _____ C:\Users\Karen\Downloads\SummaryBillJun2021.pdf
2022-03-23 03:41 - 2022-03-23 03:41 - 000000000 ____D C:\Users\Karen\Desktop\Old Firefox Data
2022-03-23 03:40 - 2022-04-13 08:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-23 03:29 - 2022-03-23 03:29 - 000023719 _____ C:\Users\Karen\Downloads\ar-AAVnsyq.htm
2022-03-22 23:27 - 2022-03-22 23:27 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-03-22 17:44 - 2022-03-22 17:44 - 000000000 ____D C:\Users\Karen\32UtilWin
2022-03-22 17:43 - 2022-04-11 21:53 - 000000000 ____D C:\Users\Karen\Desktop\j
2022-03-22 17:42 - 2022-03-22 17:42 - 000000000 ____D C:\Users\Karen\AppData\LocalLow\webviewdata
2022-03-22 16:01 - 2022-04-18 05:04 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Fing
2022-03-22 16:01 - 2022-04-10 21:02 - 000000000 ____D C:\Program Files\Npcap
2022-03-22 16:01 - 2022-03-30 01:12 - 000000000 ____D C:\Users\Karen\AppData\Local\fing-updater
2022-03-22 16:01 - 2022-03-22 16:01 - 000001773 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fing.lnk
2022-03-22 16:01 - 2022-03-22 16:01 - 000001761 _____ C:\Users\Public\Desktop\Fing.lnk
2022-03-22 16:01 - 2022-03-22 16:01 - 000000000 ____D C:\Users\Karen\AppData\Roaming\FingAgent
2022-03-22 16:01 - 2022-03-22 16:01 - 000000000 ____D C:\ProgramData\Fingagent
2022-03-22 15:54 - 2022-03-22 23:27 - 000000000 ____D C:\ProgramData\McInstTemp0304251647982475
2022-03-22 15:02 - 2022-03-22 15:19 - 094957248 _____ (Fing Ltd) C:\Users\Karen\Downloads\Fing.exe
2022-03-22 08:36 - 2022-04-05 01:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-22 08:34 - 2022-04-13 08:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-22 03:54 - 2022-03-26 13:16 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-22 03:54 - 2022-03-22 03:54 - 000000000 ____D C:\ProgramData\GlassWire
2022-03-22 03:36 - 2022-03-22 03:50 - 069195112 _____ (SecureMix LLC) C:\Users\Karen\Downloads\GlassWireSetup(1).exe
2022-03-22 03:20 - 2022-04-18 02:41 - 000000000 ____D C:\Users\Karen\AppData\LocalLow\Mozilla
2022-03-22 03:20 - 2022-04-17 02:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-22 03:20 - 2022-04-16 20:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-22 03:20 - 2022-04-13 08:41 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-22 03:20 - 2022-03-23 03:40 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-03-22 03:20 - 2022-03-22 03:20 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Mozilla
2022-03-22 03:20 - 2022-03-22 03:20 - 000000000 ____D C:\Users\Karen\AppData\Local\Mozilla
2022-03-22 03:20 - 2022-03-22 03:20 - 000000000 ____D C:\Users\Karen\AppData\Local\HP_Inc
2022-03-21 21:02 - 2022-03-21 21:02 - 000855764 _____ C:\Users\Karen\Downloads\321b.txt
2022-03-21 15:56 - 2022-03-21 15:56 - 000855764 _____ C:\Users\Karen\Downloads\startuplis321.txt
2022-03-21 14:52 - 2022-03-24 16:00 - 000000000 ____D C:\Users\Karen\AppData\Local\Adobe
2022-03-21 12:07 - 2022-04-13 04:24 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-21 06:56 - 2022-04-18 05:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-21 06:56 - 2022-03-24 06:25 - 000000000 ____D C:\Users\Karen\AppData\Local\Google
2022-03-21 06:52 - 2022-03-21 06:52 - 000000000 ____D C:\Users\Karen\AppData\Local\CEF
2022-03-21 06:47 - 2022-04-18 03:40 - 000003634 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-03-21 06:47 - 2022-03-21 06:47 - 000000000 ____D C:\WINDOWS\ABR
2022-03-21 02:35 - 2022-03-21 12:20 - 000000000 ____D C:\Users\Karen\AppData\Local\HP
2022-03-21 02:35 - 2022-03-21 02:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-21 02:34 - 2022-04-07 00:11 - 000000000 ____D C:\Users\Karen\AppData\Local\Comms
2022-03-21 01:52 - 2022-03-21 01:52 - 000000000 ____D C:\Users\Karen\AppData\Roaming\WildTangent
2022-03-21 01:50 - 2022-03-24 13:43 - 000000000 ____D C:\Users\Karen\AppData\Local\VirtualStore
2022-03-21 01:50 - 2022-03-21 01:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-03-21 01:48 - 2022-04-18 05:00 - 000000000 ____D C:\Users\Karen\AppData\Local\D3DSCache
2022-03-21 01:48 - 2022-03-25 01:26 - 000000000 ____D C:\Users\Karen\AppData\Local\ConnectedDevicesPlatform
2022-03-21 01:48 - 2022-03-24 16:33 - 000000000 ____D C:\Users\Karen\AppData\Local\AMD
