CloseProcesses:
CreateRestorePoint:
2016-08-23 13:02 - 2016-08-23 13:02 - 00049672 _____ C:\Users\Ryan\AppData\Local\fbbwudfn.jy
2016-08-23 13:02 - 2016-08-23 13:02 - 00012228 _____ C:\Users\Ryan\AppData\Local\gchbgoka
2016-08-21 17:19 - 2016-08-21 17:19 - 00049672 _____ C:\Users\Ryan\AppData\Roaming\opoweeai.drh
2016-08-21 17:19 - 2016-08-21 17:19 - 00009994 _____ C:\Users\Ryan\AppData\Roaming\rowgleru
2016-08-20 20:44 - 2016-08-21 13:19 - 00000000 ____D C:\ProgramData\RevitInterProcess
2016-08-20 20:43 - 2016-08-20 20:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-19 22:14 - 2016-08-29 10:57 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\BrowserMe
2016-08-19 22:14 - 2016-08-29 10:54 - 00000656 ____H C:\ProgramData\@system3.att
2016-08-19 22:14 - 2016-08-19 22:14 - 00000480 ____H C:\Users\Ryan\AppData\Roaming\½Ó
2016-08-19 21:59 - 2016-08-29 10:57 - 00000000 ____D C:\Users\Ryan\AppData\Local\AXworks
2016-08-19 21:58 - 2016-08-20 16:36 - 00003998 _____ C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV
2016-08-19 18:03 - 2016-08-19 18:03 - 00003748 _____ C:\Users\Ryan\AppData\Roaming\juncture.txn
2016-08-19 18:03 - 2016-08-19 18:03 - 00000250 _____ C:\Users\Ryan\AppData\Roaming\ecbolic.xnm
C:\ProgramData\@000001.dat
C:\Users\Ryan\AppData\Local\Temp\libeay32.dll
C:\Users\Ryan\AppData\Local\Temp\msvcr120.dll
C:\Users\Ryan\AppData\Local\Temp\sqlite3.dll
C:\Users\Ryan\AppData\Local\751c12\ed6901.bat (No File)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: