HKLM\...\Run: [Note-up] => C:\Program Files\Note-up\note-up.exe [6777856 2016-05-18] (TODO: <Company name>)
HKLM\...\Run: [L] => C:\Program Files\Power Update\fatalerror.exe [245760 2016-07-14] ()
HKLM\...\Run: [cpx] => C:\Program Files\cpx\cpx.exe [641536 2016-03-24] ()
HKLM\...\RunOnce: [Update] => C:\Users\JLyn\AppData\Roaming\NUIns\NUIns.exe [1108126 2016-07-20] ()
HKLM\...\Winlogon: [Shell] C:\Program Files\Power Update\fatalerror.exe [x ] () <=== ATTENTION
HKU\JLyn\...\Run: [L] => C:\Program Files\Power Update\fatalerror.exe [245760 2016-07-14] ()
HKU\JLyn\...\Run: [fastweb] => C:\Program Files\FastWeb\fastweb.exe [194048 2016-07-20] ()
HKU\JLyn\...\Winlogon: [Shell] C:\Program Files\Power Update\fatalerror.exe [245760 2016-07-14] () <==== ATTENTION
S2 55218e6f4f23000c941bd2cd54b2b717; C:\Program Files\55218e6f4f23000c941bd2cd54b2b717\cbced1c097d7ae63193d8d2a97ca9d86.exe [3483648 2016-07-18] ()
S2 Dataup; C:\Program Files\dataup\dataup.exe [77824 2015-08-06] ()
S2 dowidoly; C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC\jnsm8CE0.tmp [244224 2016-07-20] ()
S2 kijuxokozbt; C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC\knslF627.tmp [480768 2016-07-20] ()
S2 rijufoze; C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC\hnsgA53C.tmp [138240 2016-07-20] ()
S2 windowsmanagementservice; C:\Users\JLyn\AppData\Local\Temp\20160720\ct.exe [852992 2016-03-21] (Google Inc.)
S1 0db2c77f75b621415c89c6d10c45e881; C:\WINDOWS\system32\drivers\0db2c77f75b621415c89c6d10c45e881.sys [69072 2016-07-18] (IKWAA2)
S1 bsdp32; C:\WINDOWS\system32\Drivers\bsdp32.sys [32576 2016-07-20] ()
C:\Program Files\55218e6f4f23000c941bd2cd54b2b717
C:\Users\JLyn\AppData\Local\Temp\20160720
C:\WINDOWS\system32\drivers\0db2c77f75b621415c89c6d10c45e881.sys
2016-07-20 10:37 - 2016-07-20 10:37 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2016-07-20 09:41 - 2016-07-20 09:41 - 00000000 ___DC C:\Program Files\Nusrekkegu
2016-07-20 07:04 - 2016-07-20 15:07 - 00000000 ___DC C:\Users\JLyn\AppData\Local\mstrn32
2016-07-20 07:04 - 2016-07-20 09:05 - 00000000 ___DC C:\Users\JLyn\AppData\Local\cpx
2016-07-20 05:52 - 2016-07-21 12:01 - 00000000 ___DC C:\Program Files\cpx
2016-07-20 05:52 - 2016-07-20 05:52 - 00000000 ___DC C:\Program Files\regtool
2016-07-20 05:51 - 2016-07-21 13:17 - 00031091 ____C C:\Windows\2ae877468b564e445daaea9ec08b3cf1.ps1
2016-07-20 05:51 - 2016-07-21 13:17 - 00000000 ___DC C:\Program Files\55218e6f4f23000c941bd2cd54b2b717
2016-07-20 05:51 - 2016-07-20 05:52 - 00000000 ___DC C:\Program Files\msrtn32
2016-07-20 05:51 - 2016-07-20 05:51 - 00032576 ____C C:\Windows\System32\Drivers\bsdp32.sys
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Windows\System32\SSL
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\SejafLuo
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\gplyra
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Efhpe
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Tempfolder
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\JadmiipmefkowadUn
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\Jadmiipmefkowad
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\Itibiti Soft Phone
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\FastWeb
2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\dataup
2016-07-20 05:50 - 2016-07-20 05:51 - 00011568 ____C C:\Users\JLyn\AppData\Roaming\InstallationConfiguration.xml
2016-07-20 05:50 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\CleanBrowser
2016-07-20 05:50 - 2016-07-20 05:50 - 00129024 ____C C:\Users\JLyn\AppData\Roaming\Installer.dat
2016-07-20 05:50 - 2016-07-20 05:50 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Apps\2.0
2016-07-20 05:50 - 2016-07-20 05:50 - 00000000 ___DC C:\Program Files\Power Update
2016-07-20 05:50 - 2016-07-20 05:50 - 00000000 ____C C:\Windows\System32\Number of results
2016-07-20 05:46 - 2016-07-20 05:46 - 01002871 ____C C:\Users\JLyn\AppData\Local\setupone.exe
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Note-UP
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\c
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\ProgramData\1469022385
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Program Files\S5
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Program Files\Note-up
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Program Files\maguire
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\tr5b.txt
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\stxtname.txt
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\run.txt
2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\aatxtname.txt
2016-07-20 05:45 - 2016-07-21 11:49 - 00000000 ___DC C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC
C:\Windows\Tasks\{35EB43BE-DCF4-0D78-59EB-0D17D864E85D}.job