2022-03-21 01:48 - 2022-03-24 02:52 - 000000000 ____D C:\Users\Karen\AppData\Roaming\Adobe
2022-03-21 01:48 - 2022-03-21 02:35 - 000000000 ____D C:\Users\Karen\AppData\Local\Publishers
2022-03-21 01:48 - 2022-03-21 01:48 - 000000020 ___SH C:\Users\Karen\ntuser.ini
2022-03-21 01:48 - 2022-03-21 01:48 - 000000000 ____D C:\Users\Karen\AppData\Roaming\HP
2022-03-21 01:48 - 2022-03-21 01:48 - 000000000 ____D C:\Users\Karen\AppData\Local\SoundResearch
2022-03-21 01:23 - 2022-04-18 05:07 - 000954106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-21 01:20 - 2022-03-21 01:20 - 000005072 _____ C:\Users\Karen\Desktop\Removed Apps.html
2022-03-21 01:20 - 2022-03-21 01:20 - 000000000 _SHDL C:\Users\Default User
2022-03-21 01:20 - 2022-03-21 01:20 - 000000000 _SHDL C:\Users\All Users
2022-03-21 01:17 - 2022-04-18 03:49 - 000000000 ____D C:\Users\Karen\AppData\Local\Packages
2022-03-21 01:17 - 2022-04-13 08:40 - 000000000 ____D C:\Users\Karen
2022-03-21 01:17 - 2021-06-05 07:04 - 000001281 _____ C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-03-21 01:17 - 2021-06-05 07:04 - 000000407 _____ C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-03-21 01:16 - 2022-03-21 01:16 - 000000000 __HDL C:\System.sav
2022-03-21 01:15 - 2022-03-21 01:22 - 000000000 ____D C:\WINDOWS\Panther
2022-03-21 01:15 - 2022-03-21 01:22 - 000000000 ____D C:\Windows.old
2022-03-21 01:15 - 2022-03-21 01:15 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-03-21 01:15 - 2022-03-21 01:15 - 000000000 ____D C:\Users\Default\AppData\Local\Packages
2022-03-21 01:15 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files\HP
2022-03-21 01:15 - 2021-06-16 08:33 - 000001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2022-03-21 01:14 - 2022-03-21 01:15 - 000000000 ____D C:\WINDOWS\Setup
2022-03-21 01:14 - 2022-03-21 01:14 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-03-21 01:14 - 2022-03-21 01:14 - 000000000 ____D C:\WINDOWS\Firmware
2022-03-21 01:13 - 2022-03-21 02:34 - 000000000 ____D C:\WINDOWS\HoloShell
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\TextInput
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\0409
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-03-21 01:13 - 2022-03-21 01:13 - 000000000 ____D C:\ProgramData\ssh
2022-03-21 01:12 - 2022-04-18 05:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 01:12 - 2022-04-18 01:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-21 01:12 - 2022-04-16 17:58 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-21 01:12 - 2022-04-16 17:58 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-21 01:12 - 2022-04-13 08:40 - 000500784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-21 01:12 - 2022-04-01 09:24 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-21 01:12 - 2022-04-01 09:24 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-21 01:12 - 2022-03-22 16:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-21 01:12 - 2022-03-22 02:33 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-03-21 01:12 - 2022-03-21 01:14 - 000000000 ____D C:\ProgramData\Realtek
2022-03-21 01:12 - 2022-03-21 01:13 - 000000000 ____D C:\ProgramData\HP
2022-03-21 01:12 - 2022-03-21 01:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-03-21 01:12 - 2022-03-21 01:12 - 000000000 ____D C:\Program Files\AMD
2022-03-21 01:11 - 2022-04-18 05:07 - 000000000 ____D C:\WINDOWS\INF
2022-03-21 01:11 - 2022-04-18 05:07 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-21 01:11 - 2022-04-18 05:00 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2022-03-21 01:11 - 2022-04-18 05:00 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-03-21 01:11 - 2022-04-18 05:00 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-21 01:11 - 2022-04-18 03:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-21 01:11 - 2022-04-18 03:49 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-21 01:11 - 2022-04-13 08:40 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-21 01:11 - 2022-04-13 08:40 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-21 01:11 - 2022-04-13 04:25 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-21 01:11 - 2022-04-13 04:24 - 000000000 ___RD C:\Program Files (x86)
2022-03-21 01:11 - 2022-04-12 18:08 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-21 01:11 - 2022-04-08 22:02 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-21 01:11 - 2022-04-02 23:10 - 000000000 ____D C:\WINDOWS\Registration
2022-03-21 01:11 - 2022-04-01 20:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-03-21 01:11 - 2022-04-01 14:49 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-03-21 01:11 - 2022-03-30 10:05 - 000000000 ____D C:\WINDOWS\security
2022-03-21 01:11 - 2022-03-26 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-03-21 01:11 - 2022-03-26 16:50 - 000000000 ____D C:\WINDOWS\system32\setup
2022-03-21 01:11 - 2022-03-26 16:50 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-03-21 01:11 - 2022-03-23 23:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-03-21 01:11 - 2022-03-22 16:50 - 000000000 ____D C:\Program Files\Windows Defender
2022-03-21 01:11 - 2022-03-22 06:31 - 000000000 ____D C:\WINDOWS\appcompat
2022-03-21 01:11 - 2022-03-21 02:34 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-03-21 01:11 - 2022-03-21 01:19 - 000000000 __RHD C:\Users\Public\Libraries
2022-03-21 01:11 - 2022-03-21 01:17 - 000000000 ____D C:\ProgramData\USOPrivate
2022-03-21 01:11 - 2022-03-21 01:16 - 000000000 ____D C:\WINDOWS\system32\spool
2022-03-21 01:11 - 2022-03-21 01:15 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-03-21 01:11 - 2022-03-21 01:15 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\SystemApps
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\Com
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\OCR
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\IME
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\Help
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\WINDOWS\BrowserCore
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files\Windows NT
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-03-21 01:11 - 2022-03-21 01:13 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-03-21 01:11 - 2022-03-21 01:12 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-03-21 01:11 - 2022-03-21 01:12 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-21 01:11 - 2022-03-21 01:11 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-03-21 01:11 - 2022-03-21 01:11 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-03-21 01:11 - 2022-03-21 01:11 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2022-03-21 01:11 - 2022-03-21 01:11 - 000078336 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2022-03-21 01:11 - 2022-03-21 01:11 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-03-21 01:11 - 2022-03-21 01:11 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-03-21 01:11 - 2022-03-21 01:11 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-03-21 01:11 - 2022-03-21 01:11 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-03-21 01:11 - 2022-03-21 01:11 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-03-21 01:11 - 2022-03-21 01:11 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-03-21 01:11 - 2022-03-21 01:11 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\WUModels
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Web
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\WaaS
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Vss
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\UUS
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\tracing
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\TAPI
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\ras
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Pbr
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\IME
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\ias
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\System
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SKB
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\schemas
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\SchCache
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Resources
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\rescache
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\PLA
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Performance
