Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Win32 CTX virus? Or false positive [Solved]


  • This topic is locked This topic is locked

#16
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

sure will do right now 


  • 0

Advertisements


#17
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

here we go - let me know if I missed a step or data copies

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-03-25 06:37:47
-----------------------------
06:37:47.878    OS Version: Windows x64 6.2.9200 
06:37:47.878    Number of processors: 2 586 0x170A
06:37:47.878    ComputerName: JAMIE-PC  UserName: Jamie
06:37:51.065    Initialize success
06:37:51.128    VM: initialized successfully
06:37:51.128    VM: Intel CPU BiosDisabled 
06:40:20.225    AVAST engine defs: 16032300
06:40:34.475    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
06:40:34.475    Disk 0 Vendor: HITACHI_HUA722010ALA330 JP4ONS01 Size: 953869MB BusType: 3
06:40:34.584    Disk 0 MBR read successfully
06:40:34.584    Disk 0 MBR scan
06:40:34.615    Disk 0 unknown MBR code
06:40:34.631    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          500 MB offset 2048
06:40:34.647    Disk 0 Partition 2 00     27 Hidden NTFS WinRE NTFS         9000 MB offset 1026048
06:40:34.647    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS       944365 MB offset 19458048
06:40:34.678    Disk 0 scanning C:\WINDOWS\system32\drivers
06:40:45.240    Service scanning
06:41:10.147    Modules scanning
06:41:10.147    Disk 0 trace - called modules:
06:41:10.162    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys 
06:41:10.162    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001eb09e060]
06:41:10.162    3 CLASSPNP.SYS[fffff801369d7d95] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xffffe001eac2f060]
06:41:12.272    AVAST engine scan C:\WINDOWS
06:41:15.694    AVAST engine scan C:\WINDOWS\system32
06:44:49.366    AVAST engine scan C:\WINDOWS\system32\drivers
06:45:09.569    AVAST engine scan C:\Users\Jamie
06:53:16.415    AVAST engine scan C:\ProgramData
06:54:31.383    Disk 0 statistics 3847881/0/0 @ 3.38 MB/s
06:54:31.383    Scan finished successfully
08:48:47.174    Disk 0 MBR has been saved successfully to "C:\Users\Jamie\Desktop\MBR.dat"
08:48:47.221    The log file has been saved successfully to "C:\Users\Jamie\Desktop\aswMBR.txt"
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Jamie (2016-03-25 06:36:40)
Running from C:\Users\Jamie\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-18 04:27:17)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2820763626-3360222607-3046939984-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2820763626-3360222607-3046939984-503 - Limited - Disabled)
Guest (S-1-5-21-2820763626-3360222607-3046939984-501 - Limited - Disabled)
Jamie (S-1-5-21-2820763626-3360222607-3046939984-1000 - Administrator - Enabled) => C:\Users\Jamie
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Ad-Aware Antivirus (HKLM\...\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft)
AdAwareInstaller (Version: 11.10.767.8917 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.10.767.8917 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
B-Link Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.26.0 - B-Link)
B-Link Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0199 - SHENZHEN BILIAN ELECTRONIC CO.,LTD)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
Cutting Plotter Controller for CE6000 (HKLM-x32\...\{FB007617-E4BB-4CDA-8C27-32E7C2B65ABD}) (Version: 1.40.0 - Graphtec)
EPSON Artisan 1430 Series Printer Uninstall (HKLM\...\EPSON Artisan 1430 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Artisan 50 Series Printer Uninstall (HKLM\...\EPSON Artisan 50 Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version:  - SEIKO EPSON Corporation)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Glary Utilities 5.46 (HKLM-x32\...\Glary Utilities 5) (Version: 5.46.0.66 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Graphtec Studio (HKLM-x32\...\{65D76267-1DA2-4213-880B-4FF054204014}) (Version: 2.2.1070 - Graphtec Corporation)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 36.0.2130.32 (HKLM-x32\...\Opera 36.0.2130.32) (Version: 36.0.2130.32 - Opera Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.12.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.5491 - Analog Devices)
Todoist (HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.7.6.0 - Doist Ltd.)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.14 - Vector Magic, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WicReset version 3.0.90.25 (HKLM-x32\...\{20379D3A-321B-4830-96A6-37183B713AE8}_is1) (Version: 3.0.90.25 - WWW.WIC.SUPPORT)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2820763626-3360222607-3046939984-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {041B38F4-3DBC-4197-9981-E41A4BAE68BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)
Task: {04EEDCFD-0F09-42CB-9298-6D3E0E222C63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {07C59B88-84C8-47ED-A1E7-B8DA9D414BCC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0810BEA6-BE34-4677-81D9-3775DC8E0D50} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {0879CABE-A042-4424-A454-A0DCA3380DD1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {17B04C60-390A-4850-8635-75D8BA00EB31} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {19F43F8D-AD4D-418C-AF6B-1EA0C3A7934B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2F34A93E-B84C-40DF-A074-4A197ED44F17} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4119FF90-1753-45B5-92F9-C3E045CB7F90} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {45A25AE6-EDDD-4AD7-9310-E1804CBDA91D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4C082BC9-83AF-45B0-B4E4-9F768F2A946A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4DE65601-DDFD-49B0-B2D4-CBEEF909043F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-01-29] ()
Task: {4FC2C0EF-E553-4E9E-8551-1C6BC46F658D} - System32\Tasks\{D195D556-D3FF-4831-8608-FF97EC7F58A2} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {517F4E2E-6B4A-4D8F-9AFE-E903386563E6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {57C68081-DC6E-4DD6-BEF1-FE4167A4C4AA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5F272716-7985-4817-8D4F-192D2961C49B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {673C7463-CA13-4033-8831-0ADC47B07A66} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {676DBB74-F54A-4A2C-9FF9-E3A19D4E4562} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {71E8B789-D082-4822-8042-4AA862E23EEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {77240268-AF34-4DFD-A008-F42CE7CE00FD} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe
Task: {7C563831-DC84-42C3-921B-9FA5158BE59E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-03-06] (Glarysoft Ltd)
Task: {85F83091-BC50-470F-AF80-725189186CFD} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-03-06] (Glarysoft Ltd)
Task: {8634CC08-1489-449A-93D4-59D49EC9B9DD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8C6FAC49-5D21-4841-80FB-3B9D6D01955B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {900CB0D9-8238-473F-ABFF-0BF7098307E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {90ED41CA-9E8F-45E2-90C9-97E0EB1ABCC4} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {93F0FBDD-2C94-4BBE-9B90-3E4D954F0713} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {97C52285-DB97-4737-9187-85145F640CE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)
Task: {9A616388-EC49-4638-A5C7-7D7067E2961C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A369D948-3C62-4790-A389-317AA072E177} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A8D03239-C9F6-475A-9A23-3FDF5143F015} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B2EA90DC-EE66-40F3-87BE-228D17AFEB2B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {B7BB3D4B-57DC-4FDF-9BFC-5DBF801518FF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C1B6E0C1-2E6D-46AC-B4C2-87FC36720A08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CEA769D8-FADA-48AD-AA9B-D75B048B80B1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {D0A7CA9A-6B47-47A7-9BF6-C665EB935032} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DAF41149-B166-4561-A710-E73A7D5FF189} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {DB5DF819-7D01-4DE6-A474-68F821E02ADC} - System32\Tasks\Opera scheduled Autoupdate 1456274510 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-14] (Opera Software)
Task: {DD75AB03-C2BB-4922-A1EB-83DAEDEF61AA} - System32\Tasks\AdobeAAMUpdater-1.0-Jamie-PC-Jamie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {DE2DE9D8-404D-447E-9BD8-3A39624AC63D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {E0E300AA-FBA0-46DD-A21B-16FA63B1F702} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {E0F9A417-08CA-46A7-BCB6-D07D746A0609} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {EE224967-4306-4375-B158-C35C06F366D6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F02C64F7-F6D5-43CC-9DD0-A82512639D9C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F52E14BF-0E6E-4A3C-A10E-5DF5F062AB9F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F7CA7EB8-AC29-4D3B-93D9-F59DE8169FAE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-29 06:16 - 2016-02-22 17:19 - 01215560 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-01-28 17:44 - 2016-01-28 17:44 - 00712432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
2016-01-28 17:48 - 2016-01-28 17:48 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_system-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_date_time-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_filesystem-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 11674360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareServiceKernel.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\RCF.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00911616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_regex-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_thread-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_chrono-vc120-mt-1_57.dll
2016-01-28 17:47 - 2016-01-28 17:47 - 00973040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareActivation.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00561920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareApplicationUpdater.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00847600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareGamingMode.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00101096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareReset.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00123104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTime.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01030912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdater.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00905488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdaterScheduler.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01146608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIgnoreList.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00243440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareQuarantine.dll
2016-01-28 17:47 - 2016-01-28 17:47 - 01594624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiMalwareEngine.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00206080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiRootkitEngine.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01210616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerHistory.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01373928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScanner.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00036096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_timer-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01019640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerScheduler.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01190656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 02547448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIncompatibles.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01489640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiSpam.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01437424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiPhishing.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 03263736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareParentalControl.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 03107576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareWebProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01325816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareEmailProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00059656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_iostreams-vc120-mt-1_57.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01878784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNetworkProtection.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01024744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePromo.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00457448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareFeedback.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 02958592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareThreatWorkAlliance.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01310952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePinCode.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01027304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNotice.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01563888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAvcEngine.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 01222416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtectionHistory.dll
2016-01-28 17:48 - 2016-01-28 17:48 - 00519920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareStatistics.dll
2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-12-18 08:41 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 13:39 - 2016-02-23 04:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 08:03 - 2016-01-04 21:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 08:03 - 2016-01-04 21:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 15:18 - 2016-01-16 01:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 15:18 - 2016-01-16 01:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-18 08:41 - 2015-12-07 00:59 - 03081568 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-12-18 08:41 - 2015-12-07 00:57 - 02394976 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2016-01-13 07:37 - 2012-11-06 10:47 - 00114688 _____ () C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\EnumDevLib.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-09-20 16:40 - 2015-09-20 16:39 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-03-06 23:25 - 2016-03-06 23:25 - 00086992 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jamie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{885a859f-bff3-4bdc-9d9d-58ad997edbda}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "B-Link Wireless Utility.lnk"
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34"
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\StartupApproved\Run: => "GUDelayStartup"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{AA285430-6605-49D2-B646-9D9D7DAFCA9B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4134FE96-084D-4B15-93F2-633829162CD0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{4B17C560-65C4-4876-9505-4E91EDF61F8E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{E62DEA1C-F953-4507-8CA4-F596ABEB53C8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{D3CCC843-77A6-4A5F-866B-EE4F6BAFF622}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1811B23F-6B32-47DB-BF01-4E6E9EB45510}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe
FirewallRules: [{6FAA0029-BA71-4693-9E60-8D3183865BEE}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe
FirewallRules: [{3A909B66-1904-4B54-AF76-0A1068B81864}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaUI.exe
FirewallRules: [{4D29007B-87BC-41E2-80BB-4297D967B6BA}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaUI.exe
FirewallRules: [{B2B80076-EE0A-4045-BA9D-025C56AA592F}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{9F68BCAF-117A-4169-8271-EB971D7AAA4C}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{0E747F6C-7D01-4C12-A618-3E5B0A215859}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1B9A854-39B2-4CC2-A478-3CBB2092F1B4}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AC95644A-6064-4CDC-80E4-41F583070A20}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D536FAB-C892-403E-ADAB-CFF796E91A20}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15ABD93F-5D72-45DA-B096-8455C78C4C67}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DDBA1B4B-50B2-446A-9216-E14AD6CD2F55}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{600FA8E4-690E-4A1F-BB25-D1554CF8B3A3}] => (Allow) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{C8F8B0DD-87B1-4283-94F0-F50595F7FECE}] => (Allow) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{321E420D-09A0-4E12-9EF1-A0A900BC4549}] => (Allow) LPort=1542
FirewallRules: [{D5890E72-1149-42D9-A9D9-148D81A1D103}] => (Allow) LPort=1542
FirewallRules: [{EE75F4D5-5E04-4EAC-877D-23E16538BCD5}] => (Allow) LPort=53
FirewallRules: [{D20D975A-D4C2-4779-8EF5-9ED810E6E71E}] => (Allow) LPort=67
FirewallRules: [{4763D0E5-4D08-4E18-8CE1-7E106BD1F5C5}] => (Allow) LPort=68
FirewallRules: [{4F5887E0-BFCA-41DF-85D6-6CD582AAC240}] => (Allow) LPort=53
FirewallRules: [{96BD556B-1AAC-494D-9CB9-D054E6B00157}] => (Allow) LPort=53
FirewallRules: [{75A945C5-9211-4569-AC9E-F9F2DFEAE29E}] => (Allow) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{1C7C109E-33D3-4207-B1F0-115946E2C368}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D33D28C6-DB07-4B02-8D9A-A58FCFA0BFE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7DC36B53-6083-4783-8AA8-CEBA9AB86E45}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F47DB1C5-9599-4ADF-BA85-EA0931AEACF4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{820BAD0B-3DBC-40BA-BB83-139DF472CDF2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{89B99BF5-8F9B-459D-8407-F60DF59EB493}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{BAA6AF48-6947-4745-A118-3F1A3B06DAA4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{60316F8B-D99A-4833-96C9-0689D7DAE876}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C8A2C9A6-D775-4450-A346-0CDBC9AB55EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
21-03-2016 20:34:42 End of disinfection
23-03-2016 21:05:51 Restore Point Created by FRST
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/24/2016 09:26:14 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
 
