Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Aaron (administrator) on BRONCO (02-02-2017 21:55:33)
Running from C:\Users\Aaron\Desktop
Loaded Profiles: Aaron & Guest (Available Profiles: Aaron & Guest)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Windows\src_srv\winsrcsrv.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVG Netherlands B.V) C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-25] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26142864 2017-01-18] (Dropbox, Inc.)
HKU\S-1-5-21-844885531-4042678230-2856532195-1001\...\Run: [Spotify Web Helper] => C:\Users\Aaron\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-01-03] (Spotify Ltd)
HKU\S-1-5-21-844885531-4042678230-2856532195-1001\...\Run: [Spotify] => C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-01-03] (Spotify Ltd)
HKU\S-1-5-21-844885531-4042678230-2856532195-1001\...\Run: [AceStream] => C:\Users\Aaron\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-844885531-4042678230-2856532195-1001\...\RunOnce: [Uninstall C:\Users\Aaron\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aaron\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
HKU\S-1-5-21-844885531-4042678230-2856532195-1001\...\MountPoints2: {1945a199-cc19-11e5-beea-448a5ba4c6e7} - "D:\LaunchU3.exe" -a
HKU\S-1-5-21-844885531-4042678230-2856532195-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk [2016-03-08]
ShortcutTarget: NETGEAR WNA3100 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8003
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8003
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8003
ProxyEnable: [S-1-5-21-844885531-4042678230-2856532195-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-844885531-4042678230-2856532195-1001] => 127.0.0.1:8003
ProxyEnable: [S-1-5-21-844885531-4042678230-2856532195-501] => Proxy is enabled.
ProxyServer: [S-1-5-21-844885531-4042678230-2856532195-501] => 127.0.0.1:8003
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{1f243cdf-79d4-4da3-8bd0-bdbb2037ae39}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{62156716-e2f4-4580-a0b4-93aba71fdace}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Internet Explorer:
==================
HKU\S-1-5-21-844885531-4042678230-2856532195-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://
www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-844885531-4042678230-2856532195-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-844885531-4042678230-2856532195-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-11] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-11] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 78xkqaey.default
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\78xkqaey.default [2017-02-02]
FF user.js: detected! => C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\78xkqaey.default\user.js [2016-06-10]
FF NetworkProxy: Mozilla\Firefox\Profiles\78xkqaey.default -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\78xkqaey.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-31]
FF Extension: (Diagnostics) - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\78xkqaey.default\features\{8e86b51c-8b69-4b25-ab06-17df99433f4a}\diagnostics@mozilla.org.xpi [2017-02-02]
FF Extension: (Send HSTS Priming Requests) - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\78xkqaey.default\features\{8e86b51c-8b69-4b25-ab06-17df99433f4a}\hsts-priming@mozilla.org.xpi [2017-02-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-31] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-11] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-844885531-4042678230-2856532195-1001: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Aaron\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-844885531-4042678230-2856532195-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aaron\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://
www.google.com/"
CHR Profile: C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default [2017-02-02]
CHR Extension: (Google Slides) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-06]
CHR Extension: (Google Docs) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-06]
CHR Extension: (Google Drive) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-06]
CHR Extension: (YouTube) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-06]
CHR Extension: (Google Search) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-06]
CHR Extension: (Session Buddy) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2017-01-09]
CHR Extension: (Google Sheets) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (AdBlock) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-01]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-10-30]
CHR Extension: (Ad.Block Plus) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfclfpagjbajdhoonjakjiipbmpldhkp [2016-03-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-27]
CHR Extension: (Ad.Block) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\oahdemopcekbpcbhgmebpjhfgdlemgfe [2016-03-07]
CHR Extension: (Browsec VPN - Privacy and Security Online) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-12-26]
CHR Extension: (Gmail) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-02]
CHR HKU\S-1-5-21-844885531-4042678230-2856532195-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
S4 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
S4 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-07] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-07] (Dropbox, Inc.)
S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-01-03] (Dropbox, Inc.)
S4 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-06-11] (Power Admin LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-30] (Microsoft Corporation)
R2 srcsrv; C:\WINDOWS\src_srv\winsrcsrv.exe [15360 2017-01-29] () [File not signed]
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663880 2016-09-28] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [652240 2016-07-14] (Wacom Technology, Corp.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-11-29] (Microsoft Corporation)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-02] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-02] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-02] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NPF; C:\WINDOWS\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 tapse01; C:\WINDOWS\System32\drivers\tapse01.sys [26624 2016-09-28] (The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2016-12-20] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205440 2016-12-20] (Oracle Corporation)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [102864 2016-03-02] (Wacom Technology)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-02-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-02] (Zemana Ltd.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-02 21:55 - 2017-02-02 21:55 - 00030499 _____ C:\Users\Aaron\Desktop\FRST.txt
2017-02-02 21:55 - 2017-02-02 21:55 - 00000000 ____D C:\FRST
2017-02-02 21:48 - 2017-02-02 21:55 - 02420736 _____ (Farbar) C:\Users\Aaron\Desktop\FRST64.exe
2017-02-02 21:39 - 2017-02-02 21:39 - 00000000 ___HD C:\$Windows.~WS
2017-02-02 21:33 - 2017-02-02 21:34 - 18309328 _____ (Microsoft Corporation) C:\Users\Aaron\Downloads\MediaCreationTool.exe
2017-02-02 21:11 - 2017-02-02 21:28 - 00000000 ____D C:\Windows10Upgrade
2017-02-02 21:11 - 2017-02-02 21:11 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2017-02-02 21:03 - 2017-02-02 21:03 - 00000000 ____D C:\ProgramData\dbg
2017-02-02 20:41 - 2017-02-02 21:29 - 00000000 ____D C:\Users\TEMP\AppData\Local\Packages
2017-02-02 20:41 - 2017-02-02 21:29 - 00000000 ____D C:\Users\TEMP
2017-02-02 20:40 - 2017-02-02 21:55 - 00084398 _____ C:\WINDOWS\ZAM.krnl.trace
2017-02-02 20:40 - 2017-02-02 21:55 - 00039074 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-02-02 20:06 - 2017-02-02 20:06 - 00000000 ____D C:\WINDOWS\pss
2017-02-02 20:00 - 2017-02-02 20:00 - 01875496 _____ (LogMeIn, Inc.) C:\Users\Aaron\Downloads\Support-LogMeInRescue (1).exe
2017-02-02 19:51 - 2017-02-02 19:51 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:50 - 2017-02-02 19:50 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-02 19:50 - 2017-01-20 10:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-02 19:50 - 2017-01-20 10:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-02 19:50 - 2017-01-20 10:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-02 19:50 - 2017-01-20 05:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-02-02 19:39 - 2017-02-02 19:40 - 00000196 _____ C:\Users\Aaron\Desktop\rejoin link.txt
2017-02-02 19:25 - 2017-02-02 19:25 - 00141864 _____ C:\Users\Aaron\Downloads\bluescreenview_setup.exe
2017-02-02 19:25 - 2017-02-02 19:25 - 00000000 ____D C:\Program Files (x86)\NirSoft
2017-02-02 19:18 - 2017-02-02 20:11 - 00000000 ____D C:\Users\Aaron\AppData\Local\LogMeIn Rescue Applet
2017-02-02 19:18 - 2017-02-02 19:18 - 01875496 _____ (LogMeIn, Inc.) C:\Users\Aaron\Downloads\Support-LogMeInRescue.exe
2017-02-02 19:18 - 2017-02-02 19:18 - 00002326 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
2017-02-02 18:36 - 2017-02-02 18:36 - 00001305 _____ C:\Users\Aaron\Desktop\new_chrome.exe - Shortcut.lnk
2017-02-02 18:01 - 2017-02-02 18:01 - 00000000 ____D C:\Users\Aaron\AppData\Local\PeerDistRepub
2017-02-02 17:45 - 2017-02-02 17:54 - 00000000 ____D C:\zoek
2017-02-02 17:28 - 2017-02-02 17:28 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-02-02 17:28 - 2017-02-02 17:28 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-02-02 17:28 - 2017-02-02 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-02-02 17:28 - 2017-02-02 17:28 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-02-02 17:27 - 2017-02-02 17:27 - 05677776 _____ (Zemana Ltd. ) C:\Users\Aaron\Downloads\Zemana.AntiMalware.Setup.exe
2017-02-02 17:27 - 2017-02-02 17:27 - 00000000 ____D C:\Users\Aaron\AppData\Local\Zemana
2017-02-02 17:19 - 2017-02-02 17:39 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2017-02-02 17:17 - 2017-02-02 17:59 - 00000000 ____D C:\zoek_backup
2017-02-02 17:17 - 2017-02-02 17:54 - 00003757 _____ C:\runcheck.txt
2017-02-02 17:15 - 2017-02-02 17:16 - 00000000 ____D C:\Program Files\HitmanPro
2017-02-02 17:10 - 2017-02-02 17:15 - 11581544 _____ (SurfRight B.V.) C:\Users\Aaron\Downloads\HitmanPro_x64.exe
2017-02-02 17:09 - 2017-02-02 17:10 - 04015056 _____ C:\Users\Aaron\Downloads\adwcleaner_6.043.exe
2017-02-02 09:29 - 2017-02-02 17:19 - 00000000 ____D C:\ProgramData\HitmanPro
2017-02-02 09:24 - 2017-02-02 09:24 - 00001361 _____ C:\Users\Aaron\Desktop\JRT.txt
2017-02-02 08:24 - 2017-02-02 18:49 - 00000000 ____D C:\AdwCleaner
2017-02-01 18:42 - 2017-02-01 18:42 - 00000000 ____D C:\Users\Aaron\Desktop\Chrome
2017-02-01 18:20 - 2017-02-01 18:20 - 00000000 ___HD C:\$SysReset
2017-02-01 17:43 - 2017-02-01 17:43 - 01065376 _____ (Google Inc.) C:\Users\Aaron\Downloads\ChromeSetup.exe
2017-02-01 17:12 - 2017-02-02 18:11 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-01 17:12 - 2017-02-01 17:12 - 00250208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-01 17:06 - 2017-02-02 21:30 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-01 17:06 - 2017-02-02 21:30 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-01 17:06 - 2017-02-02 21:30 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-01 17:06 - 2017-02-01 18:49 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-01 17:05 - 2017-02-01 17:05 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-01 17:05 - 2017-02-01 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-01 17:05 - 2017-02-01 17:05 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-01 17:05 - 2017-02-01 16:58 - 55566792 _____ (Malwarebytes ) C:\Users\Aaron\Desktop\mb3-setup-consumer-3.0.6.1469.exe
2017-02-01 17:05 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-01 16:40 - 2017-02-01 16:40 - 00000000 ____D C:\$WINDOWS.~BT
2017-02-01 16:21 - 2017-02-02 21:39 - 00000000 ____D C:\WINDOWS\Panther
2017-02-01 15:49 - 2017-02-02 17:33 - 00000000 ___HD C:\Program Files (x86)\Regulations
2017-02-01 15:49 - 2017-02-02 17:33 - 00000000 ___HD C:\Program Files (x86)\Polly
2017-02-01 15:49 - 2017-02-02 17:33 - 00000000 ___HD C:\Program Files (x86)\perils
2017-02-01 15:49 - 2017-02-01 15:49 - 00000000 ____D C:\Program Files (x86)\shimmers
2017-02-01 15:46 - 2017-02-01 15:46 - 00719521 _____ C:\WINDOWS\unins000.exe
2017-02-01 15:46 - 2017-02-01 15:46 - 00002943 _____ C:\WINDOWS\unins000.dat
2017-02-01 15:46 - 2017-02-01 15:46 - 00000000 ____D C:\WINDOWS\src_srv
2017-02-01 15:36 - 2017-02-01 15:36 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\PDAppFlex
2017-02-01 14:51 - 2017-02-02 21:32 - 00000480 _____ C:\WINDOWS\Tasks\AVG Driver Updater Startup.job
2017-02-01 14:51 - 2017-02-02 21:30 - 00000534 _____ C:\WINDOWS\Tasks\AVG Driver Updater Scan.job
2017-02-01 14:51 - 2017-02-02 20:42 - 00003324 _____ C:\WINDOWS\System32\Tasks\AVG Driver Updater Scan
2017-02-01 14:51 - 2017-02-02 19:45 - 00002974 _____ C:\WINDOWS\System32\Tasks\AVG Driver Updater Startup
2017-02-01 14:51 - 2017-02-01 14:51 - 00000000 ____D C:\Users\Aaron\AppData\Local\AVG Netherlands BV
2017-02-01 14:49 - 2017-02-02 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2017-02-01 14:49 - 2017-02-02 14:10 - 00000000 ____D C:\Program Files (x86)\AVG Driver Updater
2017-02-01 14:49 - 2017-02-01 14:49 - 00002513 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2017-02-01 14:27 - 2017-02-01 14:27 - 00000000 ____D C:\Users\Aaron\AppData\Local\Chromium
2017-02-01 13:23 - 2017-02-01 13:23 - 00008704 _____ (Maj) C:\WINDOWS\pernicious.exe
2017-01-30 11:36 - 2017-01-30 11:36 - 00108896 _____ C:\Users\Aaron\Desktop\AaronWestCoverLetter.Seattlepi.pdf
2017-01-26 19:50 - 2017-01-26 19:50 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-24 17:30 - 2016-12-20 23:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-24 17:30 - 2016-12-20 20:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-24 09:58 - 2017-02-02 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-23 14:27 - 2017-01-23 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-18 17:35 - 2017-02-01 15:19 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow\uTorrent
2017-01-12 11:14 - 2017-01-12 11:14 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-01-12 11:14 - 2017-01-12 11:14 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-01-12 11:14 - 2017-01-12 11:14 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-01-12 01:02 - 2017-01-17 21:43 - 00000000 ____D C:\Users\Aaron\Desktop\Hearst