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Media
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\InputMethod
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Globalization
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Cursors
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Containers
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\Branding
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\ProgramData\USOShared
2022-03-21 01:11 - 2022-03-21 01:11 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-03-21 01:09 - 2022-04-18 03:40 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-21 01:08 - 2022-04-18 05:00 - 019660800 _____ C:\WINDOWS\system32\config\SYSTEM
2022-03-21 01:08 - 2022-04-18 05:00 - 001048576 _____ C:\WINDOWS\system32\config\DEFAULT
2022-03-21 01:08 - 2022-04-18 05:00 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-21 01:08 - 2022-04-18 05:00 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2022-03-21 01:08 - 2022-04-18 05:00 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2022-03-21 01:08 - 2022-03-26 06:55 - 000000000 ____D C:\WINDOWS\servicing
2022-03-21 01:08 - 2022-03-22 15:56 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-21 01:08 - 2022-03-21 01:11 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-03-21 00:02 - 2022-03-21 01:20 - 000000000 ___HD C:\$SysReset
2022-03-20 13:25 - 2022-03-22 23:24 - 000000000 ____D C:\Users\Karen\Downloads\Backups
2022-03-20 12:59 - 2022-03-20 12:59 - 000000000 ____D C:\Users\Karen\Downloads\HijackThis
2022-03-20 12:56 - 2021-11-20 15:55 - 007355384 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Karen\Downloads\HJ.exe.bak
2022-03-20 12:55 - 2021-06-04 07:41 - 005980224 _____ (Intel) C:\Users\Karen\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2022-03-20 12:53 - 2022-03-20 12:53 - 000000000 ____D C:\Users\Karen\Downloads\NETGEAR
2022-03-20 12:53 - 2021-09-01 09:14 - 002096016 _____ (Sysinternals - www.sysinternals.com) C:\Users\Karen\Downloads\autoruns.exe
2022-03-20 12:52 - 2022-03-20 12:59 - 000000000 ___HD C:\Users\Karen\Downloads\32UtilWin
2022-03-20 12:52 - 2022-03-19 22:15 - 000525040 _____ C:\Users\Karen\Downloads\startuplist.txt
2022-03-20 12:51 - 2021-08-30 11:19 - 002120496 _____ (Malwarebytes) C:\Users\Karen\Downloads\MBSetup-119967.119967-consumer.exe
2022-03-20 12:51 - 2021-08-29 16:27 - 000333064 _____ (Mozilla) C:\Users\Karen\Downloads\Firefox Installer.exe
2022-03-20 12:50 - 2021-09-07 06:12 - 001342296 _____ (Google LLC) C:\Users\Karen\Downloads\ChromeSetup.exe
2022-03-20 12:49 - 2021-09-07 06:12 - 001342296 _____ (Google LLC) C:\Users\Karen\ChromeSetup.exe
2022-03-20 12:49 - 2021-08-29 16:27 - 000333064 _____ (Mozilla) C:\Users\Karen\Firefox Installer (1).exe
2022-03-20 10:29 - 2022-03-20 10:29 - 002443448 _____ (Malwarebytes) C:\Users\Karen\Downloads\MBSetup.exe
2022-03-20 09:33 - 2022-03-20 09:33 - 000000924 _____ C:\Users\Karen\Desktop\rocky.txt
2022-03-20 09:13 - 2022-03-20 09:13 - 000000222 _____ C:\Users\Karen\netstatafterreset.txt
2022-03-20 08:37 - 2022-03-21 01:50 - 000000000 ___RD C:\Users\Karen\OneDrive
2022-03-20 08:36 - 2022-03-20 08:36 - 000000000 ____D C:\Users\Karen\AppData\LocalLow\AMD
2022-03-20 07:40 - 2022-03-20 07:40 - 000000000 _SHDL C:\Documents and Settings
2022-03-20 07:34 - 2022-04-18 05:00 - 000012288 ___SH C:\DumpStack.log.tmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-18 03:49 - 2021-06-25 13:11 - 000000000 ____D C:\ProgramData\Packages
2022-04-18 01:15 - 2021-06-05 07:19 - 001126728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2022-04-18 01:15 - 2021-06-05 07:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslconfig.exe
2022-04-18 01:15 - 2021-06-05 07:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bash.exe
2022-04-18 01:15 - 2021-06-05 07:19 - 000049464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxss.sys
2022-04-12 21:05 - 2022-02-18 03:50 - 001383280 ____N C:\WINDOWS\Minidump\041222-7906-01.dmp
2022-04-11 04:40 - 2022-03-01 04:07 - 000234840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2022-04-11 04:40 - 2022-02-20 20:30 - 000292200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2022-04-11 04:40 - 2021-06-05 07:19 - 000504144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetMgmtIF.dll