Error: (03/24/2016 02:14:49 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
 
Error: (03/24/2016 09:44:12 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
 
Error: (03/24/2016 06:08:08 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
 
Error: (03/23/2016 09:06:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (03/23/2016 05:37:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAMIE-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/22/2016 09:37:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 16.302.8200.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1d9c
 
Start Time: 01d183a8cd9d1d94
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
 
Report Id: 39190bb0-f033-11e5-8dae-001e4fec47de
 
Faulting package full name: Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Error: (03/21/2016 08:34:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (03/21/2016 02:58:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (03/21/2016 02:57:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {b970815d-c2b3-4ee5-92ab-4b5d0ad6ddb6}
 
 
System errors:
=============
Error: (03/25/2016 06:33:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058
 
Error: (03/25/2016 06:31:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_5d34d service to connect.
 
Error: (03/25/2016 06:31:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_5d34d service to connect.
 
Error: (03/25/2016 06:31:06 AM) (Source: DCOM) (EventID: 10010) (User: JAMIE-PC)
Description: {0002DF02-0000-0000-C000-000000000046}
 
Error: (03/25/2016 06:31:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_5d34d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (03/25/2016 06:31:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_5d34d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (03/25/2016 06:31:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_5d34d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (03/25/2016 06:31:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_5d34d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (03/24/2016 06:26:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058
 
Error: (03/24/2016 06:26:36 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xffffe0003e5b3010, 0xfffff8009c027550, 0x0000000000000000, 0x000000000000000d)C:\WINDOWS\MEMORY.DMPbabdc3f1-54bc-4f99-8f43-f58f486c7d28
 
