Jump to content

jesstahoz

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Everything posted by jesstahoz

  1. jesstahoz
    Yes, I've actually gotten my information from the about section. It shows I'm not up to date with the last posted update a few minutes ago. I'm set to update every 15 minutes now. We will see if it works.
  2. jesstahoz
    My information doesn't match, but I did just download it this morning. Really confused why there is already a new update. How do I update so that I can stop getting the notifications. Thanks for the help!
  3. jesstahoz
    Right! I literally downloaded today for the first time. I keep seeing two threats every time I do a scan as well.
  4. jesstahoz
    Hi, I've been getting the outbound notifications too. Can i get help? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017 Ran by jesst (administrator) on LAPTOP-TCKSBIJU (02-03-2017 08:52:14) Running from C:\Users\jesst\Downloads Loaded Profiles: jesst (Available Profiles: jesst) Platform: Windows 10 Home Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxEM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Setup\avgsetupx.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9039880 2016-11-11] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare) HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP) HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\...\Run: [Chromium] => c:\users\jesst\appdata\local\chromium\application\chrome.exe [1035264 2016-03-17] (The Chromium Authors) HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\...\Run: [GoogleChromeAutoLaunch_283943E45532D844A97475C798351EE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\...\MountPoints2: {827c79a0-30b5-11e6-b914-08d40cfdc5f9} - "F:\VZW_Software_upgrade_assistant.exe" ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.) BootExecute: autocheck autochk /r \??\Z:autocheck autochk * GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50 Tcpip\..\Interfaces\{a41626a5-6236-4dd2-8439-9098a2368efb}: [DhcpNameServer] 24.116.0.53 24.116.2.50 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-511d79bd HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-511d79bd HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={3D9FDDCF-FAE3-4CDC-8D5D-E0C5EEC6645B}&mid=9f2df9c5e3f547cf9a85d99d4a192c0a-41b42325da8fd222bf84529fafff1d402dfef065&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-19 00:34:09&v=4.3.6.255&pid=wtu&sg=&sap=hp HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms} SearchScopes: HKLM -> {625D2799-9641-496C-A658-4AB9DFB660A7} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms} SearchScopes: HKLM-x32 -> {625D2799-9641-496C-A658-4AB9DFB660A7} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3D9FDDCF-FAE3-4CDC-8D5D-E0C5EEC6645B}&mid=9f2df9c5e3f547cf9a85d99d4a192c0a-41b42325da8fd222bf84529fafff1d402dfef065&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-19 00:34:09&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms} SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> {625D2799-9641-496C-A658-4AB9DFB660A7} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3D9FDDCF-FAE3-4CDC-8D5D-E0C5EEC6645B}&mid=9f2df9c5e3f547cf9a85d99d4a192c0a-41b42325da8fd222bf84529fafff1d402dfef065&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-19 00:34:09&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation) BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasafeweb&v=1_0_chromeextension_unknown__&searchfeed=web&hsimp=yhs-panda1&ent=ch_ss&q={searchTerms} CHR DefaultSearchKeyword: Default -> safeWeb CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff CHR Profile: C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default [2017-03-02] CHR Extension: (Google Slides) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-23] CHR Extension: (Web Boost - Wait Less, Browse Faster!) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbkhnpmoamidjgbneafjipbmdfpefad [2016-08-05] CHR Extension: (Google Docs) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-23] CHR Extension: (Google Drive) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-23] CHR Extension: (YouTube) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-23] CHR Extension: (Norton Security Toolbar) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-13] CHR Extension: (Netflix) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2016-06-09] CHR Extension: (Dropbox for Gmail) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-03-01] CHR Extension: (Norton Home Page for Chrome) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-08-07] CHR Extension: (Google Sheets) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-23] CHR Extension: (Google Docs Offline) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25] CHR Extension: (CloudConvert) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2016-12-03] CHR Extension: (Tris) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hinkmcnegnkncphhncbiohnomfgdegce [2017-01-14] CHR Extension: (Norton Identity Safe) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-09-07] CHR Extension: (Flatbook) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2017-03-02] CHR Extension: (Norton Safe) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-05] CHR Extension: (Chrome Web Store Payments) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21] CHR Extension: (Gmail) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-23] CHR Extension: (Chrome Media Router) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-13] CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation) S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHeciSvc.exe [301528 2016-12-06] (Intel Corporation) S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHDCPSvc.exe [480216 2016-12-06] (Intel Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.) R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1419424 2016-12-04] (Intel Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.) R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe [341976 2016-12-06] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation) S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-11] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [321032 2016-11-11] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-08-19] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-12-04] (Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-12-04] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [249616 2016-10-18] (Intel Corporation) R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igdkmd64.sys [11039704 2016-12-06] (Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-02] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-02] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-02] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-02] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-02] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () U5 Netwtw02; C:\Windows\System32\Drivers\Netwtw02.sys [6724368 2016-02-06] (Intel Corporation) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-20] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-02-25] (Realsil Semiconductor Corporation) S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [58984 2016-02-23] (Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72824 2016-08-19] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2017-03-02] (SlimWare Utilities, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [32832 2016-07-31] (HP) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-02 08:52 - 2017-03-02 08:52 - 00029263 _____ C:\Users\jesst\Downloads\FRST.txt 2017-03-02 08:52 - 2017-03-02 08:52 - 00000000 ____D C:\FRST 2017-03-02 08:51 - 2017-03-02 08:51 - 02423808 _____ (Farbar) C:\Users\jesst\Downloads\FRST64.exe 2017-03-02 08:50 - 2017-03-02 08:51 - 01765888 _____ (Farbar) C:\Users\jesst\Downloads\FRST.exe 2017-03-02 08:50 - 2017-03-02 08:50 - 01765888 _____ (Farbar) C:\Users\jesst\Downloads\FRST (1).exe 2017-03-02 08:48 - 2017-03-02 08:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign96ac0b97af133ebf 2017-03-02 08:46 - 2017-03-02 08:46 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6ec493abb0bb72aa 2017-03-02 08:44 - 2017-03-02 08:44 - 00000000 ___HD C:\OneDriveTemp 2017-03-02 08:40 - 2017-03-02 08:42 - 00000000 ____D C:\Users\TEMP 2017-03-02 08:27 - 2017-03-02 08:27 - 00000000 ____D C:\Users\jesst\AppData\Local\SlimWare Utilities Inc 2017-03-02 07:34 - 2017-03-02 08:40 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-03-02 07:34 - 2017-03-02 08:40 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-03-02 07:34 - 2017-03-02 08:40 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-03-02 07:34 - 2017-03-02 08:40 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-03-02 07:33 - 2017-03-02 08:40 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-03-02 07:33 - 2017-03-02 07:33 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-03-02 07:33 - 2017-03-02 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-03-02 07:33 - 2017-03-02 07:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-03-02 07:33 - 2017-03-02 07:33 - 00000000 ____D C:\Program Files\Malwarebytes 2017-03-02 07:33 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-03-02 07:30 - 2017-03-02 07:32 - 57131432 _____ (Malwarebytes ) C:\Users\jesst\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe 2017-03-02 07:17 - 2017-03-02 07:17 - 11581544 _____ (SurfRight B.V.) C:\Users\jesst\Downloads\hitmanpro_x64 (1).exe 2017-03-02 07:17 - 2017-03-02 07:17 - 11005320 _____ (SurfRight B.V.) C:\Users\jesst\Downloads\HitmanPro (1).exe 2017-03-01 20:27 - 2017-03-01 20:27 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1b2f1e11cdeb408d 2017-03-01 20:26 - 2017-03-01 20:26 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign22a4e772e9a214f9 2017-03-01 20:02 - 2017-03-01 21:51 - 00037636 _____ C:\Users\jesst\Desktop\Confusion trailer.wve 2017-03-01 19:59 - 2017-03-01 19:59 - 00005546 _____ C:\Users\jesst\Downloads\maddi-talking.aup 2017-02-28 18:28 - 2017-02-28 18:28 - 02646262 _____ C:\Users\jesst\Desktop\VE Project 1.wve 2017-02-28 15:04 - 2017-02-28 15:04 - 00007588 _____ C:\Users\jesst\Downloads\affection-2026171.svg 2017-02-28 14:09 - 2017-02-28 14:09 - 05902415 _____ C:\Users\jesst\Downloads\Outdoors - 728.mp4 2017-02-28 13:46 - 2017-02-28 13:46 - 09661787 _____ C:\Users\jesst\Downloads\Fairy Dust - 3120.mp4 2017-02-28 13:32 - 2017-02-28 13:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6b37286d9b03a5fe 2017-02-28 10:05 - 2017-02-28 10:05 - 01445348 _____ C:\Users\jesst\Downloads\lame-3.99.5.tar.gz 2017-02-28 09:59 - 2017-02-28 09:59 - 00005546 _____ C:\Users\jesst\Desktop\maddi talking.aup 2017-02-28 09:59 - 2017-02-28 09:59 - 00000000 ____D C:\Users\jesst\Desktop\maddi talking_data 2017-02-28 09:01 - 2017-02-28 09:01 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign11df99d2eeb283b3 2017-02-28 09:00 - 2017-02-28 09:00 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignfb860b783a39cd30 2017-02-28 09:00 - 2017-02-28 09:00 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign63290e91ccca43b8 2017-02-27 22:21 - 2017-02-27 22:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc1db6da91f0a0b05 2017-02-27 22:21 - 2017-02-27 22:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1e560f4f0cf51954 2017-02-27 22:21 - 2017-02-27 22:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1b12249d5a9ce991 2017-02-27 22:20 - 2017-02-27 22:20 - 01512927 _____ (Audacity Team ) C:\Users\jesst\Downloads\LADSPA_plugins-win-0.4.15.exe 2017-02-27 21:31 - 2017-02-27 21:32 - 00000000 ____D C:\Users\jesst\OneDrive\Documents\Sound recordings 2017-02-27 21:28 - 2017-02-27 21:28 - 00000000 ____D C:\Users\jesst\AppData\Local\ElevatedDiagnostics 2017-02-27 21:12 - 2017-02-27 21:12 - 62146042 _____ C:\Users\jesst\Desktop\Paul cover wrap.psd 2017-02-27 21:11 - 2017-02-27 21:11 - 49116337 _____ C:\Users\jesst\Desktop\Girl with green eyes.psd 2017-02-27 20:19 - 2017-02-27 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-27 17:48 - 2017-02-27 17:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign03f18256be9fb325 2017-02-27 17:04 - 2017-02-27 17:04 - 10010585 _____ C:\Users\jesst\Downloads\Liquid - 16.mp4 2017-02-27 16:22 - 2017-02-27 16:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbde9c1b574281b06 2017-02-27 14:38 - 2017-02-27 14:38 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignffc4b571121a4d9a 2017-02-27 14:06 - 2017-02-27 14:06 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbdfd9315f53f0d3b 2017-02-27 14:02 - 2017-02-27 14:02 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign828d1c579671335c 2017-02-27 14:02 - 2017-02-27 14:02 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign09e52c6f0ea24db1 2017-02-27 12:48 - 2017-02-27 12:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd1a6db34e72202b1 2017-02-27 12:48 - 2017-02-27 12:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2626346d00582d35 2017-02-27 11:59 - 2017-02-27 11:59 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign03fc2c1c628d88fd 2017-02-27 11:57 - 2017-02-27 11:57 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigne778a429e6c22128 2017-02-27 11:57 - 2017-02-27 11:57 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc6f55d52ff940f4e 2017-02-27 10:31 - 2017-02-27 10:31 - 30883185 _____ C:\Users\jesst\Desktop\Paul cover.psd 2017-02-27 10:30 - 2017-02-27 10:30 - 120503940 _____ C:\Users\jesst\Downloads\028-6x9-Boxset-with-Book-Removed-Template-COVERVAULT.zip 2017-02-27 09:50 - 2017-02-27 09:50 - 08578305 _____ C:\Users\jesst\Downloads\AdobeStock_106252282 (1).jpeg 2017-02-27 09:49 - 2017-02-27 09:49 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign91c37978a79d3758 2017-02-26 17:34 - 2017-02-26 17:34 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign003b62f940c3a900 2017-02-26 17:31 - 2017-02-27 09:50 - 09446576 _____ C:\Users\jesst\Desktop\McGregor Series.pdf 2017-02-26 15:30 - 2017-02-26 15:31 - 136051364 _____ C:\Users\jesst\Desktop\McGregor Series.psd 2017-02-26 14:58 - 2017-02-26 14:59 - 113607468 _____ C:\Users\jesst\Downloads\Demo for Family Bond Part 1 (2).psd 2017-02-26 14:58 - 2017-02-26 14:58 - 113607468 _____ C:\Users\jesst\Downloads\Demo for Family Bond Part 1 (1).psd 2017-02-26 13:34 - 2017-02-26 13:34 - 00323809 _____ C:\Users\jesst\Downloads\BookCover6x9_BW_300 (1).zip 2017-02-26 12:53 - 2017-02-26 12:53 - 00085383 _____ C:\Users\jesst\Downloads\8.5x8.5_BW_300.pdf 2017-02-26 12:50 - 2017-02-26 12:50 - 05698183 _____ C:\Users\jesst\Desktop\TGOSH PDF.pdf 2017-02-26 12:47 - 2017-02-26 12:47 - 36555269 _____ C:\Users\jesst\Desktop\The Groundsmen official cover psd.psd 2017-02-26 12:47 - 2017-02-26 12:47 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign73fb0286dade6adb 2017-02-26 12:41 - 2017-02-26 12:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5094eb9e54a4098a 2017-02-26 12:33 - 2017-02-26 12:33 - 05666579 _____ C:\Users\jesst\Desktop\Gary groundsmen jpeg full pdf.pdf 2017-02-26 12:30 - 2017-02-26 12:30 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigne081e818a077c4ad 2017-02-26 12:30 - 2017-02-26 12:30 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0c83feaf4758c12b 2017-02-25 18:16 - 2017-02-25 18:16 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb072a6a139034c26 2017-02-25 18:14 - 2017-02-25 18:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign8a17051444c8d7ef 2017-02-25 17:40 - 2017-02-25 17:40 - 08578305 _____ C:\Users\jesst\Downloads\AdobeStock_106252282.jpeg 2017-02-25 16:15 - 2017-02-25 16:13 - 712176269 _____ C:\Users\jesst\Desktop\Boxset-Bundle-Vol1.zip 2017-02-25 16:09 - 2017-02-25 16:13 - 712176269 _____ C:\Users\jesst\Downloads\Boxset-Bundle-Vol1.zip 2017-02-25 14:14 - 2017-02-25 14:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf89bd1bf068aa80c 2017-02-25 14:13 - 2017-02-25 14:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign37eccc839463732e 2017-02-25 14:13 - 2017-02-25 14:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign14f14c5e44e0b4ac 2017-02-25 08:32 - 2017-02-25 08:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignce2370ff9420e3ed 2017-02-25 08:32 - 2017-02-25 08:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbf13025304ffe996 2017-02-24 21:22 - 2017-02-24 21:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd3e0fed987409e43 2017-02-24 21:22 - 2017-02-24 21:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6701ed90bf9ea1da 2017-02-24 21:22 - 2017-02-24 21:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4620707238ca275e 2017-02-24 21:16 - 2017-02-24 21:16 - 00863754 _____ C:\Users\jesst\Desktop\JJ MARSTEAD GIF.wve 2017-02-24 19:40 - 2017-02-24 19:40 - 10821989 _____ C:\Users\jesst\Downloads\Bokeh - 5237.mp4 2017-02-24 19:24 - 2017-02-24 19:24 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigneb11c2637bc78343 2017-02-24 19:24 - 2017-02-24 19:24 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign09a546964fab6749 2017-02-24 17:24 - 2017-02-24 17:24 - 10679707 _____ C:\Users\jesst\Downloads\Particle - 5226.mp4 2017-02-24 17:23 - 2017-02-24 17:23 - 10200792 _____ C:\Users\jesst\Downloads\Girl - 6515.mp4 2017-02-24 17:22 - 2017-02-24 17:22 - 18719718 _____ C:\Users\jesst\Downloads\Girl - 6516.mp4 2017-02-24 17:14 - 2017-02-24 17:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb2e098a7ec4b1cd4 2017-02-24 17:14 - 2017-02-24 17:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign239e9f6216c52e7f 2017-02-24 17:13 - 2017-02-24 17:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5c4ae29f8e1c08b5 2017-02-24 17:13 - 2017-02-24 17:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4847c0e3ed12b36f 2017-02-24 17:13 - 2017-02-24 17:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2c20f71250bcaaeb 2017-02-24 13:42 - 2017-02-24 13:42 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb7f72205a98bc9c0 2017-02-24 13:42 - 2017-02-24 13:42 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign406cb14b1b0e63ff 2017-02-23 13:08 - 2017-02-23 13:08 - 03996084 _____ C:\Users\jesst\Downloads\Diamond - 3121.mp4 2017-02-23 13:01 - 2017-02-23 13:02 - 32002060 _____ C:\Users\jesst\Downloads\Fire - 3742.mp4 2017-02-23 12:38 - 2017-02-23 12:38 - 02345747 _____ C:\Users\jesst\Downloads\Leaves - 7248.mp4 2017-02-23 10:53 - 2017-02-23 10:53 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2715c4c838c67a4f 2017-02-23 10:52 - 2017-02-23 10:52 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigne170548c14186f79 2017-02-23 10:52 - 2017-02-23 10:52 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign80a416db9490f0a5 2017-02-23 10:05 - 2017-02-23 10:05 - 103155620 _____ C:\Users\jesst\Downloads\Eyes beyond the Wall trailer new.avi 2017-02-23 09:45 - 2017-02-23 09:45 - 05601888 _____ C:\Users\jesst\Downloads\Candle - 1212.mp4 2017-02-23 07:25 - 2017-02-23 07:25 - 14483032 _____ C:\Users\jesst\Downloads\Ground Fog - 307.mp4 2017-02-23 07:23 - 2017-02-23 07:23 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigna4d0acb58b24f848 2017-02-23 07:09 - 2017-02-23 07:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd283090c0a25f5df 2017-02-23 07:09 - 2017-02-23 07:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc686ac2ea87209f4 2017-02-23 07:09 - 2017-02-23 07:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3b5fa18685aa1dfc 2017-02-21 15:58 - 2017-03-01 20:02 - 00000000 ____D C:\Users\jesst\AppData\Roaming\Audacity 2017-02-21 15:58 - 2017-02-21 15:58 - 00000000 ____D C:\Users\jesst\AppData\Local\Audacity 2017-02-21 15:57 - 2017-02-21 15:58 - 00000000 ____D C:\Program Files (x86)\Audacity 2017-02-21 15:57 - 2017-02-21 15:57 - 26496761 _____ (Audacity Team ) C:\Users\jesst\Downloads\audacity-win-2.1.2.exe 2017-02-21 15:57 - 2017-02-21 15:57 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2017-02-21 