2017-01-10 21:10 - 2016-12-21 00:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-10 21:10 - 2016-12-21 00:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-10 21:10 - 2016-12-21 00:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-10 21:10 - 2016-12-20 23:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-10 21:10 - 2016-12-20 23:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-10 21:10 - 2016-12-20 23:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-10 21:10 - 2016-12-20 23:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-10 21:10 - 2016-12-20 23:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-10 21:10 - 2016-12-20 23:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-10 21:10 - 2016-12-20 23:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-10 21:10 - 2016-12-20 23:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-10 21:10 - 2016-12-20 23:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-10 21:10 - 2016-12-20 23:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-10 21:10 - 2016-12-20 23:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-10 21:10 - 2016-12-20 23:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-10 21:10 - 2016-12-20 23:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-10 21:10 - 2016-12-20 23:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-10 21:10 - 2016-12-20 23:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-10 21:10 - 2016-12-20 23:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-10 21:10 - 2016-12-20 23:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-10 21:10 - 2016-12-20 23:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-10 21:10 - 2016-12-20 23:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-10 21:10 - 2016-12-20 23:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-10 21:10 - 2016-12-20 23:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-10 21:10 - 2016-12-20 23:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-10 21:10 - 2016-12-20 23:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-10 21:10 - 2016-12-20 23:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-10 21:10 - 2016-12-20 23:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-10 21:10 - 2016-12-20 23:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-10 21:10 - 2016-12-20 23:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-10 21:10 - 2016-12-20 23:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-10 21:10 - 2016-12-20 23:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-10 21:10 - 2016-12-20 23:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-10 21:10 - 2016-12-20 23:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-10 21:10 - 2016-12-20 23:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-10 21:10 - 2016-12-20 23:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-10 21:10 - 2016-12-20 23:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-10 21:10 - 2016-12-20 23:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-10 21:10 - 2016-12-20 23:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-10 21:10 - 2016-12-20 22:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-10 21:10 - 2016-12-20 22:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-10 21:10 - 2016-12-20 22:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-10 21:10 - 2016-12-20 22:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-10 21:10 - 2016-12-20 22:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-10 21:10 - 2016-12-20 22:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-10 21:10 - 2016-12-20 22:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-10 21:10 - 2016-12-20 22:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-10 21:10 - 2016-12-20 22:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-10 21:10 - 2016-12-20 22:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-10 21:10 - 2016-12-20 22:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-10 21:10 - 2016-12-20 22:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-10 21:10 - 2016-12-20 22:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-10 21:10 - 2016-12-20 22:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-10 21:10 - 2016-12-20 22:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-10 21:10 - 2016-12-20 22:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-10 21:10 - 2016-12-20 22:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-10 21:10 - 2016-12-20 22:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-10 21:10 - 2016-12-20 22:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-10 21:10 - 2016-12-20 22:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-10 21:10 - 2016-12-20 21:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-10 21:10 - 2016-12-20 21:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-10 21:10 - 2016-12-20 21:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-10 21:10 - 2016-12-20 21:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-10 21:10 - 2016-12-20 21:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-10 21:10 - 2016-12-20 21:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-10 21:10 - 2016-12-20 21:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-10 21:10 - 2016-12-20 21:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-10 21:10 - 2016-12-20 21:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-10 21:10 - 2016-12-20 20:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-10 21:10 - 2016-12-20 20:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-10 21:10 - 2016-12-20 20:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-10 21:10 - 2016-12-20 20:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-10 21:10 - 2016-12-20 20:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-10 21:10 - 2016-12-20 20:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-10 21:10 - 2016-12-20 20:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-10 21:10 - 2016-12-20 20:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-10 21:10 - 2016-12-20 20:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-10 21:10 - 2016-12-20 20:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-10 21:10 - 2016-12-20 20:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-10 21:10 - 2016-12-20 20:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-10 21:10 - 2016-12-20 20:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-10 21:10 - 2016-12-20 20:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-10 21:10 - 2016-12-20 20:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-10 21:10 - 2016-12-20 20:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-10 21:10 - 2016-12-20 20:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-10 21:10 - 2016-12-20 20:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-10 21:10 - 2016-12-20 20:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-10 21:10 - 2016-12-20 20:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-10 21:10 - 2016-12-20 20:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-10 21:10 - 2016-12-20 20:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-10 21:10 - 2016-12-20 20:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-10 21:10 - 2016-12-20 20:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-10 21:10 - 2016-12-20 20:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-10 21:10 - 2016-12-20 20:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-10 21:10 - 2016-12-20 20:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-10 21:10 - 2016-12-20 20:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-10 21:10 - 2016-12-13 21:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-10 21:10 - 2016-12-13 21:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-10 21:10 - 2016-12-13 21:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-10 21:10 - 2016-12-13 21:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-10 21:10 - 2016-12-13 21:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-10 21:10 - 2016-12-13 21:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-10 21:10 - 2016-12-13 21:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-10 21:10 - 2016-12-13 21:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-10 21:10 - 2016-12-13 21:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-10 21:10 - 2016-12-13 21:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-10 21:10 - 2016-12-13 21:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-10 21:10 - 2016-12-13 21:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-10 21:10 - 2016-12-13 21:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 21:10 - 2016-12-13 21:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-10 21:10 - 2016-12-13 21:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-10 21:10 - 2016-12-13 21:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-10 21:10 - 2016-12-13 21:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-10 21:10 - 2016-12-13 21:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-10 21:10 - 2016-12-13 21:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-10 21:10 - 2016-12-13 21:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-10 21:10 - 2016-12-13 21:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-10 21:10 - 2016-12-13 21:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-10 21:10 - 2016-12-13 20:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-10 21:10 - 2016-12-13 20:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-10 21:10 - 2016-12-13 20:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-10 21:10 - 2016-12-13 20:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-10 21:10 - 2016-12-13 20:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-10 21:10 - 2016-12-13 20:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-10 21:10 - 2016-12-13 20:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-10 21:10 - 2016-12-13 20:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 21:10 - 2016-12-13 20:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-10 21:10 - 2016-12-13 20:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-10 21:10 - 2016-12-13 20:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-10 21:10 - 2016-12-13 20:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-10 21:10 - 2016-12-13 20:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-10 21:10 - 2016-12-13 20:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-10 21:10 - 2016-12-13 20:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 21:10 - 2016-12-13 20:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-10 21:10 - 2016-12-13 20:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-10 21:10 - 2016-12-13 20:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-10 21:10 - 2016-12-13 20:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-10 21:10 - 2016-12-13 20:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-10 21:10 - 2016-12-13 20:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-10 21:10 - 2016-12-13 20:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-10 21:10 - 2016-12-13 20:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-10 21:10 - 2016-12-13 20:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-10 21:10 - 2016-12-13 20:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-10 21:10 - 2016-12-13 20:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-10 21:10 - 2016-12-13 20:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-10 21:10 - 2016-12-13 20:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-10 21:10 - 2016-12-13 20:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-10 21:10 - 2016-12-13 20:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-10 21:10 - 2016-12-13 20:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-10 21:10 - 2016-12-13 20:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-10 21:10 - 2016-12-13 20:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-10 21:10 - 2016-12-13 20:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-10 21:10 - 2016-12-13 20:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-10 21:10 - 2016-12-13 20:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-10 21:10 - 2016-12-13 20:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-10 21:10 - 2016-12-13 20:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-10 21:10 - 2016-12-13 20:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-10 21:10 - 2016-12-13 20:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-10 21:10 - 2016-12-13 20:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-10 21:10 - 2016-12-13 20:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-10 21:10 - 2016-12-13 20:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-10 21:10 - 2016-12-13 20:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 21:10 - 2016-12-13 20:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-10 21:10 - 2016-12-13 20:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-10 21:10 - 2016-11-02 04:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-10 21:10 - 2016-11-02 03:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-10 21:10 - 2016-11-02 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-10 21:10 - 2016-11-02 02:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-10 21:10 - 2016-11-02 02:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 21:10 - 2016-08-01 20:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-08 14:03 - 2017-01-08 14:03 - 00001149 ____N C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2017-01-08 14:03 - 2017-01-08 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-08 14:03 - 2017-01-08 14:03 - 00000000 ____D C:\Program Files\Oracle
2017-01-08 14:03 - 2016-12-20 16:32 - 00959720 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2017-01-08 14:03 - 2016-12-20 16:30 - 00149304 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2017-01-08 11:24 - 2017-01-08 11:24 - 00001822 ____N C:\Users\Public\Desktop\iTunes.lnk
2017-01-08 11:24 - 2017-01-08 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-01-08 11:24 - 2017-01-08 11:24 - 00000000 ____D C:\Program Files\iTunes
2017-01-08 11:24 - 2017-01-08 11:24 - 00000000 ____D C:\Program Files\iPod
2017-01-04 13:57 - 2017-01-04 14:08 - 00250882 _____ C:\Users\Aaron\Documents\AaronWest.CoverLetter.pdf
2017-01-04 12:58 - 2017-01-04 12:58 - 00249277 _____ C:\Users\Aaron\Documents\CoverLetter.AaronWest.pdf
2017-01-03 21:25 - 2017-01-03 21:25 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-01-03 15:04 - 2017-01-03 15:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LifeCamTrueColor_01011.Wdf
2017-01-03 15:04 - 2017-01-03 15:04 - 00000000 ____D C:\WINDOWS\SysWOW64\LifeCamTrueColor
2017-01-03 15:04 - 2017-01-03 15:04 - 00000000 ____D C:\WINDOWS\system32\LifeCamTrueColor
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-02 21:42 - 2016-09-30 18:17 - 00000000 ____D C:\Users\Aaron
2017-02-02 21:40 - 2016-09-30 18:22 - 00039513 _____ C:\WINDOWS\diagwrn.xml
2017-02-02 21:40 - 2016-09-30 18:22 - 00026457 _____ C:\WINDOWS\diagerr.xml
2017-02-02 21:36 - 2015-08-04 22:08 - 01873452 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-02 21:35 - 2016-09-30 18:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-02 21:32 - 2016-11-30 11:06 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-02 21:32 - 2014-12-09 22:08 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Spotify
2017-02-02 21:31 - 2016-11-25 23:12 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow\Mozilla
2017-02-02 21:31 - 2014-12-09 22:12 - 00000000 ____D C:\Users\Aaron\AppData\Local\Spotify
2017-02-02 21:30 - 2016-09-30 18:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-02 21:30 - 2016-07-15 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-02 21:20 - 2016-09-30 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-02 20:49 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-02 20:41 - 2016-02-13 05:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-02 20:23 - 2014-12-05 09:03 - 00000000 ____D C:\Users\Aaron\AppData\Local\ElevatedDiagnostics
2017-02-02 20:22 - 2015-03-05 08:24 - 00000000 ____D C:\Users\Aaron\AppData\Local\Adobe
2017-02-02 20:12 - 2016-06-11 10:31 - 00000000 ____D C:\Users\Aaron\AppData\Local\NVIDIA Corporation
2017-02-02 20:07 - 2016-03-06 19:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-02 19:53 - 2015-08-05 00:33 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-02 19:51 - 2016-10-31 09:40 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:51 - 2016-10-31 09:40 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-02-02 19:51 - 2016-09-30 18:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-02 19:51 - 2016-09-30 18:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-02 19:51 - 2016-09-30 18:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-02 19:51 - 2016-07-16 03:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-02 19:51 - 2016-06-11 10:31 - 00000000 ____D C:\Users\Aaron\AppData\Local\NVIDIA
2017-02-02 19:50 - 2016-10-31 09:40 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:50 - 2016-10-31 09:40 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:50 - 2016-10-31 09:40 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:50 - 2016-10-31 09:40 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:50 - 2016-10-31 09:40 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 19:45 - 2016-03-06 23:24 - 00000000 ____D C:\ProgramData\MFAData
2017-02-02 19:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\registration
2017-02-02 18:56 - 2016-07-15 22:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-02 18:52 - 2013-08-22 07:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-02 18:36 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-02 18:11 - 2015-04-20 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-02 18:01 - 2016-12-07 10:05 - 00000000 ___RD C:\Users\Aaron\Dropbox
2017-02-02 17:48 - 2016-09-30 18:19 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2017-02-02 17:48 - 2016-09-30 18:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2017-02-02 17:33 - 2015-04-20 20:22 - 00001052 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2017-02-02 14:12 - 2016-12-07 10:02 - 00000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-02-02 14:12 - 2016-12-07 10:02 - 00000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-02-02 14:12 - 2016-09-30 18:17 - 00000000 ____D C:\Users\Guest
2017-02-02 14:10 - 2014-12-11 23:00 - 00000000 ____D C:\Users\Aaron\Desktop\Writing
2017-02-02 14:10 - 2014-12-05 09:52 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-01 18:52 - 2016-09-30 18:22 - 00003404 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-01 18:52 - 2016-09-30 18:22 - 00003180 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-01 18:51 - 2016-12-07 10:02 - 00003494 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-02-01 18:51 - 2016-12-07 10:02 - 00003270 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-02-01 18:45 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-01 17:05 - 2016-03-06 22:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-01 15:34 - 2014-12-25 15:31 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\vlc