 
CodeIntegrity:
===================================
  Date: 2016-03-23 05:44:46.578
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-12 04:09:49.271
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-11 03:36:47.182
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-04 02:35:52.188
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-03 03:36:25.041
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-12 05:49:17.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-11 03:35:42.433
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-29 03:36:46.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-13 13:42:29.777
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-13 06:44:38.424
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Jamie (administrator) on JAMIE-PC (25-03-2016 06:35:47)
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-07] (Google Inc.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series (Copy 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-06] (Glarysoft Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\RunOnce: [Uninstall C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-18\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\B-Link Wireless Utility.lnk [2016-01-10]
ShortcutTarget: B-Link Wireless Utility.lnk -> C:\Program Files (x86)\B-Link\Common\RaUI.exe (B-Link Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2015-09-23]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
BootExecute: autocheck autochk *  bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e146362e-446f-4d00-8d29-27b8870b4eec}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\3o3gxhf2.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://sharepoint/C1/C2/C4/Performance%20Reports/default.aspx
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-15]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 B-LinkCU; C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-25] (SurfRight B.V.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files (x86)\B-Link\Common\RaRegistry.exe [383280 2013-03-27] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe [452912 2013-02-04] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-02-22] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-02-28] (Glarysoft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-02-25] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-25 06:35 - 2016-03-25 06:36 - 00044808 _____ C:\Users\Jamie\Desktop\FRST.txt
2016-03-25 06:30 - 2016-03-25 06:30 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-03-24 06:26 - 2016-03-24 06:26 - 514759255 _____ C:\WINDOWS\MEMORY.DMP
2016-03-24 06:26 - 2016-03-24 06:26 - 00485012 _____ C:\WINDOWS\Minidump\032416-37796-01.dmp
2016-03-24 05:17 - 2016-03-24 05:17 - 00007448 _____ C:\Users\Jamie\Documents\cc_20160324_051711.reg
2016-03-24 05:13 - 2016-03-24 05:14 - 06868672 _____ (Piriform Ltd) C:\Users\Jamie\Downloads\ccsetup516.exe
2016-03-23 21:43 - 2016-03-23 21:43 - 00053248 _____ C:\WINDOWS\SysWOW64\zlib.dll
2016-03-23 21:43 - 2016-03-23 21:43 - 00001291 _____ C:\Users\Public\Desktop\CryptoPrevent.lnk
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\ProgramData\Foolish IT
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\Program Files (x86)\Foolish IT
2016-03-23 21:36 - 2016-03-23 21:36 - 00002089 _____ C:\Users\Jamie\Desktop\aswMBR.txt
2016-03-23 21:36 - 2016-03-23 21:36 - 00000512 _____ C:\Users\Jamie\Desktop\MBR.dat
2016-03-23 21:11 - 2016-03-23 21:12 - 05200384 _____ (AVAST Software) C:\Users\Jamie\Desktop\aswmbr.exe
2016-03-23 21:05 - 2016-03-25 06:35 - 00000000 ____D C:\FRST
2016-03-23 21:05 - 2016-03-23 21:06 - 00002090 _____ C:\Users\Jamie\Desktop\Fixlog.txt
2016-03-23 21:05 - 2016-03-23 21:05 - 02374144 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe
2016-03-23 21:03 - 2016-03-23 21:03 - 00000365 _____ C:\Users\Jamie\Desktop\temp virus text.txt
2016-03-23 21:02 - 2016-03-23 21:20 - 02619784 _____ (Foolish IT LLC ) C:\Users\Jamie\Desktop\CryptoPreventSetup.exe
2016-03-22 10:04 - 2016-03-22 10:04 - 00000000 ____D C:\Users\Jamie\Desktop\zava update archive
2016-03-21 20:35 - 2016-03-21 20:35 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-03-21 20:35 - 2016-03-21 20:35 - 00001743 _____ C:\Users\Jamie\Desktop\DelFix.txt
2016-03-21 20:34 - 2016-03-21 20:34 - 00000000 ____D C:\WINDOWS\ERUNT
2016-03-21 20:33 - 2016-03-21 20:35 - 00001743 _____ C:\DelFix.txt
2016-03-18 21:46 - 2016-03-18 21:46 - 00001313 _____ C:\Users\Jamie\Desktop\Todoist.lnk
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Doist_Ltd
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\CEF
2016-03-18 21:45 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Todoist
2016-03-16 13:27 - 2016-03-16 13:27 - 00041470 _____ C:\Users\Jamie\Downloads\manfred-klein_irish-unci-alphabet.zip
2016-03-16 13:27 - 2016-03-16 13:27 - 00036801 _____ C:\Users\Jamie\Downloads\astigmatic-one-eye-typographic-institute_uncial-antiqua.zip
2016-03-15 10:37 - 2016-03-15 10:37 - 00347816 _____ C:\Users\Jamie\Downloads\095952238523 (1).pdf
2016-03-14 21:23 - 2016-03-18 21:45 - 27704576 _____ (Doist Ltd. ) C:\Users\Jamie\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe
2016-03-13 12:14 - 2016-03-13 12:51 - 00012003 _____ C:\Users\Jamie\Desktop\avgrep.txt
2016-03-13 12:11 - 2016-03-13 12:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 12:06 - 2016-03-13 12:06 - 00000344 _____ C:\Users\Jamie\Desktop\Virus Removal.txt
2016-03-12 17:41 - 2016-03-12 17:45 - 04952064 _____ C:\Users\Jamie\Downloads\DesktopGadgetsInstaller.zip
2016-03-11 07:58 - 2016-03-11 07:58 - 00000029 _____ C:\Users\Jamie\Documents\Ebay Pending.txt
2016-03-11 07:09 - 2016-03-11 07:09 - 00005422 _____ C:\Users\Jamie\Documents\cc_20160311_060921.reg
2016-03-11 07:04 - 2016-03-11 07:07 - 15576432 _____ C:\Users\Jamie\Downloads\Glary_Utilities_v5.46.0.66.exe
2016-03-10 21:58 - 2016-03-10 21:58 - 00058292 _____ C:\Users\Jamie\Downloads\ufonts.com_lucidity-ballpoint.ttf
2016-03-10 08:29 - 2016-03-10 08:29 - 00347980 _____ C:\Users\Jamie\Downloads\095952238523.pdf
2016-03-09 06:40 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 06:40 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 06:40 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 05:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 06:40 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 06:40 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 06:40 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 06:40 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 06:40 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 06:40 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 06:40 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 06:40 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 04:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 06:40 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 06:40 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 06:40 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 03:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 06:40 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 06:40 - 2016-02-24 03:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 06:40 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 06:40 - 2016-02-24 03:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 06:40 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 06:40 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 06:40 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 06:40 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 06:40 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 06:40 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 06:40 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 06:40 - 2016-02-24 02:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 06:40 - 2016-02-24 01:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 06:40 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 06:40 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 06:40 - 2016-02-24 00:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 06:40 - 2016-02-24 00:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 06:39 - 2016-02-24 03:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 06:39 - 2016-02-24 03:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 06:39 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 06:39 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 06:39 - 2016-02-24 02:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 06:39 - 2016-02-24 02:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-07 21:11 - 2016-03-07 21:11 - 49028362 _____ C:\Users\Jamie\Downloads\Ash Blank Mock.psd
2016-03-07 21:04 - 2016-03-07 21:04 - 20941601 _____ C:\Users\Jamie\Downloads\wg_free_tee_mockup.zip
2016-03-03 20:28 - 2016-03-03 20:28 - 00001053 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-03-03 20:12 - 2016-03-03 20:13 - 00051443 _____ C:\Users\Jamie\Downloads\seangc.zip
2016-03-03 20:09 - 2016-03-03 20:09 - 00055425 _____ C:\Users\Jamie\Downloads\seantgc.zip
2016-03-03 15:35 - 2016-03-03 15:35 - 00265376 _____ C:\Users\Jamie\Documents\NCInvolvement logo.pdf
2016-03-03 14:30 - 2016-03-03 14:30 - 00494594 _____ C:\Users\Jamie\Downloads\cat-in-the-hat-354D450E-logoeps.com.zip
2016-03-03 13:43 - 2016-03-03 13:43 - 00210419 _____ C:\Users\Jamie\Downloads\the-fontry_jackport-college-ncv (2).zip
2016-03-02 13:41 - 2016-02-23 07:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 13:41 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 13:41 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 05:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 13:41 - 2016-02-23 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 13:41 - 2016-02-23 04:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 13:41 - 2016-02-23 04:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 03:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 13:41 - 2016-02-23 03:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 13:41 - 2016-02-23 03:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 02:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 13:41 - 2016-02-23 02:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 13:41 - 2016-02-08 23:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 13:41 - 2016-02-08 23:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 13:41 - 2016-02-08 23:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 07:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 13:40 - 2016-02-23 06:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 13:40 - 2016-02-23 06:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 13:40 - 2016-02-23 06:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 13:40 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 13:40 - 2016-02-23 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 13:40 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 13:40 - 2016-02-23 04:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 13:40 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 13:40 - 2016-02-23 04:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 13:40 - 2016-02-23 04:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 13:40 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 13:40 - 2016-02-23 03:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 13:40 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 13:40 - 2016-02-23 02:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 13:40 - 2016-02-23 02:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 13:39 - 2016-02-23 07:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 13:39 - 2016-02-23 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 13:39 - 2016-02-23 05:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 13:39 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 13:39 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 13:39 - 2016-02-23 05:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 13:39 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 13:39 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 13:39 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 13:39 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 13:39 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 13:39 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 13:39 - 2016-02-23 04:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 13:39 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 13:39 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 04:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 13:39 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 13:39 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 13:39 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 03:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 13:39 - 2016-02-23 03:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 13:39 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 02:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 13:39 - 2016-02-23 02:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 13:39 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 13:39 - 2016-02-23 02:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 13:39 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 13:38 - 2016-02-23 07:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 13:38 - 2016-02-23 07:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 13:38 - 2016-02-23 07:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 13:38 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 13:38 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 13:38 - 2016-02-23 07:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 13:38 - 2016-02-23 06:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 13:38 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 13:38 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 13:38 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 13:38 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 13:38 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 13:38 - 2016-02-23 05:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 13:38 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 13:38 - 2016-02-23 05:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 13:38 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 13:38 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 13:38 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 13:38 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 13:38 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 13:38 - 2016-02-23 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 13:38 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 13:38 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 13:38 - 2016-02-23 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 13:38 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 13:38 - 2016-02-23 04:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 13:38 - 2016-02-23 04:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 13:38 - 2016-02-23 04:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 13:38 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 13:38 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 13:38 - 2016-02-23 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 13:38 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 13:38 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 13:38 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 04:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 13:38 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 04:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 13:38 - 2016-02-23 04:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 13:38 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 13:38 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 13:38 - 2016-02-23 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 13:38 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 03:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 13:38 - 2016-02-23 03:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 13:38 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 13:38 - 2016-02-23 02:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 13:38 - 2016-02-23 02:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 13:38 - 2016-02-09 00:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 13:38 - 2016-02-09 00:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 13:38 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 13:38 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 11:21 - 2016-03-02 11:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-02-29 22:19 - 2016-02-29 22:19 - 00004381 _____ C:\Users\Jamie\Downloads\Hill-House.zip
2016-02-28 14:41 - 2016-02-28 14:41 - 00029512 _____ C:\Users\Jamie\Downloads\MTB.txt
2016-02-28 14:25 - 2016-03-25 06:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003382 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003028 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2016-02-28 14:25 - 2016-03-11 07:07 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-03-11 07:07 - 00001155 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-02-28 14:25 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\GlarySoft
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\DiskDefrag
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-02-28 14:24 - 2016-02-28 14:25 - 15575176 _____ C:\Users\Jamie\Downloads\gu5setup.exe
2016-02-28 14:17 - 2016-02-28 14:17 - 00039390 _____ C:\Users\Jamie\Documents\cc_20160228_131743.reg
2016-02-27 14:17 - 2016-02-27 14:17 - 00012884 _____ C:\Users\Jamie\Downloads\glyphobet-font-foundry_ripple.zip
2016-02-27 14:16 - 2016-02-27 14:16 - 00032668 _____ C:\Users\Jamie\Downloads\Eccentric.otf
2016-02-27 14:15 - 2016-02-27 14:15 - 00014401 _____ C:\Users\Jamie\Downloads\bad_acid.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-25 06:33 - 2016-02-16 08:31 - 00002411 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-03-25 06:33 - 2016-01-10 17:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 06:33 - 2015-12-18 00:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-25 06:33 - 2015-09-20 18:21 - 00000200 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-03-25 06:33 - 2015-09-20 16:35 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-25 06:32 - 2015-12-18 06:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-25 06:32 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-25 06:31 - 2015-12-18 00:12 - 00000000 ____D C:\Users\Jamie
2016-03-25 06:30 - 2015-12-18 06:32 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-25 06:28 - 2015-09-20 16:25 - 00000000 ____D C:\ProgramData\MFAData
2016-03-24 21:50 - 2015-09-20 16:35 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-24 21:34 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-03-24 19:53 - 2015-09-21 05:33 - 00000000 ____D C:\Users\Jamie\Documents\Outlook Files
2016-03-24 19:14 - 2015-10-15 15:00 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A918490-054D-4144-A030-7D635FECCB6B}
2016-03-24 12:14 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-24 12:05 - 2015-09-20 18:21 - 00000228 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2016-03-24 06:53 - 2016-02-15 07:53 - 00000366 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie).job
2016-03-24 06:34 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-24 06:33 - 2015-12-18 00:11 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-24 06:33 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-24 06:26 - 2016-01-13 06:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-24 06:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-24 05:55 - 2015-09-21 12:37 - 00000132 _____ C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-03-24 05:21 - 2016-01-10 17:55 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-24 05:21 - 2016-01-10 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-24 05:21 - 2016-01-10 17:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-24 05:16 - 2015-12-20 12:22 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 15:13 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-21 15:17 - 2016-01-28 08:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-21 15:06 - 2014-08-04 16:10 - 00000000 ____D C:\Users\Public\Desktop\Drivers & Applications for reinstallation
2016-03-20 19:09 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-20 11:18 - 2015-12-18 00:12 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-20 08:05 - 2015-09-20 17:36 - 00000000 ____D C:\Users\Jamie\Desktop\T-shirts
2016-03-20 07:49 - 2015-12-18 00:06 - 05011288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-17 19:44 - 2016-02-23 20:42 - 00003956 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1456274510
2016-03-17 19:44 - 2016-02-23 20:41 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 19:44 - 2016-02-23 20:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-14 20:53 - 2015-09-20 16:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:53 - 2015-09-20 16:35 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-13 07:56 - 2015-11-07 11:30 - 00000000 ____D C:\Users\Jamie\AppData\Local\ElevatedDiagnostics
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-03-11 13:11 - 2015-09-20 16:44 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 13:11 - 2015-09-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 07:07 - 2016-02-18 09:13 - 00000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 14:09 - 2016-01-10 17:55 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-10 14:08 - 2016-01-10 17:55 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-10 14:08 - 2016-01-10 17:55 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-09 07:39 - 2014-08-04 16:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 07:34 - 2014-08-04 16:15 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:10 - 2015-09-20 17:53 - 00000000 ____D C:\Users\Jamie\Desktop\Ebayready
2016-03-04 08:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 15:46 - 2015-09-20 17:39 - 00000000 ____D C:\Users\Jamie\Documents\T-shirts
2016-03-03 06:44 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 04:32 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 15:34 - 2015-10-20 09:16 - 00000000 ____D C:\Users\Jamie\Desktop\2016 Tee Work
2016-02-25 20:18 - 2015-11-20 15:56 - 00000000 ____D C:\Users\Jamie\Desktop\ZavaJams Setlist Archive
2016-02-25 15:43 - 2016-02-16 13:36 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-25 13:08 - 2016-02-16 13:36 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-24 14:34 - 2015-10-08 19:36 - 00001063 _____ C:\Users\Jamie\Desktop\Internet Explorer.lnk
2016-02-24 14:33 - 2015-09-27 16:48 - 00000000 ___RD C:\Users\Jamie\OneDrive
 