15:57 - 2017-02-21 15:57 - 00001047 _____ C:\Users\Public\Desktop\Audacity.lnk 2017-02-21 14:52 - 2017-02-21 14:52 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign793c0ef3add4e31d 2017-02-21 14:51 - 2017-02-21 14:51 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign63a6dea5b1dea36e 2017-02-21 14:51 - 2017-02-21 14:51 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4b839e0c06dcd146 2017-02-21 14:23 - 2017-02-21 14:23 - 05491986 _____ C:\Users\jesst\Downloads\Ford - 4489.mp4 2017-02-21 14:19 - 2017-02-21 14:19 - 01508619 _____ C:\Users\jesst\Downloads\Hands - 421.mp4 2017-02-21 13:18 - 2017-02-21 13:18 - 00000000 ____D C:\ProgramData\Avg_Update_0217tb 2017-02-21 12:49 - 2017-02-21 12:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-02-21 12:49 - 2017-02-21 12:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-19 06:58 - 2017-02-28 18:29 - 02646262 _____ C:\Users\jesst\Desktop\Parker Eve trailer.wve 2017-02-18 13:03 - 2017-02-18 13:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign617eeb20fa1df79b 2017-02-18 12:59 - 2017-02-18 12:59 - 08097458 _____ C:\Users\jesst\Downloads\Creek - 2763.mp4 2017-02-18 12:44 - 2017-02-18 12:44 - 09592104 _____ C:\Users\jesst\Downloads\Video Game - 7249.mp4 2017-02-18 11:59 - 2017-02-18 11:59 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigndea1abcfc873e01f 2017-02-18 11:58 - 2017-02-18 11:58 - 12117361 _____ C:\Users\jesst\Downloads\EveBookCoverFinal.pdf 2017-02-18 11:49 - 2017-02-18 11:49 - 06023552 _____ C:\Users\jesst\Desktop\Eyes beyond the walls wrap pdf new and last.pdf 2017-02-18 11:14 - 2017-02-18 11:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2e10bbbc6d67af26 2017-02-18 11:10 - 2017-02-18 11:10 - 02897689 _____ C:\Users\jesst\Downloads\Waves - 5121.mp4 2017-02-18 10:17 - 2017-02-19 06:58 - 23077988 _____ C:\Users\jesst\Desktop\Eyes beyond the walls wrap psd.psd 2017-02-18 08:09 - 2017-02-18 08:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6cf1ca1de34841e5 2017-02-18 08:09 - 2017-02-18 08:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign287638632723b833 2017-02-18 08:09 - 2017-02-18 08:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign060075320eba8409 2017-02-17 19:44 - 2017-02-23 10:07 - 02397585 _____ C:\Users\jesst\Desktop\Eyes beyond the Wall trailer.wve 2017-02-17 19:44 - 2017-02-17 19:44 - 41473528 _____ C:\Users\jesst\Desktop\castle no windows.psd 2017-02-17 19:12 - 2017-02-17 19:12 - 11294596 _____ C:\Users\jesst\Downloads\Fire - 2196.mp4 2017-02-17 18:32 - 2017-02-17 18:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigndbfd01b07e1eb6dc 2017-02-17 18:28 - 2017-02-17 18:28 - 03102014 _____ C:\Users\jesst\Downloads\Fire - 621.mp4 2017-02-17 17:58 - 2017-02-17 17:58 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc1885d146d385e93 2017-02-17 17:55 - 2017-02-17 17:55 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc873ac4fa8f5129d 2017-02-17 16:29 - 2017-02-17 16:29 - 05165933 _____ C:\Users\jesst\Downloads\Lake - 2422.mp4 2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb32114f8d7d1f252 2017-02-17 14:45 - 2017-02-17 14:45 - 00000817 _____ C:\Users\jesst\Downloads\Pictures - Shortcut.lnk 2017-02-17 14:28 - 2017-02-17 14:28 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign71845815b524a3b8 2017-02-17 14:16 - 2017-02-17 14:16 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign21f0bc4da4555fdc 2017-02-17 14:15 - 2017-02-17 14:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd501bbbc3c842b37 2017-02-17 14:15 - 2017-02-17 14:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3794e13bc529755e 2017-02-17 10:29 - 2017-02-17 10:29 - 00654168 _____ C:\Users\jesst\Downloads\1f6f7f45b80c7c11795b36ded03cb6ca_tall-grass-field-tall-grass-field-clipart_1920-1200.jpeg 2017-02-17 10:27 - 2017-02-17 10:27 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign057b0c59f128c614 2017-02-17 10:26 - 2017-02-17 10:26 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigna925e3202c38b916 2017-02-17 10:26 - 2017-02-17 10:26 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign456976099c55a06b 2017-02-17 10:12 - 2017-02-17 10:12 - 14069480 _____ C:\Users\jesst\Downloads\Sailing Vessel - 2382.mp4 2017-02-17 10:11 - 2017-02-17 10:11 - 07861498 _____ C:\Users\jesst\Downloads\Castle - 6976.mp4 2017-02-17 09:42 - 2017-02-17 09:42 - 01667844 _____ C:\Users\jesst\Downloads\Birds - 7256.mp4 2017-02-17 09:03 - 2017-02-17 09:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf427f8183a8de1ed 2017-02-17 09:03 - 2017-02-17 09:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4bf6fcc9eb473c5a 2017-02-17 09:03 - 2017-02-17 09:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2696517c4c770b25 2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignea00cd3ff88eeea9 2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigna8451bc9acce7793 2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign92ada4217ccf50f8 2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0baae66285e41222 2017-02-15 11:59 - 2017-02-15 11:59 - 15984860 _____ C:\Users\jesst\Downloads\Tracks - 7729.mp4 2017-02-14 10:15 - 2017-02-14 10:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf9b13459f09201e2 2017-02-14 10:15 - 2017-02-14 10:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6a2ef2d2196c057c 2017-02-14 10:15 - 2017-02-14 10:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign423146509a0d2769 2017-02-13 21:54 - 2017-02-22 20:07 - 27062747 _____ C:\Users\jesst\Desktop\Maria banner.psd 2017-02-13 20:15 - 2017-02-13 20:15 - 00953707 _____ C:\Users\jesst\Downloads\flourish-1337830.svg 2017-02-13 20:00 - 2017-02-13 20:00 - 00007310 _____ C:\Users\jesst\Downloads\download.jpeg 2017-02-13 19:43 - 2017-02-13 19:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign57a0c58ed09ba775 2017-02-13 19:43 - 2017-02-13 19:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign458340bbaebcb7b0 2017-02-13 19:43 - 2017-02-13 19:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign242e6913d18486f4 2017-02-13 10:44 - 2017-02-13 10:44 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb3500952f634d4c8 2017-02-13 10:44 - 2017-02-13 10:44 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9f389462f0580c24 2017-02-13 10:44 - 2017-02-13 10:44 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1c10b86899c3e251 2017-02-12 15:15 - 2017-02-12 15:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc463bb6cd1ed6dfc 2017-02-12 15:15 - 2017-02-12 15:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign8df7d10b1c820d4b 2017-02-11 16:38 - 2017-02-11 16:38 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3a406beb242f1ddd 2017-02-11 15:56 - 2017-02-11 15:56 - 52196127 _____ C:\Users\jesst\Downloads\fireworks.mp4 2017-02-11 15:23 - 2017-02-11 15:23 - 12703037 _____ C:\Users\jesst\Downloads\062-Front-Back-Paperback-Book-Mockup-COVERVAULT.zip 2017-02-11 15:20 - 2017-02-11 15:20 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign743e5d86bae061fe 2017-02-11 15:19 - 2017-02-11 15:19 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignccd3cc963d9b0ac3 2017-02-11 15:19 - 2017-02-11 15:19 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1385f169c2b8a5c6 2017-02-10 17:17 - 2017-02-10 17:17 - 78022382 _____ C:\Users\jesst\Downloads\Pamela Ackerson's The Wilderness Series Trailer Final (1).mp4 2017-02-10 17:15 - 2017-02-10 17:15 - 00231700 _____ C:\Users\jesst\Desktop\Linda trailer one.wve 2017-02-10 13:28 - 2017-02-10 13:28 - 02764900 _____ C:\Users\jesst\Downloads\Street - 5023.mp4 2017-02-10 13:15 - 2017-02-10 13:15 - 07696478 _____ C:\Users\jesst\Downloads\Street - 1158.mp4 2017-02-10 13:08 - 2017-02-10 13:08 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3ec0d92429fff7f7 2017-02-10 11:39 - 2017-02-10 11:39 - 00129713 _____ C:\Users\jesst\Downloads\AdobeStock_53753397_WM.jpeg 2017-02-10 11:38 - 2017-02-10 11:38 - 00089969 _____ C:\Users\jesst\Downloads\AdobeStock_5383165_WM.jpeg 2017-02-10 10:45 - 2017-02-10 10:45 - 02604450 _____ C:\Users\jesst\Downloads\AdobeStock_54921449.jpeg 2017-02-10 10:37 - 2017-02-10 10:37 - 04615311 _____ C:\Users\jesst\Downloads\AdobeStock_132205630.jpeg 2017-02-10 10:34 - 2017-02-10 10:34 - 02230264 _____ C:\Users\jesst\Downloads\AdobeStock_54921514.jpeg 2017-02-10 10:34 - 2017-02-10 10:34 - 02230264 _____ C:\Users\jesst\Downloads\AdobeStock_54921514 (1).jpeg 2017-02-09 18:19 - 2017-02-09 18:19 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6f240ba0f4a5719f 2017-02-09 18:10 - 2017-02-09 18:10 - 38903430 _____ C:\Users\jesst\Downloads\052-Book-Novel-Mockup-5x8-COVERVAULT (1).zip 2017-02-09 15:09 - 2017-02-09 15:09 - 00207129 _____ C:\Users\jesst\Downloads\AdobeStock_54921514_WM.jpeg 2017-02-09 14:09 - 2017-02-09 14:09 - 02166996 _____ C:\Users\jesst\Downloads\Atomic - 3118.mp4 2017-02-09 08:05 - 2017-02-09 08:05 - 04837021 _____ C:\Users\jesst\Downloads\Ostfriesland - 6328.mp4 2017-02-09 07:59 - 2017-02-09 07:59 - 04390090 _____ C:\Users\jesst\Downloads\Rain - 6847.mp4 2017-02-09 02:33 - 2017-02-09 02:33 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-02-09 02:33 - 2017-02-09 02:33 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-02-08 17:22 - 2017-02-08 17:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignfc139b87f5d9a2fe 2017-02-08 16:46 - 2017-02-08 16:46 - 03175031 _____ C:\Users\jesst\Downloads\Liquid - 16.vid 2017-02-08 16:31 - 2017-02-08 16:31 - 03583405 _____ C:\Users\jesst\Downloads\Star - 690.mp4 2017-02-08 15:10 - 2017-02-08 15:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1822decdd02205eb 2017-02-08 12:29 - 2017-02-08 12:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd99dddde2b1075cb 2017-02-08 12:29 - 2017-02-08 12:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9b56b08a9e1e4302 2017-02-08 12:29 - 2017-02-08 12:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign11988ebade914bc1 2017-02-08 11:48 - 2017-02-13 21:50 - 00000000 ____D