2017-02-01 15:20 - 2014-12-06 03:14 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\uTorrent
2017-02-01 14:45 - 2016-09-30 18:22 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-844885531-4042678230-2856532195-1001
2017-02-01 14:45 - 2016-09-30 18:22 - 00002338 _____ C:\WINDOWS\System32\Tasks\Tajfe
2017-02-01 14:44 - 2016-12-15 13:41 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-01 14:44 - 2016-09-30 18:22 - 00002824 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Bronco-Aaron
2017-02-01 14:43 - 2016-09-30 18:22 - 00003798 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-02-01 14:42 - 2014-12-06 10:49 - 00000000 ____D C:\Users\Aaron\AppData\Local\Battle.net
2017-02-01 14:27 - 2015-02-27 23:19 - 00000000 ____D C:\Users\Aaron\AppData\Local\Steam
2017-02-01 08:07 - 2016-09-30 18:22 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-01-30 00:11 - 2016-11-16 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-25 19:19 - 2016-07-16 03:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-23 14:27 - 2016-12-07 10:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-01-20 18:16 - 2015-08-04 22:31 - 00002399 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-20 18:16 - 2015-08-04 22:31 - 00000000 ___RD C:\Users\Aaron\OneDrive
2017-01-20 10:39 - 2016-10-31 09:40 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-20 10:39 - 2016-10-31 09:40 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-20 10:39 - 2016-10-31 09:40 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-20 10:39 - 2016-10-31 09:40 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-20 10:39 - 2016-10-31 09:40 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-20 10:39 - 2016-06-11 10:31 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-01-20 06:07 - 2016-10-31 09:40 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-01-18 01:37 - 2016-04-14 19:27 - 00001009 ____N C:\Users\Public\Desktop\AVG Protection.lnk
2017-01-14 02:46 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 10:14 - 2014-12-04 21:13 - 00000000 ____D C:\Users\Aaron\AppData\Local\Packages
2017-01-11 08:26 - 2016-09-30 18:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-11 08:26 - 2014-12-05 21:12 - 00000000 __SHD C:\Users\Aaron\IntelGraphicsProfiles
2017-01-11 08:25 - 2016-07-16 03:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 08:25 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 08:25 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 08:25 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 08:25 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 08:25 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-10 22:40 - 2014-12-06 02:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-10 22:39 - 2014-12-06 02:14 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-09 16:43 - 2016-03-06 19:18 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-01-09 05:33 - 2016-03-07 20:40 - 00000000 ____D C:\Users\Aaron\VirtualBox VMs
2017-01-09 05:33 - 2016-03-07 20:39 - 00000000 ____D C:\Users\Aaron\.VirtualBox
2017-01-08 18:03 - 2016-07-28 15:25 - 00000000 ____D C:\Users\Aaron\Desktop\rando
2017-01-08 11:24 - 2016-06-21 14:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-01-07 15:52 - 2016-10-31 10:04 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-07 00:18 - 2016-10-31 10:07 - 00000000 ____D C:\Program Files (x86)\Overwatch
==================== Files in the root of some directories =======
2015-03-21 17:48 - 2015-03-21 18:16 - 184702896 _____ () C:\Users\Aaron\AppData\Local\ACCCx2_9_1_474.zip.aamdownload
2015-03-21 17:48 - 2015-03-21 18:16 - 0002216 _____ () C:\Users\Aaron\AppData\Local\ACCCx2_9_1_474.zip.aamdownload.aamd
2015-06-09 21:36 - 2015-06-09 21:38 - 182572124 _____ () C:\Users\Aaron\AppData\Local\ACCCx3_0_1_88.zip.aamdownload
2015-06-09 21:36 - 2015-06-09 21:38 - 0002194 _____ () C:\Users\Aaron\AppData\Local\ACCCx3_0_1_88.zip.aamdownload.aamd
2016-09-06 17:45 - 2016-09-06 17:45 - 0002100 _____ () C:\Users\Aaron\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
2017-02-02 19:51 - 2017-01-20 10:39 - 5003712 _____ (NVIDIA Corporation) C:\Users\Aaron\AppData\Local\Temp\NVI2_29.DLL
2016-10-31 09:40 - 2016-09-29 20:25 - 0950328 _____ (NVIDIA Corporation) C:\Users\Aaron\AppData\Local\Temp\NvTelemetry.dll
2016-10-31 09:40 - 2016-09-29 20:25 - 0198200 _____ (NVIDIA Corporation) C:\Users\Aaron\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-10-31 09:40 - 2016-09-29 20:25 - 0242232 _____ (NVIDIA Corporation) C:\Users\Aaron\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-29 11:17
==================== End of FRST.txt ============================