==================== Files in the root of some directories =======
 
2015-09-21 12:37 - 2016-03-24 05:55 - 0000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-20 08:15
 
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Jamie (administrator) on JAMIE-PC (25-03-2016 06:35:47)
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-07] (Google Inc.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series (Copy 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-06] (Glarysoft Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\RunOnce: [Uninstall C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-18\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\B-Link Wireless Utility.lnk [2016-01-10]
ShortcutTarget: B-Link Wireless Utility.lnk -> C:\Program Files (x86)\B-Link\Common\RaUI.exe (B-Link Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2015-09-23]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
BootExecute: autocheck autochk *  bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e146362e-446f-4d00-8d29-27b8870b4eec}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\3o3gxhf2.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://sharepoint/C1/C2/C4/Performance%20Reports/default.aspx
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-15]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 B-LinkCU; C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-25] (SurfRight B.V.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files (x86)\B-Link\Common\RaRegistry.exe [383280 2013-03-27] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe [452912 2013-02-04] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-02-22] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-02-28] (Glarysoft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-02-25] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-25 06:35 - 2016-03-25 06:36 - 00044808 _____ C:\Users\Jamie\Desktop\FRST.txt
2016-03-25 06:30 - 2016-03-25 06:30 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-03-24 06:26 - 2016-03-24 06:26 - 514759255 _____ C:\WINDOWS\MEMORY.DMP
2016-03-24 06:26 - 2016-03-24 06:26 - 00485012 _____ C:\WINDOWS\Minidump\032416-37796-01.dmp
2016-03-24 05:17 - 2016-03-24 05:17 - 00007448 _____ C:\Users\Jamie\Documents\cc_20160324_051711.reg
2016-03-24 05:13 - 2016-03-24 05:14 - 06868672 _____ (Piriform Ltd) C:\Users\Jamie\Downloads\ccsetup516.exe
2016-03-23 21:43 - 2016-03-23 21:43 - 00053248 _____ C:\WINDOWS\SysWOW64\zlib.dll
2016-03-23 21:43 - 2016-03-23 21:43 - 00001291 _____ C:\Users\Public\Desktop\CryptoPrevent.lnk
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\ProgramData\Foolish IT
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\Program Files (x86)\Foolish IT
2016-03-23 21:36 - 2016-03-23 21:36 - 00002089 _____ C:\Users\Jamie\Desktop\aswMBR.txt
2016-03-23 21:36 - 2016-03-23 21:36 - 00000512 _____ C:\Users\Jamie\Desktop\MBR.dat
2016-03-23 21:11 - 2016-03-23 21:12 - 05200384 _____ (AVAST Software) C:\Users\Jamie\Desktop\aswmbr.exe
2016-03-23 21:05 - 2016-03-25 06:35 - 00000000 ____D C:\FRST
2016-03-23 21:05 - 2016-03-23 21:06 - 00002090 _____ C:\Users\Jamie\Desktop\Fixlog.txt
2016-03-23 21:05 - 2016-03-23 21:05 - 02374144 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe
2016-03-23 21:03 - 2016-03-23 21:03 - 00000365 _____ C:\Users\Jamie\Desktop\temp virus text.txt
2016-03-23 21:02 - 2016-03-23 21:20 - 02619784 _____ (Foolish IT LLC ) C:\Users\Jamie\Desktop\CryptoPreventSetup.exe
2016-03-22 10:04 - 2016-03-22 10:04 - 00000000 ____D C:\Users\Jamie\Desktop\zava update archive
2016-03-21 20:35 - 2016-03-21 20:35 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-03-21 20:35 - 2016-03-21 20:35 - 00001743 _____ C:\Users\Jamie\Desktop\DelFix.txt
2016-03-21 20:34 - 2016-03-21 20:34 - 00000000 ____D C:\WINDOWS\ERUNT
2016-03-21 20:33 - 2016-03-21 20:35 - 00001743 _____ C:\DelFix.txt
2016-03-18 21:46 - 2016-03-18 21:46 - 00001313 _____ C:\Users\Jamie\Desktop\Todoist.lnk
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Doist_Ltd
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\CEF
2016-03-18 21:45 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Todoist
2016-03-16 13:27 - 2016-03-16 13:27 - 00041470 _____ C:\Users\Jamie\Downloads\manfred-klein_irish-unci-alphabet.zip
2016-03-16 13:27 - 2016-03-16 13:27 - 00036801 _____ C:\Users\Jamie\Downloads\astigmatic-one-eye-typographic-institute_uncial-antiqua.zip
2016-03-15 10:37 - 2016-03-15 10:37 - 00347816 _____ C:\Users\Jamie\Downloads\095952238523 (1).pdf
2016-03-14 21:23 - 2016-03-18 21:45 - 27704576 _____ (Doist Ltd. ) C:\Users\Jamie\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe
2016-03-13 12:14 - 2016-03-13 12:51 - 00012003 _____ C:\Users\Jamie\Desktop\avgrep.txt
2016-03-13 12:11 - 2016-03-13 12:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 12:06 - 2016-03-13 12:06 - 00000344 _____ C:\Users\Jamie\Desktop\Virus Removal.txt
2016-03-12 17:41 - 2016-03-12 17:45 - 04952064 _____ C:\Users\Jamie\Downloads\DesktopGadgetsInstaller.zip
2016-03-11 07:58 - 2016-03-11 07:58 - 00000029 _____ C:\Users\Jamie\Documents\Ebay Pending.txt
2016-03-11 07:09 - 2016-03-11 07:09 - 00005422 _____ C:\Users\Jamie\Documents\cc_20160311_060921.reg
2016-03-11 07:04 - 2016-03-11 07:07 - 15576432 _____ C:\Users\Jamie\Downloads\Glary_Utilities_v5.46.0.66.exe
2016-03-10 21:58 - 2016-03-10 21:58 - 00058292 _____ C:\Users\Jamie\Downloads\ufonts.com_lucidity-ballpoint.ttf
2016-03-10 08:29 - 2016-03-10 08:29 - 00347980 _____ C:\Users\Jamie\Downloads\095952238523.pdf
2016-03-09 06:40 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 06:40 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 06:40 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 05:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 06:40 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 06:40 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 06:40 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 06:40 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 06:40 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 06:40 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 06:40 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 06:40 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 04:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 06:40 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 06:40 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 06:40 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 03:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 06:40 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 06:40 - 2016-02-24 03:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 06:40 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 06:40 - 2016-02-24 03:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 06:40 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 06:40 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 06:40 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 06:40 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 06:40 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 06:40 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 06:40 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 06:40 - 2016-02-24 02:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 06:40 - 2016-02-24 01:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 06:40 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 06:40 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 06:40 - 2016-02-24 00:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 06:40 - 2016-02-24 00:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 06:39 - 2016-02-24 03:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 06:39 - 2016-02-24 03:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 06:39 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 06:39 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 06:39 - 2016-02-24 02:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 06:39 - 2016-02-24 02:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-07 21:11 - 2016-03-07 21:11 - 49028362 _____ C:\Users\Jamie\Downloads\Ash Blank Mock.psd
2016-03-07 21:04 - 2016-03-07 21:04 - 20941601 _____ C:\Users\Jamie\Downloads\wg_free_tee_mockup.zip
2016-03-03 20:28 - 2016-03-03 20:28 - 00001053 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-03-03 20:12 - 2016-03-03 20:13 - 00051443 _____ C:\Users\Jamie\Downloads\seangc.zip
2016-03-03 20:09 - 2016-03-03 20:09 - 00055425 _____ C:\Users\Jamie\Downloads\seantgc.zip
2016-03-03 15:35 - 2016-03-03 15:35 - 00265376 _____ C:\Users\Jamie\Documents\NCInvolvement logo.pdf
2016-03-03 14:30 - 2016-03-03 14:30 - 00494594 _____ C:\Users\Jamie\Downloads\cat-in-the-hat-354D450E-logoeps.com.zip
2016-03-03 13:43 - 2016-03-03 13:43 - 00210419 _____ C:\Users\Jamie\Downloads\the-fontry_jackport-college-ncv (2).zip
2016-03-02 13:41 - 2016-02-23 07:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 13:41 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 13:41 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 05:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 13:41 - 2016-02-23 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 13:41 - 2016-02-23 04:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 13:41 - 2016-02-23 04:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 03:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 13:41 - 2016-02-23 03:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 13:41 - 2016-02-23 03:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 02:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 13:41 - 2016-02-23 02:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 13:41 - 2016-02-08 23:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 13:41 - 2016-02-08 23:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 13:41 - 2016-02-08 23:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 07:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 13:40 - 2016-02-23 06:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 13:40 - 2016-02-23 06:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 13:40 - 2016-02-23 06:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 13:40 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 13:40 - 2016-02-23 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 13:40 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 13:40 - 2016-02-23 04:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 13:40 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 13:40 - 2016-02-23 04:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 13:40 - 2016-02-23 04:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 13:40 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 13:40 - 2016-02-23 03:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 13:40 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 13:40 - 2016-02-23 02:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 13:40 - 2016-02-23 02:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 13:39 - 2016-02-23 07:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 13:39 - 2016-02-23 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 13:39 - 2016-02-23 05:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 13:39 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 13:39 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 13:39 - 2016-02-23 05:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 13:39 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 13:39 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 13:39 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 13:39 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 13:39 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 13:39 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 13:39 - 2016-02-23 04:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 13:39 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 13:39 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 04:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 13:39 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 13:39 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 13:39 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 03:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 13:39 - 2016-02-23 03:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 13:39 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 02:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 13:39 - 2016-02-23 02:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 13:39 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 13:39 - 2016-02-23 02:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 13:39 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 13:38 - 2016-02-23 07:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 13:38 - 2016-02-23 07:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 13:38 - 2016-02-23 07:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 13:38 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 13:38 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 13:38 - 2016-02-23 07:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 13:38 - 2016-02-23 06:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 13:38 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 13:38 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 13:38 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 13:38 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 13:38 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 13:38 - 2016-02-23 05:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 13:38 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 13:38 - 2016-02-23 05:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 13:38 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 13:38 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 13:38 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 13:38 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 13:38 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 13:38 - 2016-02-23 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 13:38 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 13:38 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 13:38 - 2016-02-23 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 13:38 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 13:38 - 2016-02-23 04:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 13:38 - 2016-02-23 04:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 13:38 - 2016-02-23 04:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 13:38 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 13:38 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 13:38 - 2016-02-23 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 13:38 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 13:38 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 13:38 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 04:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 13:38 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 04:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 13:38 - 2016-02-23 04:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 13:38 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 13:38 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 13:38 - 2016-02-23 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 13:38 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 03:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 13:38 - 2016-02-23 03:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 13:38 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 13:38 - 2016-02-23 02:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 13:38 - 2016-02-23 02:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 13:38 - 2016-02-09 00:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 13:38 - 2016-02-09 00:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 13:38 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 13:38 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 11:21 - 2016-03-02 11:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-02-29 22:19 - 2016-02-29 22:19 - 00004381 _____ C:\Users\Jamie\Downloads\Hill-House.zip
2016-02-28 14:41 - 2016-02-28 14:41 - 00029512 _____ C:\Users\Jamie\Downloads\MTB.txt
2016-02-28 14:25 - 2016-03-25 06:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003382 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003028 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2016-02-28 14:25 - 2016-03-11 07:07 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-03-11 07:07 - 00001155 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-02-28 14:25 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\GlarySoft
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\DiskDefrag
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-02-28 14:24 - 2016-02-28 14:25 - 15575176 _____ C:\Users\Jamie\Downloads\gu5setup.exe
2016-02-28 14:17 - 2016-02-28 14:17 - 00039390 _____ C:\Users\Jamie\Documents\cc_20160228_131743.reg
2016-02-27 14:17 - 2016-02-27 14:17 - 00012884 _____ C:\Users\Jamie\Downloads\glyphobet-font-foundry_ripple.zip
2016-02-27 14:16 - 2016-02-27 14:16 - 00032668 _____ C:\Users\Jamie\Downloads\Eccentric.otf
2016-02-27 14:15 - 2016-02-27 14:15 - 00014401 _____ C:\Users\Jamie\Downloads\bad_acid.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-25 06:33 - 2016-02-16 08:31 - 00002411 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-03-25 06:33 - 2016-01-10 17:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 06:33 - 2015-12-18 00:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-25 06:33 - 2015-09-20 18:21 - 00000200 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-03-25 06:33 - 2015-09-20 16:35 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-25 06:32 - 2015-12-18 06:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-25 06:32 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-25 06:31 - 2015-12-18 00:12 - 00000000 ____D C:\Users\Jamie
2016-03-25 06:30 - 2015-12-18 06:32 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-25 06:28 - 2015-09-20 16:25 - 00000000 ____D C:\ProgramData\MFAData
2016-03-24 21:50 - 2015-09-20 16:35 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-24 21:34 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-03-24 19:53 - 2015-09-21 05:33 - 00000000 ____D C:\Users\Jamie\Documents\Outlook Files
2016-03-24 19:14 - 2015-10-15 15:00 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A918490-054D-4144-A030-7D635FECCB6B}
2016-03-24 12:14 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-24 12:05 - 2015-09-20 18:21 - 00000228 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2016-03-24 06:53 - 2016-02-15 07:53 - 00000366 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie).job
2016-03-24 06:34 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-24 06:33 - 2015-12-18 00:11 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-24 06:33 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-24 06:26 - 2016-01-13 06:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-24 06:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-24 05:55 - 2015-09-21 12:37 - 00000132 _____ C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-03-24 05:21 - 2016-01-10 17:55 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-24 05:21 - 2016-01-10 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-24 05:21 - 2016-01-10 17:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-24 05:16 - 2015-12-20 12:22 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 15:13 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-21 15:17 - 2016-01-28 08:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-21 15:06 - 2014-08-04 16:10 - 00000000 ____D C:\Users\Public\Desktop\Drivers & Applications for reinstallation
2016-03-20 19:09 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-20 11:18 - 2015-12-18 00:12 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-20 08:05 - 2015-09-20 17:36 - 00000000 ____D C:\Users\Jamie\Desktop\T-shirts
2016-03-20 07:49 - 2015-12-18 00:06 - 05011288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-17 19:44 - 2016-02-23 20:42 - 00003956 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1456274510
2016-03-17 19:44 - 2016-02-23 20:41 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 19:44 - 2016-02-23 20:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-14 20:53 - 2015-09-20 16:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:53 - 2015-09-20 16:35 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-13 07:56 - 2015-11-07 11:30 - 00000000 ____D C:\Users\Jamie\AppData\Local\ElevatedDiagnostics
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-03-11 13:11 - 2015-09-20 16:44 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 13:11 - 2015-09-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 07:07 - 2016-02-18 09:13 - 00000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 14:09 - 2016-01-10 17:55 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-10 14:08 - 2016-01-10 17:55 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-10 14:08 - 2016-01-10 17:55 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-09 07:39 - 2014-08-04 16:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 07:34 - 2014-08-04 16:15 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:10 - 2015-09-20 17:53 - 00000000 ____D C:\Users\Jamie\Desktop\Ebayready
2016-03-04 08:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 15:46 - 2015-09-20 17:39 - 00000000 ____D C:\Users\Jamie\Documents\T-shirts
2016-03-03 06:44 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 04:32 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 15:34 - 2015-10-20 09:16 - 00000000 ____D C:\Users\Jamie\Desktop\2016 Tee Work
2016-02-25 20:18 - 2015-11-20 15:56 - 00000000 ____D C:\Users\Jamie\Desktop\ZavaJams Setlist Archive
2016-02-25 15:43 - 2016-02-16 13:36 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-25 13:08 - 2016-02-16 13:36 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-24 14:34 - 2015-10-08 19:36 - 00001063 _____ C:\Users\Jamie\Desktop\Internet Explorer.lnk
2016-02-24 14:33 - 2015-09-27 16:48 - 00000000 ___RD C:\Users\Jamie\OneDrive
 