C:\Users\jesst\Desktop\PSD FILES 2017-02-08 10:18 - 2017-02-08 10:18 - 03127917 _____ C:\Users\jesst\Downloads\Agriculture - 1098.mp4 2017-02-07 07:07 - 2017-02-07 07:07 - 18830878 _____ C:\Users\jesst\Desktop\new add for OUDA.psd 2017-02-07 06:21 - 2017-02-07 06:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignafa4ca57cde6f94b 2017-02-07 06:20 - 2017-02-07 06:20 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6cdbf2de79b9bf34 2017-02-06 15:54 - 2017-02-06 15:54 - 06442051 _____ C:\Users\jesst\Downloads\004-6X9-Stacked-Paperback-books-COVERVAULT.zip 2017-02-06 15:49 - 2017-02-06 15:49 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf04f24b31559cc7b 2017-02-06 12:31 - 2017-02-06 12:31 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5d3d454c22ce5299 2017-02-06 10:46 - 2017-02-06 10:46 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignaf5b47ab49655655 2017-02-06 10:45 - 2017-02-06 10:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbc624b3f4386c373 2017-02-06 10:45 - 2017-02-06 10:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign603ad8b31f0ef047 2017-02-05 12:43 - 2017-02-10 06:04 - 03564617 _____ C:\Users\jesst\Desktop\Gary trailer one.wve 2017-02-05 12:08 - 2017-02-05 12:08 - 05883475 _____ C:\Users\jesst\Downloads\New York City - 1044.mp4 2017-02-05 11:46 - 2017-02-05 11:46 - 38903430 _____ C:\Users\jesst\Downloads\052-Book-Novel-Mockup-5x8-COVERVAULT.zip 2017-02-05 11:33 - 2017-02-05 11:33 - 06403319 _____ C:\Users\jesst\Downloads\Arable - 7015.mp4 2017-02-05 11:33 - 2017-02-05 11:33 - 05414378 _____ C:\Users\jesst\Downloads\Arable - 7015 (1).mp4 2017-02-05 11:23 - 2017-02-05 11:24 - 17714337 _____ C:\Users\jesst\Downloads\063-5x8-Paperback-Book-Small-Spine-Mockup-COVERVAULT.zip 2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf931b2c3ab4a96f4 2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf76640d3393c91c4 2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb1f63b777aab973c 2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5e5742c61ec4785c 2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1138e5285c0e352a 2017-02-05 10:06 - 2017-02-05 10:06 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignae5503b7254453ae 2017-02-04 19:29 - 2017-02-04 19:29 - 00010262 _____ C:\Users\jesst\Downloads\abstract-1299326.svg 2017-02-04 19:15 - 2017-02-04 19:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign360f67926f9711cb 2017-02-04 19:10 - 2017-02-04 19:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignabf471da72ebbdd9 2017-02-04 19:10 - 2017-02-04 19:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign615455035dc7d15e 2017-02-04 19:10 - 2017-02-04 19:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3ea9ce7e06b02a37 2017-02-03 15:39 - 2017-02-03 15:39 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign58e83d527f3182b2 2017-02-03 14:45 - 2017-02-03 14:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9c15656c65d3e62c 2017-02-03 14:39 - 2017-02-03 14:39 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign84106649ae679ac5 2017-02-02 16:06 - 2017-02-02 16:06 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigndc575028ed100418 2017-02-02 16:05 - 2017-02-02 16:05 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign39867cb35f4fb526 2017-02-02 16:05 - 2017-02-02 16:05 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0f8bb9dd42c49a18 2017-02-02 12:04 - 2017-02-02 12:04 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign36cd9cdc535e2106 2017-02-02 12:04 - 2017-02-02 12:04 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign10d8279fa2b35c42 2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignfc4840e5ffba7213 2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf607c1ee8a149a57 2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9e0dc0678df71d78 2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign87933b2dcd4e5b98 2017-02-02 09:17 - 2017-02-02 09:18 - 05789106 _____ C:\Users\jesst\Desktop\Gary groundsmen.pdf 2017-02-02 08:29 - 2017-02-02 08:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignef6db4f15a559f2f 2017-02-02 08:29 - 2017-02-02 08:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign85f9cae434dedf0b 2017-02-02 08:29 - 2017-02-02 08:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4c532a2d052973d2 2017-01-31 20:48 - 2017-02-02 14:31 - 154081525 _____ C:\Users\jesst\Desktop\Gary groundsmen.psd 2017-01-31 20:43 - 2017-01-31 20:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3828e4d020544d06 2017-01-31 18:54 - 2017-01-31 18:54 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign30d23ed5fc06c195 2017-01-31 18:53 - 2017-01-31 18:53 - 00338301 _____ C:\Users\jesst\Downloads\BookCover6x9_BW_330.zip 2017-01-31 17:50 - 2017-01-31 17:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5a41bd5d7ebcc7f5 2017-01-31 17:34 - 2017-01-31 17:34 - 45333253 _____ C:\Users\jesst\Downloads\016-6x9-Book-Series-Ereader-Mockup-COVERVAULT.zip 2017-01-31 17:34 - 2017-01-31 17:34 - 45333253 _____ C:\Users\jesst\Downloads\016-6x9-Book-Series-Ereader-Mockup-COVERVAULT (1).zip 2017-01-31 09:29 - 2017-01-31 09:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignaa7d4c67bde53144 2017-01-31 09:29 - 2017-01-31 09:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign625f69d3d12a2e4c 2017-01-31 09:29 - 2017-01-31 09:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0e958021ad3fe750 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-02 08:50 - 2016-11-18 18:23 - 00000000 ____D C:\Program Files (x86)\AVG 2017-03-02 08:50 - 2016-11-18 18:22 - 00000000 ____D C:\ProgramData\Avg 2017-03-02 08:49 - 2016-11-18 18:22 - 00000000 ____D C:\Users\jesst\AppData\Local\AvgSetupLog 2017-03-02 08:48 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-03-02 08:48 - 2016-05-16 13:55 - 00000000 ___RD C:\Users\jesst\Creative Cloud Files 2017-03-02 08:48 - 2016-05-16 13:55 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-03-02 08:47 - 2016-05-20 08:23 - 00000000 ___RD C:\Users\jesst\Dropbox 2017-03-02 08:47 - 2016-05-16 13:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Adobe 2017-03-02 08:44 - 2016-05-16 13:39 - 00000000 ___RD C:\Users\jesst\OneDrive 2017-03-02 08:43 - 2016-05-16 13:35 - 00000000 __SHD C:\Users\jesst\IntelGraphicsProfiles 2017-03-02 08:40 - 2015-11-02 12:02 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-03-02 08:39 - 2016-11-18 18:32 - 00000000 ____D C:\Users\jesst\AppData\Roaming\AVG 2017-03-02 08:39 - 2016-09-18 06:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-03-02 08:38 - 2016-07-16 00:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI 2017-03-02 08:19 - 2017-01-08 13:24 - 00025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys 2017-03-02 06:53 - 2016-09-18 05:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-03-02 06:51 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-01 21:35 - 2016-07-13 12:42 - 00432008 _____ C:\Users\jesst\OneDrive\Documents\starburn.txt 2017-03-01 21:01 - 2016-05-16 13:35 - 00000000 ____D C:\Users\jesst\AppData\Local\Packages 2017-03-01 20:05 - 2016-05-17 16:31 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjesst.job 2017-03-01 20:04 - 2016-09-18 05:56 - 00000000 ____D C:\Users\jesst 2017-02-27 21:20 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-27 21:12 - 2016-09-18 05:55 - 01406478 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-27 20:20 - 2016-03-18 04:24 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-26 09:59 - 2016-09-18 06:28 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjesst 2017-02-24 10:46 - 2016-05-16 16:11 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-02-24 10:43 - 2016-05-16 16:11 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-02-22 20:59 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-02-22 09:41 - 2016-12-09 11:03 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-02-22 09:41 - 2016-05-16 13:39 - 00002374 _____ C:\Users\jesst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-02-16 08:00 - 2016-11-18 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2017-02-11 17:39 - 2016-11-04 09:03 - 00000000 ___RD C:\Users\jesst\Desktop\TEASERS FOR TOB AUTHORS 2017-02-07 06:13 - 2016-05-23 09:34 - 00002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-07 06:13 - 2016-05-23 09:34 - 00002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-06 13:48 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-02-06 13:48 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-05 19:03 - 2016-07-15 21:43 - 00000000 ____D C:\Users\jesst\OneDrive\Documents\Calibre Library 2017-02-03 20:53 - 2017-01-29 18:20 - 02434463 _____ C:\Users\jesst\Desktop\Pam Ackerson video trailer..wve 2017-01-31 09:28 - 2017-01-28 15:54 - 04005869 _____ C:\Users\jesst\Desktop\Interview Codi.wve ==================== Files in the root of some directories ======= 2016-08-31 22:16 - 2016-08-31 22:16 - 0000112 _____ () C:\Users\jesst\AppData\Roaming\JP2K CS6 Prefs 2016-09-06 07:02 - 2016-09-06 07:02 - 0000028 _____ () C:\Users\jesst\AppData\Roaming\kulerdata.json 2016-11-08 06:46 - 2016-11-18 08:14 - 0000129 _____ () C:\Users\jesst\AppData\Roaming\WB.CFG 2016-08-28 19:21 - 2016-08-28 19:21 - 0005260 _____ () C:\Users\jesst\AppData\Local\recently-used.xbel 2016-08-28 14:26 - 2016-08-28 14:26 - 0000017 _____ () C:\Users\jesst\AppData\Local\resmon.resmoncfg 2016-09-01 15:29 - 2016-09-17 22:14 - 0019698 _____ () C:\ProgramData\Coinstaller.log 2016-09-01 15:26 - 2016-09-01 15:26 - 0000086 _____ () C:\ProgramData\dleascan.log Some files in TEMP: ==================== 2016-12-17 20:56 - 2016-12-15 00:01 - 170618168 _____ ( ) C:\Users\jesst\AppData\Local\Temp\filmora_64bit_full846.exe 2017-03-02 07:18 - 2016-11-11 19:02 - 11581544 _____ (SurfRight B.V.) C:\Users\jesst\AppData\Local\Temp\HitmanPro.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-02-21 08:19 ==================== End of FRST.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.