2022-04-11 04:40 - 2021-06-05 07:19 - 000139600 _____ C:\WINDOWS\system32\nmscrub.exe
2022-04-11 04:40 - 2021-06-05 07:19 - 000119120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmbind.exe
2022-04-11 04:40 - 2021-06-05 07:18 - 000327992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2022-04-11 04:40 - 2021-06-05 07:18 - 000233808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2022-04-11 04:40 - 2021-06-05 07:18 - 000143672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifcore.dll
2022-04-11 04:40 - 2021-06-05 07:18 - 000049464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifproxystub.dll
2022-04-05 23:02 - 2022-01-26 23:47 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-30 22:54 - 2022-02-18 03:50 - 001194700 _____ C:\WINDOWS\Minidump\033022-8687-01.dmp
2022-03-30 10:05 - 2022-01-27 00:05 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2022-03-30 10:05 - 2021-06-05 07:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
2022-03-30 10:05 - 2021-06-05 07:22 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
2022-03-30 10:05 - 2021-06-05 07:20 - 000120458 _____ C:\WINDOWS\system32\secpol.msc
2022-03-30 10:05 - 2021-06-05 07:19 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2022-03-30 10:05 - 2021-06-05 07:19 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2022-03-30 10:05 - 2021-06-05 07:19 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2022-03-30 10:05 - 2021-06-05 07:19 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2022-03-30 10:05 - 2021-06-05 07:19 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll
2022-03-30 10:05 - 2021-06-05 07:19 - 000147439 _____ C:\WINDOWS\system32\gpedit.msc
2022-03-30 10:05 - 2021-06-05 07:19 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2022-03-30 10:05 - 2021-06-05 07:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2022-03-30 10:05 - 2021-06-05 07:19 - 000043566 _____ C:\WINDOWS\system32\rsop.msc
2022-03-30 10:05 - 2021-06-05 07:18 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2022-03-30 10:05 - 2021-06-05 07:18 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2022-03-27 20:49 - 2019-07-18 09:36 - 000133632 _____ (NirSoft) C:\WINDOWS\LastActivityView.exe
2022-03-26 16:46 - 2021-06-05 07:24 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2022-03-26 16:46 - 2021-06-05 07:24 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2022-03-26 16:46 - 2021-06-05 07:24 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2022-03-26 16:46 - 2021-06-05 07:24 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2022-03-26 16:46 - 2021-06-05 07:24 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2022-03-26 16:46 - 2021-06-05 07:24 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2022-03-26 16:46 - 2021-06-05 07:24 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2022-03-26 16:46 - 2021-06-05 07:19 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2022-03-26 16:46 - 2021-06-05 07:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2022-03-26 16:46 - 2021-06-05 07:19 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2022-03-26 16:46 - 2021-06-05 07:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2022-03-26 16:46 - 2021-06-05 07:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2022-03-26 16:46 - 2021-06-05 07:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2022-03-26 16:46 - 2021-06-05 07:19 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2022-03-26 06:48 - 2021-06-05 07:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-03-24 23:20 - 2021-06-25 13:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-03-24 13:36 - 2013-10-31 22:17 - 000044544 _____ (NirSoft) C:\Program Files (x86)\NetResView.exe
2022-03-24 13:35 - 2013-10-31 22:17 - 000044544 _____ (NirSoft) C:\NetResView.exe
2022-03-21 12:22 - 2022-01-27 00:20 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-03-21 01:52 - 2022-01-27 00:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-03-21 01:17 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-03-21 01:16 - 2022-01-27 00:25 - 000000000 ____D C:\WINDOWS\HP
2022-03-21 01:14 - 2022-01-26 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-03-21 01:13 - 2022-01-27 00:30 - 000000000 ____D C:\ProgramData\McInstTemp0143571643261405
2022-03-21 01:13 - 2022-01-27 00:26 - 000000000 ___HD C:\Program Files\FanControlApp
2022-03-21 01:13 - 2022-01-27 00:22 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-03-21 01:13 - 2022-01-26 23:47 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-03-21 01:13 - 2022-01-26 23:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-03-21 01:13 - 2022-01-26 23:46 - 000000000 ___RD C:\Program Files\Online Services
2022-03-21 01:13 - 2022-01-26 23:46 - 000000000 ___RD C:\Program Files (x86)\Online Services
2022-03-21 01:13 - 2022-01-26 23:46 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-03-21 01:13 - 2022-01-26 23:46 - 000000000 ____D C:\Program Files\HPCommRecovery
2022-03-21 01:13 - 2022-01-26 23:44 - 000000000 ____D C:\Program Files (x86)\HP
2022-03-21 01:13 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-03-20 07:36 - 2022-01-26 16:24 - 000000000 ___HD C:\hp

==================== Files in the root of some directories ========

2022-03-20 12:49 - 2021-09-07 06:12 - 001342296 _____ (Google LLC) C:\Users\Karen\ChromeSetup.exe
2022-03-20 12:49 - 2021-08-29 16:27 - 000333064 _____ (Mozilla) C:\Users\Karen\Firefox Installer (1).exe
2013-10-31 22:17 - 2022-03-24 13:36 - 000044544 _____ (NirSoft) C:\Program Files (x86)\NetResView.exe
2022-03-24 16:05 - 2022-03-29 15:10 - 000000205 _____ () C:\Users\Karen\AppData\Local\oobelibMkey.log
2022-03-26 10:29 - 2022-03-30 09:29 - 000007647 _____ () C:\Users\Karen\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



ATTENTION: ==> Could not access BCD.  -> 0x0D0A57696E646F777320426F6F74204D616E616765720D0A2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D0D0A6964656E74696669657220202020202020202020202020207B626F6F746D67727D0D0A646576696365202020202020202020202020202020202020706172746974696F6E3D5C4465766963655C486172646469736B566F6C756D65310D0A7061746820202020202020202020202020202020202020205C4546495C4D6963726F736F66745C426F6F745C626F6F746D6766772E6566690D0A6465736372697074696F6E2020202020202020202020202057696E646F777320426F6F74204D616E616765720D0A6C6F63616C65202020202020202020202020202020202020656E2D55530D0A696E686572697420202020202020202020202020202020207B676C6F62616C73657474696E67737D0D0A64656661756C7420202020202020202020202020202020207B63757272656E747D0D0A726573756D656F626A6563742020202020202020202020207B35303061363962652D613864652D313165632D383538322D6435343232316333363639357D0D0A646973706C61796F726465722020202020202020202020207B63757272656E747D0D0A746F6F6C73646973706C61796F72646572202020202020207B6D656D646961677D0D0A74696D656F7574202020202020202020202020202020202034350D0A0D0A57696E646F777320426F6F74204C6F616465720D0A2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D0D0A6964656E74696669657220202020202020202020202020207B63757272656E747D0D0A646576696365202020202020202020202020202020202020706172746974696F6E3D433A0D0A7061746820202020202020202020202020202020202020205C57494E444F57535C73797374656D33325C77696E6C6F61642E6566690D0A6465736372697074696F6E2020202020202020202020202057696E646F77732031310D0A6C6F63616C65202020202020202020202020202020202020656E2D55530D0A696E686572697420202020202020202020202020202020207B626F6F746C6F6164657273657474696E67737D0D0A7265636F7665727973657175656E636520202020202020207B64386361656366612D376633342D313165632D393438322D6338356163663034333633647D0D0A646973706C61796D6573736167656F7665727269646520205265636F766572790D0A7265636F76657279656E61626C65642020202020202020205965730D0A69736F6C61746564636F6E746578742020202020202020205965730D0A616C6C6F776564696E6D656D6F727973657474696E677320307831353030303037350D0A6F7364657669636520202020202020202020202020202020706172746974696F6E3D433A0D0A73797374656D726F6F7420202020202020202020202020205C57494E444F57530D0A726573756D656F626A6563742020202020202020202020207B35303061363962652D613864652D313165632D383538322D6435343232316333363639357D0D0A6E78202020202020202020202020202020202020202020204F7074496E0D0A626F6F746D656E75706F6C696379202020202020202020205374616E646172640D0A
==================== End of FRST.txt ========================