==================== Files in the root of some directories =======
 
2015-09-21 12:37 - 2016-03-24 05:55 - 0000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-20 08:15
 
==================== End of FRST.txt ============================

  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You will need to uninstall either AdAware antivirus or AVG antivirus as they will each detect the others signature file and cause false positives among other things
  • 0

#19
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

knew I had something setup like this when I was reading other posts before I initiated this one.

 

Will uninstall AVG and rescan


  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

OK let me know how that goes please

 

Use the AVG tool after uninstall to ensure it has all gone http://www.avg.com/gb-en/utilities


  • 0

#21
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

well I guess I need some more coffee....I meant to type adaware, I uninstalled that and read your post and then mistakenly uninstalled AVG -- whoops!

 

I installed Avast for now as I've read compliments on this anti-virus.

 

 here are my latest scans -

 

 aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software

Run date: 2016-03-25 10:19:26
-----------------------------
10:19:26.456    OS Version: Windows x64 6.2.9200 
10:19:26.456    Number of processors: 2 586 0x170A
10:19:26.456    ComputerName: JAMIE-PC  UserName: Jamie
10:19:33.474    Initialize success
10:19:33.521    VM: initialized successfully
10:19:33.536    VM: Intel CPU BiosDisabled 
10:20:57.025    AVAST engine defs: 16032300
10:22:42.353    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
10:22:42.353    Disk 0 Vendor: HITACHI_HUA722010ALA330 JP4ONS01 Size: 953869MB BusType: 3
10:22:42.416    Disk 0 MBR read successfully
10:22:42.432    Disk 0 MBR scan
10:22:42.432    Disk 0 unknown MBR code
10:22:42.432    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          500 MB offset 2048
10:22:42.447    Disk 0 Partition 2 00     27 Hidden NTFS WinRE NTFS         9000 MB offset 1026048
10:22:42.463    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS       944365 MB offset 19458048
10:22:42.478    Disk 0 scanning C:\WINDOWS\system32\drivers
10:22:50.682    Service scanning
10:23:14.885    Modules scanning
10:23:14.885    Disk 0 trace - called modules:
10:23:14.900    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys 
10:23:14.900    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000478f6470]
10:23:14.900    3 CLASSPNP.SYS[fffff801237a7d95] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xffffe00047430600]
10:23:16.791    AVAST engine scan C:\WINDOWS
10:23:19.025    AVAST engine scan C:\WINDOWS\system32
10:25:47.760    AVAST engine scan C:\WINDOWS\system32\drivers
10:25:59.370    AVAST engine scan C:\Users\Jamie
10:33:40.668    AVAST engine scan C:\ProgramData
10:34:42.465    Disk 0 statistics 3859683/0/0 @ 3.58 MB/s
10:34:42.465    Scan finished successfully
10:37:34.417    Disk 0 MBR has been saved successfully to "C:\Users\Jamie\Desktop\MBR.dat"
10:37:34.425    The log file has been saved successfully to "C:\Users\Jamie\Desktop\aswMBR.txt"
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Jamie (administrator) on JAMIE-PC (25-03-2016 10:17:35)
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-07] (Google Inc.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series (Copy 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-06] (Glarysoft Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\RunOnce: [Uninstall C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-18\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\B-Link Wireless Utility.lnk [2016-01-10]
ShortcutTarget: B-Link Wireless Utility.lnk -> C:\Program Files (x86)\B-Link\Common\RaUI.exe (B-Link Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2015-09-23]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
BootExecute: autocheck autochk *  bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e146362e-446f-4d00-8d29-27b8870b4eec}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\3o3gxhf2.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://sharepoint/C1/C2/C4/Performance%20Reports/default.aspx
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-15]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 B-LinkCU; C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-25] (SurfRight B.V.)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files (x86)\B-Link\Common\RaRegistry.exe [383280 2013-03-27] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe [452912 2013-02-04] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-02-22] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-02-28] (Glarysoft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-02-25] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-25 10:01 - 2016-03-25 10:01 - 00348573 _____ C:\Users\Jamie\Desktop\beach-award-winners_ss_010
2016-03-25 06:36 - 2016-03-25 06:37 - 00042833 _____ C:\Users\Jamie\Desktop\Addition.txt
2016-03-25 06:35 - 2016-03-25 10:17 - 00044358 _____ C:\Users\Jamie\Desktop\FRST.txt
2016-03-25 06:30 - 2016-03-25 06:30 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-03-24 06:26 - 2016-03-24 06:26 - 514759255 _____ C:\WINDOWS\MEMORY.DMP
2016-03-24 06:26 - 2016-03-24 06:26 - 00485012 _____ C:\WINDOWS\Minidump\032416-37796-01.dmp
2016-03-24 05:17 - 2016-03-24 05:17 - 00007448 _____ C:\Users\Jamie\Documents\cc_20160324_051711.reg
2016-03-24 05:13 - 2016-03-24 05:14 - 06868672 _____ (Piriform Ltd) C:\Users\Jamie\Downloads\ccsetup516.exe
2016-03-23 21:43 - 2016-03-23 21:43 - 00053248 _____ C:\WINDOWS\SysWOW64\zlib.dll
2016-03-23 21:43 - 2016-03-23 21:43 - 00001291 _____ C:\Users\Public\Desktop\CryptoPrevent.lnk
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\ProgramData\Foolish IT
2016-03-23 21:43 - 2016-03-23 21:43 - 00000000 ____D C:\Program Files (x86)\Foolish IT
2016-03-23 21:36 - 2016-03-25 08:48 - 00004178 _____ C:\Users\Jamie\Desktop\aswMBR.txt
2016-03-23 21:36 - 2016-03-25 08:48 - 00000512 _____ C:\Users\Jamie\Desktop\MBR.dat
2016-03-23 21:11 - 2016-03-23 21:12 - 05200384 _____ (AVAST Software) C:\Users\Jamie\Desktop\aswmbr.exe
2016-03-23 21:05 - 2016-03-25 10:17 - 00000000 ____D C:\FRST
2016-03-23 21:05 - 2016-03-23 21:06 - 00002090 _____ C:\Users\Jamie\Desktop\Fixlog.txt
2016-03-23 21:05 - 2016-03-23 21:05 - 02374144 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe
2016-03-23 21:03 - 2016-03-23 21:03 - 00000365 _____ C:\Users\Jamie\Desktop\temp virus text.txt
2016-03-23 21:02 - 2016-03-23 21:20 - 02619784 _____ (Foolish IT LLC ) C:\Users\Jamie\Desktop\CryptoPreventSetup.exe
2016-03-22 10:04 - 2016-03-22 10:04 - 00000000 ____D C:\Users\Jamie\Desktop\zava update archive
2016-03-21 20:35 - 2016-03-21 20:35 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-03-21 20:35 - 2016-03-21 20:35 - 00001743 _____ C:\Users\Jamie\Desktop\DelFix.txt
2016-03-21 20:34 - 2016-03-21 20:34 - 00000000 ____D C:\WINDOWS\ERUNT
2016-03-21 20:33 - 2016-03-21 20:35 - 00001743 _____ C:\DelFix.txt
2016-03-18 21:46 - 2016-03-18 21:46 - 00001313 _____ C:\Users\Jamie\Desktop\Todoist.lnk
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Doist_Ltd
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\CEF
2016-03-18 21:45 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Todoist
2016-03-16 13:27 - 2016-03-16 13:27 - 00041470 _____ C:\Users\Jamie\Downloads\manfred-klein_irish-unci-alphabet.zip
2016-03-16 13:27 - 2016-03-16 13:27 - 00036801 _____ C:\Users\Jamie\Downloads\astigmatic-one-eye-typographic-institute_uncial-antiqua.zip
2016-03-15 10:37 - 2016-03-15 10:37 - 00347816 _____ C:\Users\Jamie\Downloads\095952238523 (1).pdf
2016-03-14 21:23 - 2016-03-18 21:45 - 27704576 _____ (Doist Ltd. ) C:\Users\Jamie\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe
2016-03-13 12:14 - 2016-03-13 12:51 - 00012003 _____ C:\Users\Jamie\Desktop\avgrep.txt
2016-03-13 12:11 - 2016-03-13 12:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 12:06 - 2016-03-13 12:06 - 00000344 _____ C:\Users\Jamie\Desktop\Virus Removal.txt
2016-03-12 17:41 - 2016-03-12 17:45 - 04952064 _____ C:\Users\Jamie\Downloads\DesktopGadgetsInstaller.zip
2016-03-11 07:58 - 2016-03-11 07:58 - 00000029 _____ C:\Users\Jamie\Documents\Ebay Pending.txt
2016-03-11 07:09 - 2016-03-11 07:09 - 00005422 _____ C:\Users\Jamie\Documents\cc_20160311_060921.reg
2016-03-11 07:04 - 2016-03-11 07:07 - 15576432 _____ C:\Users\Jamie\Downloads\Glary_Utilities_v5.46.0.66.exe
2016-03-10 21:58 - 2016-03-10 21:58 - 00058292 _____ C:\Users\Jamie\Downloads\ufonts.com_lucidity-ballpoint.ttf
2016-03-10 08:29 - 2016-03-10 08:29 - 00347980 _____ C:\Users\Jamie\Downloads\095952238523.pdf
2016-03-09 06:40 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 06:40 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 06:40 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 05:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 06:40 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 06:40 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 06:40 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 06:40 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 06:40 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 06:40 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 06:40 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 06:40 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 04:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 06:40 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 06:40 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 06:40 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 03:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 06:40 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 06:40 - 2016-02-24 03:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 06:40 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 06:40 - 2016-02-24 03:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 06:40 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 06:40 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 06:40 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 06:40 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 06:40 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 06:40 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 06:40 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 06:40 - 2016-02-24 02:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 06:40 - 2016-02-24 01:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 06:40 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 06:40 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 06:40 - 2016-02-24 00:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 06:40 - 2016-02-24 00:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 06:39 - 2016-02-24 03:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 06:39 - 2016-02-24 03:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 06:39 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 06:39 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 06:39 - 2016-02-24 02:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 06:39 - 2016-02-24 02:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-07 21:11 - 2016-03-07 21:11 - 49028362 _____ C:\Users\Jamie\Downloads\Ash Blank Mock.psd
2016-03-07 21:04 - 2016-03-07 21:04 - 20941601 _____ C:\Users\Jamie\Downloads\wg_free_tee_mockup.zip
2016-03-03 20:28 - 2016-03-03 20:28 - 00001053 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-03-03 20:12 - 2016-03-03 20:13 - 00051443 _____ C:\Users\Jamie\Downloads\seangc.zip
2016-03-03 20:09 - 2016-03-03 20:09 - 00055425 _____ C:\Users\Jamie\Downloads\seantgc.zip
2016-03-03 15:35 - 2016-03-03 15:35 - 00265376 _____ C:\Users\Jamie\Documents\NCInvolvement logo.pdf
2016-03-03 14:30 - 2016-03-03 14:30 - 00494594 _____ C:\Users\Jamie\Downloads\cat-in-the-hat-354D450E-logoeps.com.zip
2016-03-03 13:43 - 2016-03-03 13:43 - 00210419 _____ C:\Users\Jamie\Downloads\the-fontry_jackport-college-ncv (2).zip
2016-03-02 13:41 - 2016-02-23 07:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 13:41 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 13:41 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 05:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 13:41 - 2016-02-23 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 13:41 - 2016-02-23 04:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 13:41 - 2016-02-23 04:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 03:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 13:41 - 2016-02-23 03:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 13:41 - 2016-02-23 03:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 02:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 13:41 - 2016-02-23 02:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 13:41 - 2016-02-08 23:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 13:41 - 2016-02-08 23:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 13:41 - 2016-02-08 23:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 07:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 13:40 - 2016-02-23 06:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 13:40 - 2016-02-23 06:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 13:40 - 2016-02-23 06:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 13:40 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 13:40 - 2016-02-23 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 13:40 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 13:40 - 2016-02-23 04:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 13:40 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 13:40 - 2016-02-23 04:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 13:40 - 2016-02-23 04:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 13:40 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 13:40 - 2016-02-23 03:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 13:40 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 13:40 - 2016-02-23 02:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 13:40 - 2016-02-23 02:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 13:39 - 2016-02-23 07:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 13:39 - 2016-02-23 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 13:39 - 2016-02-23 05:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 13:39 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 13:39 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 13:39 - 2016-02-23 05:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 13:39 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 13:39 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 13:39 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 13:39 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 13:39 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 13:39 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 13:39 - 2016-02-23 04:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 13:39 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 13:39 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 04:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 13:39 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 13:39 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 13:39 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 03:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 13:39 - 2016-02-23 03:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 13:39 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 02:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 13:39 - 2016-02-23 02:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 13:39 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 13:39 - 2016-02-23 02:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 13:39 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 13:38 - 2016-02-23 07:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 13:38 - 2016-02-23 07:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 13:38 - 2016-02-23 07:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 13:38 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 13:38 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 13:38 - 2016-02-23 07:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 13:38 - 2016-02-23 06:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 13:38 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 13:38 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 13:38 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 13:38 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 13:38 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 13:38 - 2016-02-23 05:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 13:38 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 13:38 - 2016-02-23 05:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 13:38 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 13:38 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 13:38 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 13:38 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 13:38 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 13:38 - 2016-02-23 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 13:38 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 13:38 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 13:38 - 2016-02-23 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 13:38 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 13:38 - 2016-02-23 04:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 13:38 - 2016-02-23 04:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 13:38 - 2016-02-23 04:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 13:38 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 13:38 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 13:38 - 2016-02-23 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 13:38 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 13:38 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 13:38 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 04:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 13:38 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 04:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 13:38 - 2016-02-23 04:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 13:38 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 13:38 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 13:38 - 2016-02-23 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 13:38 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 03:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 13:38 - 2016-02-23 03:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 13:38 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 13:38 - 2016-02-23 02:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 13:38 - 2016-02-23 02:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 13:38 - 2016-02-09 00:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 13:38 - 2016-02-09 00:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 13:38 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 13:38 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 11:21 - 2016-03-02 11:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-02-29 22:19 - 2016-02-29 22:19 - 00004381 _____ C:\Users\Jamie\Downloads\Hill-House.zip
2016-02-28 14:41 - 2016-02-28 14:41 - 00029512 _____ C:\Users\Jamie\Downloads\MTB.txt
2016-02-28 14:25 - 2016-03-25 10:16 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003382 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003028 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2016-02-28 14:25 - 2016-03-11 07:07 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-03-11 07:07 - 00001155 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-02-28 14:25 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\GlarySoft
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\DiskDefrag
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-02-28 14:24 - 2016-02-28 14:25 - 15575176 _____ C:\Users\Jamie\Downloads\gu5setup.exe
2016-02-28 14:17 - 2016-02-28 14:17 - 00039390 _____ C:\Users\Jamie\Documents\cc_20160228_131743.reg
2016-02-27 14:17 - 2016-02-27 14:17 - 00012884 _____ C:\Users\Jamie\Downloads\glyphobet-font-foundry_ripple.zip
2016-02-27 14:16 - 2016-02-27 14:16 - 00032668 _____ C:\Users\Jamie\Downloads\Eccentric.otf
2016-02-27 14:15 - 2016-02-27 14:15 - 00014401 _____ C:\Users\Jamie\Downloads\bad_acid.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-25 10:16 - 2016-01-10 17:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 10:16 - 2015-09-20 16:35 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-25 10:15 - 2015-12-18 00:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-25 10:15 - 2015-09-20 18:21 - 00000200 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-03-25 10:14 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-25 09:50 - 2015-09-20 16:35 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-25 08:51 - 2015-09-21 05:33 - 00000000 ____D C:\Users\Jamie\Documents\Outlook Files
2016-03-25 08:29 - 2015-09-20 16:25 - 00000000 ____D C:\ProgramData\MFAData
2016-03-25 06:53 - 2016-02-15 07:53 - 00000366 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie).job
2016-03-25 06:49 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-25 06:49 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-25 06:40 - 2015-12-18 00:11 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-25 06:40 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-25 06:32 - 2015-12-18 06:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-25 06:31 - 2015-12-18 00:12 - 00000000 ____D C:\Users\Jamie
2016-03-25 06:30 - 2015-12-18 06:32 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-24 21:34 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-03-24 19:14 - 2015-10-15 15:00 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A918490-054D-4144-A030-7D635FECCB6B}
2016-03-24 12:05 - 2015-09-20 18:21 - 00000228 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2016-03-24 06:26 - 2016-01-13 06:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-24 06:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-24 05:55 - 2015-09-21 12:37 - 00000132 _____ C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-03-24 05:21 - 2016-01-10 17:55 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-24 05:21 - 2016-01-10 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-24 05:21 - 2016-01-10 17:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-24 05:16 - 2015-12-20 12:22 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 15:13 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-21 15:17 - 2016-01-28 08:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-21 15:06 - 2014-08-04 16:10 - 00000000 ____D C:\Users\Public\Desktop\Drivers & Applications for reinstallation
2016-03-20 19:09 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-20 11:18 - 2015-12-18 00:12 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-20 08:05 - 2015-09-20 17:36 - 00000000 ____D C:\Users\Jamie\Desktop\T-shirts
2016-03-20 07:49 - 2015-12-18 00:06 - 05011288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-17 19:44 - 2016-02-23 20:42 - 00003956 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1456274510
2016-03-17 19:44 - 2016-02-23 20:41 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 19:44 - 2016-02-23 20:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-14 20:53 - 2015-09-20 16:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:53 - 2015-09-20 16:35 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-13 07:56 - 2015-11-07 11:30 - 00000000 ____D C:\Users\Jamie\AppData\Local\ElevatedDiagnostics
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-03-11 13:11 - 2015-09-20 16:44 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 13:11 - 2015-09-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 07:07 - 2016-02-18 09:13 - 00000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 14:09 - 2016-01-10 17:55 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-10 14:08 - 2016-01-10 17:55 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-10 14:08 - 2016-01-10 17:55 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-09 07:39 - 2014-08-04 16:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 07:34 - 2014-08-04 16:15 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:10 - 2015-09-20 17:53 - 00000000 ____D C:\Users\Jamie\Desktop\Ebayready
2016-03-04 08:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 15:46 - 2015-09-20 17:39 - 00000000 ____D C:\Users\Jamie\Documents\T-shirts
2016-03-03 06:44 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 04:32 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 15:34 - 2015-10-20 09:16 - 00000000 ____D C:\Users\Jamie\Desktop\2016 Tee Work
2016-02-25 20:18 - 2015-11-20 15:56 - 00000000 ____D C:\Users\Jamie\Desktop\ZavaJams Setlist Archive
2016-02-25 15:43 - 2016-02-16 13:36 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-25 13:08 - 2016-02-16 13:36 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-24 14:34 - 2015-10-08 19:36 - 00001063 _____ C:\Users\Jamie\Desktop\Internet Explorer.lnk
2016-02-24 14:33 - 2015-09-27 16:48 - 00000000 ___RD C:\Users\Jamie\OneDrive
 
==================== Files in the root of some directories =======
 
2015-09-21 12:37 - 2016-03-24 05:55 - 0000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-20 08:15
 
==================== End of FRST.txt ============================

  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A quick tip for Avast as you have it installed


Right click the Avast orange blob on the task bar
Go to Settings > General
Place a tick in "Scan for Potentially Unwanted Programmes (PUP's) "
pups.JPG

Run a quick scan with Avast and let me know how it is
  • 0

#23
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

here is the screen cap of the Avast scan - wasn't sure if I missed a logfile somewhere

  

 

Well I can't figure out how to past my screen cap here, so here is the breakdown of the results that were negative

 

Network Issues - need better PW for router 

Performance Issues -- which I think were resolved upon upgrading 

 

might need some more direction in Avast as I feel a bit stumped to what you need 


  • 0

#24
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

But it did not find/show any unwanted programs 


  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Open Avast and select scan for viruses

Untitled.jpg

This will open a new tab with scan history at the bottom .. Select that

Capture.JPG

That will then show the scan results

 

 


  • 0

Advertisements


#26
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

ahhhhhh I got it!  Wowza!! My bad - 

 

no issues fond 


  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

How is the computer behaving ?


  • 0

#28
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

seems to be acting normal with no major hiccups or overly noticeable lag in browsers or elsewhere. 


  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nice, if you wish with Avast you can configure which modules you want to be installed. If you need further info on that let me know

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP