Jump to content

jesstahoz

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Posts posted by jesstahoz

    Outbound - chrome.exe and svchost.exe

    in Website Blocking

    Posted

    8 minutes ago, Libertas1 said:

    not seeing that and dont know how to update it

     

    there is an update feature sort of but says i am up to date

     

    3 minutes ago, demonkez1987 said:

    alot of people are still having a problem with popups even after the update.

    if you open malwarebytes then click on current next to the bit where it says *update* it will search for updates. also you can check to see which version you have if you go to my account (top right) > about > version info

    Yes, I've actually gotten my information from the about section. It shows I'm not up to date with the last posted update a few minutes ago. I'm set to update every 15 minutes now. We will see if it works. 

    Outbound - chrome.exe and svchost.exe

    in Website Blocking

    Posted

    Hi, I've been getting the outbound notifications too. Can i get help?

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
    Ran by jesst (administrator) on LAPTOP-TCKSBIJU (02-03-2017 08:52:14)
    Running from C:\Users\jesst\Downloads
    Loaded Profiles: jesst (Available Profiles: jesst)
    Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxEM.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
    (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
    (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9039880 2016-11-11] (Realtek Semiconductor)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.)
    HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
    HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
    HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
    HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\...\Run: [Chromium] => c:\users\jesst\appdata\local\chromium\application\chrome.exe [1035264 2016-03-17] (The Chromium Authors)
    HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\...\Run: [GoogleChromeAutoLaunch_283943E45532D844A97475C798351EE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
    HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\...\MountPoints2: {827c79a0-30b5-11e6-b914-08d40cfdc5f9} - "F:\VZW_Software_upgrade_assistant.exe" 
    ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
    BootExecute: autocheck autochk /r \??\Z:autocheck autochk * 
    GroupPolicy: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50
    Tcpip\..\Interfaces\{a41626a5-6236-4dd2-8439-9098a2368efb}: [DhcpNameServer] 24.116.0.53 24.116.2.50

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-511d79bd
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-511d79bd
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
    HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={3D9FDDCF-FAE3-4CDC-8D5D-E0C5EEC6645B}&mid=9f2df9c5e3f547cf9a85d99d4a192c0a-41b42325da8fd222bf84529fafff1d402dfef065&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-19 00:34:09&v=4.3.6.255&pid=wtu&sg=&sap=hp
    HKU\S-1-5-21-2510511767-3431779259-4189607661-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms}
    SearchScopes: HKLM -> {625D2799-9641-496C-A658-4AB9DFB660A7} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms}
    SearchScopes: HKLM-x32 -> {625D2799-9641-496C-A658-4AB9DFB660A7} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3D9FDDCF-FAE3-4CDC-8D5D-E0C5EEC6645B}&mid=9f2df9c5e3f547cf9a85d99d4a192c0a-41b42325da8fd222bf84529fafff1d402dfef065&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-19 00:34:09&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-511d79bd&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> {625D2799-9641-496C-A658-4AB9DFB660A7} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-2510511767-3431779259-4189607661-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3D9FDDCF-FAE3-4CDC-8D5D-E0C5EEC6645B}&mid=9f2df9c5e3f547cf9a85d99d4a192c0a-41b42325da8fd222bf84529fafff1d402dfef065&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-19 00:34:09&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
    BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)

    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://google.com/
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR DefaultSearchURL: Default -> hxxps://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasafeweb&v=1_0_chromeextension_unknown__&searchfeed=web&hsimp=yhs-panda1&ent=ch_ss&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> safeWeb
    CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
    CHR Profile: C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
    CHR Extension: (Google Slides) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-23]
    CHR Extension: (Web Boost - Wait Less, Browse Faster!) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbkhnpmoamidjgbneafjipbmdfpefad [2016-08-05]
    CHR Extension: (Google Docs) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-23]
    CHR Extension: (Google Drive) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-23]
    CHR Extension: (YouTube) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-23]
    CHR Extension: (Norton Security Toolbar) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-13]
    CHR Extension: (Netflix) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2016-06-09]
    CHR Extension: (Dropbox for Gmail) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-03-01]
    CHR Extension: (Norton Home Page for Chrome) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-08-07]
    CHR Extension: (Google Sheets) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-23]
    CHR Extension: (Google Docs Offline) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
    CHR Extension: (CloudConvert) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2016-12-03]
    CHR Extension: (Tris) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\hinkmcnegnkncphhncbiohnomfgdegce [2017-01-14]
    CHR Extension: (Norton Identity Safe) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-09-07]
    CHR Extension: (Flatbook) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2017-03-02]
    CHR Extension: (Norton Safe) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-05]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
    CHR Extension: (Gmail) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-23]
    CHR Extension: (Chrome Media Router) - C:\Users\jesst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-13]
    CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
    S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHeciSvc.exe [301528 2016-12-06] (Intel Corporation)
    S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\IntelCpHDCPSvc.exe [480216 2016-12-06] (Intel Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.)
    R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1419424 2016-12-04] (Intel Corporation)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
    R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
    R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igfxCUIService.exe [341976 2016-12-06] (Intel Corporation)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
    S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-11] (Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
    S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [321032 2016-11-11] (Realtek Semiconductor)
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-08-19] (Synaptics Incorporated)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
    R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-12-04] (Intel Corporation)
    R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-12-04] (Intel Corporation)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
    R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [249616 2016-10-18] (Intel Corporation)
    R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\119748.inf_amd64_8e3972f5c88264c0\igdkmd64.sys [11039704 2016-12-06] (Intel Corporation)
    R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-02] (Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-02] (Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-02] (Malwarebytes)
    R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-02] (Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-02] (Malwarebytes)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    U5 Netwtw02; C:\Windows\System32\Drivers\Netwtw02.sys [6724368 2016-02-06] (Intel Corporation)
    R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-20] (Realtek                                            )
    S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-02-25] (Realsil Semiconductor Corporation)
    S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [58984 2016-02-23] (Synaptics Incorporated)
    R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72824 2016-08-19] (Synaptics Incorporated)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
    S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2017-03-02] (SlimWare Utilities, Inc.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [32832 2016-07-31] (HP)
    S3 dbx; system32\DRIVERS\dbx.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-03-02 08:52 - 2017-03-02 08:52 - 00029263 _____ C:\Users\jesst\Downloads\FRST.txt
    2017-03-02 08:52 - 2017-03-02 08:52 - 00000000 ____D C:\FRST
    2017-03-02 08:51 - 2017-03-02 08:51 - 02423808 _____ (Farbar) C:\Users\jesst\Downloads\FRST64.exe
    2017-03-02 08:50 - 2017-03-02 08:51 - 01765888 _____ (Farbar) C:\Users\jesst\Downloads\FRST.exe
    2017-03-02 08:50 - 2017-03-02 08:50 - 01765888 _____ (Farbar) C:\Users\jesst\Downloads\FRST (1).exe
    2017-03-02 08:48 - 2017-03-02 08:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign96ac0b97af133ebf
    2017-03-02 08:46 - 2017-03-02 08:46 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6ec493abb0bb72aa
    2017-03-02 08:44 - 2017-03-02 08:44 - 00000000 ___HD C:\OneDriveTemp
    2017-03-02 08:40 - 2017-03-02 08:42 - 00000000 ____D C:\Users\TEMP
    2017-03-02 08:27 - 2017-03-02 08:27 - 00000000 ____D C:\Users\jesst\AppData\Local\SlimWare Utilities Inc
    2017-03-02 07:34 - 2017-03-02 08:40 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
    2017-03-02 07:34 - 2017-03-02 08:40 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2017-03-02 07:34 - 2017-03-02 08:40 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2017-03-02 07:34 - 2017-03-02 08:40 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2017-03-02 07:33 - 2017-03-02 08:40 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2017-03-02 07:33 - 2017-03-02 07:33 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-03-02 07:33 - 2017-03-02 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-03-02 07:33 - 2017-03-02 07:33 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-03-02 07:33 - 2017-03-02 07:33 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-03-02 07:33 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-03-02 07:30 - 2017-03-02 07:32 - 57131432 _____ (Malwarebytes ) C:\Users\jesst\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
    2017-03-02 07:17 - 2017-03-02 07:17 - 11581544 _____ (SurfRight B.V.) C:\Users\jesst\Downloads\hitmanpro_x64 (1).exe
    2017-03-02 07:17 - 2017-03-02 07:17 - 11005320 _____ (SurfRight B.V.) C:\Users\jesst\Downloads\HitmanPro (1).exe
    2017-03-01 20:27 - 2017-03-01 20:27 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1b2f1e11cdeb408d
    2017-03-01 20:26 - 2017-03-01 20:26 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign22a4e772e9a214f9
    2017-03-01 20:02 - 2017-03-01 21:51 - 00037636 _____ C:\Users\jesst\Desktop\Confusion trailer.wve
    2017-03-01 19:59 - 2017-03-01 19:59 - 00005546 _____ C:\Users\jesst\Downloads\maddi-talking.aup
    2017-02-28 18:28 - 2017-02-28 18:28 - 02646262 _____ C:\Users\jesst\Desktop\VE Project 1.wve
    2017-02-28 15:04 - 2017-02-28 15:04 - 00007588 _____ C:\Users\jesst\Downloads\affection-2026171.svg
    2017-02-28 14:09 - 2017-02-28 14:09 - 05902415 _____ C:\Users\jesst\Downloads\Outdoors - 728.mp4
    2017-02-28 13:46 - 2017-02-28 13:46 - 09661787 _____ C:\Users\jesst\Downloads\Fairy Dust - 3120.mp4
    2017-02-28 13:32 - 2017-02-28 13:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6b37286d9b03a5fe
    2017-02-28 10:05 - 2017-02-28 10:05 - 01445348 _____ C:\Users\jesst\Downloads\lame-3.99.5.tar.gz
    2017-02-28 09:59 - 2017-02-28 09:59 - 00005546 _____ C:\Users\jesst\Desktop\maddi talking.aup
    2017-02-28 09:59 - 2017-02-28 09:59 - 00000000 ____D C:\Users\jesst\Desktop\maddi talking_data
    2017-02-28 09:01 - 2017-02-28 09:01 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign11df99d2eeb283b3
    2017-02-28 09:00 - 2017-02-28 09:00 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignfb860b783a39cd30
    2017-02-28 09:00 - 2017-02-28 09:00 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign63290e91ccca43b8
    2017-02-27 22:21 - 2017-02-27 22:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc1db6da91f0a0b05
    2017-02-27 22:21 - 2017-02-27 22:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1e560f4f0cf51954
    2017-02-27 22:21 - 2017-02-27 22:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1b12249d5a9ce991
    2017-02-27 22:20 - 2017-02-27 22:20 - 01512927 _____ (Audacity Team ) C:\Users\jesst\Downloads\LADSPA_plugins-win-0.4.15.exe
    2017-02-27 21:31 - 2017-02-27 21:32 - 00000000 ____D C:\Users\jesst\OneDrive\Documents\Sound recordings
    2017-02-27 21:28 - 2017-02-27 21:28 - 00000000 ____D C:\Users\jesst\AppData\Local\ElevatedDiagnostics
    2017-02-27 21:12 - 2017-02-27 21:12 - 62146042 _____ C:\Users\jesst\Desktop\Paul cover wrap.psd
    2017-02-27 21:11 - 2017-02-27 21:11 - 49116337 _____ C:\Users\jesst\Desktop\Girl with green eyes.psd
    2017-02-27 20:19 - 2017-02-27 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2017-02-27 17:48 - 2017-02-27 17:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign03f18256be9fb325
    2017-02-27 17:04 - 2017-02-27 17:04 - 10010585 _____ C:\Users\jesst\Downloads\Liquid - 16.mp4
    2017-02-27 16:22 - 2017-02-27 16:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbde9c1b574281b06
    2017-02-27 14:38 - 2017-02-27 14:38 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignffc4b571121a4d9a
    2017-02-27 14:06 - 2017-02-27 14:06 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbdfd9315f53f0d3b
    2017-02-27 14:02 - 2017-02-27 14:02 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign828d1c579671335c
    2017-02-27 14:02 - 2017-02-27 14:02 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign09e52c6f0ea24db1
    2017-02-27 12:48 - 2017-02-27 12:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd1a6db34e72202b1
    2017-02-27 12:48 - 2017-02-27 12:48 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2626346d00582d35
    2017-02-27 11:59 - 2017-02-27 11:59 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign03fc2c1c628d88fd
    2017-02-27 11:57 - 2017-02-27 11:57 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigne778a429e6c22128
    2017-02-27 11:57 - 2017-02-27 11:57 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc6f55d52ff940f4e
    2017-02-27 10:31 - 2017-02-27 10:31 - 30883185 _____ C:\Users\jesst\Desktop\Paul cover.psd
    2017-02-27 10:30 - 2017-02-27 10:30 - 120503940 _____ C:\Users\jesst\Downloads\028-6x9-Boxset-with-Book-Removed-Template-COVERVAULT.zip
    2017-02-27 09:50 - 2017-02-27 09:50 - 08578305 _____ C:\Users\jesst\Downloads\AdobeStock_106252282 (1).jpeg
    2017-02-27 09:49 - 2017-02-27 09:49 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign91c37978a79d3758
    2017-02-26 17:34 - 2017-02-26 17:34 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign003b62f940c3a900
    2017-02-26 17:31 - 2017-02-27 09:50 - 09446576 _____ C:\Users\jesst\Desktop\McGregor Series.pdf
    2017-02-26 15:30 - 2017-02-26 15:31 - 136051364 _____ C:\Users\jesst\Desktop\McGregor Series.psd
    2017-02-26 14:58 - 2017-02-26 14:59 - 113607468 _____ C:\Users\jesst\Downloads\Demo for Family Bond Part 1 (2).psd
    2017-02-26 14:58 - 2017-02-26 14:58 - 113607468 _____ C:\Users\jesst\Downloads\Demo for Family Bond Part 1 (1).psd
    2017-02-26 13:34 - 2017-02-26 13:34 - 00323809 _____ C:\Users\jesst\Downloads\BookCover6x9_BW_300 (1).zip
    2017-02-26 12:53 - 2017-02-26 12:53 - 00085383 _____ C:\Users\jesst\Downloads\8.5x8.5_BW_300.pdf
    2017-02-26 12:50 - 2017-02-26 12:50 - 05698183 _____ C:\Users\jesst\Desktop\TGOSH PDF.pdf
    2017-02-26 12:47 - 2017-02-26 12:47 - 36555269 _____ C:\Users\jesst\Desktop\The Groundsmen official cover psd.psd
    2017-02-26 12:47 - 2017-02-26 12:47 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign73fb0286dade6adb
    2017-02-26 12:41 - 2017-02-26 12:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5094eb9e54a4098a
    2017-02-26 12:33 - 2017-02-26 12:33 - 05666579 _____ C:\Users\jesst\Desktop\Gary groundsmen jpeg full  pdf.pdf
    2017-02-26 12:30 - 2017-02-26 12:30 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigne081e818a077c4ad
    2017-02-26 12:30 - 2017-02-26 12:30 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0c83feaf4758c12b
    2017-02-25 18:16 - 2017-02-25 18:16 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb072a6a139034c26
    2017-02-25 18:14 - 2017-02-25 18:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign8a17051444c8d7ef
    2017-02-25 17:40 - 2017-02-25 17:40 - 08578305 _____ C:\Users\jesst\Downloads\AdobeStock_106252282.jpeg
    2017-02-25 16:15 - 2017-02-25 16:13 - 712176269 _____ C:\Users\jesst\Desktop\Boxset-Bundle-Vol1.zip
    2017-02-25 16:09 - 2017-02-25 16:13 - 712176269 _____ C:\Users\jesst\Downloads\Boxset-Bundle-Vol1.zip
    2017-02-25 14:14 - 2017-02-25 14:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf89bd1bf068aa80c
    2017-02-25 14:13 - 2017-02-25 14:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign37eccc839463732e
    2017-02-25 14:13 - 2017-02-25 14:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign14f14c5e44e0b4ac
    2017-02-25 08:32 - 2017-02-25 08:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignce2370ff9420e3ed
    2017-02-25 08:32 - 2017-02-25 08:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbf13025304ffe996
    2017-02-24 21:22 - 2017-02-24 21:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd3e0fed987409e43
    2017-02-24 21:22 - 2017-02-24 21:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6701ed90bf9ea1da
    2017-02-24 21:22 - 2017-02-24 21:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4620707238ca275e
    2017-02-24 21:16 - 2017-02-24 21:16 - 00863754 _____ C:\Users\jesst\Desktop\JJ MARSTEAD GIF.wve
    2017-02-24 19:40 - 2017-02-24 19:40 - 10821989 _____ C:\Users\jesst\Downloads\Bokeh - 5237.mp4
    2017-02-24 19:24 - 2017-02-24 19:24 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigneb11c2637bc78343
    2017-02-24 19:24 - 2017-02-24 19:24 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign09a546964fab6749
    2017-02-24 17:24 - 2017-02-24 17:24 - 10679707 _____ C:\Users\jesst\Downloads\Particle - 5226.mp4
    2017-02-24 17:23 - 2017-02-24 17:23 - 10200792 _____ C:\Users\jesst\Downloads\Girl - 6515.mp4
    2017-02-24 17:22 - 2017-02-24 17:22 - 18719718 _____ C:\Users\jesst\Downloads\Girl - 6516.mp4
    2017-02-24 17:14 - 2017-02-24 17:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb2e098a7ec4b1cd4
    2017-02-24 17:14 - 2017-02-24 17:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign239e9f6216c52e7f
    2017-02-24 17:13 - 2017-02-24 17:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5c4ae29f8e1c08b5
    2017-02-24 17:13 - 2017-02-24 17:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4847c0e3ed12b36f
    2017-02-24 17:13 - 2017-02-24 17:13 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2c20f71250bcaaeb
    2017-02-24 13:42 - 2017-02-24 13:42 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb7f72205a98bc9c0
    2017-02-24 13:42 - 2017-02-24 13:42 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign406cb14b1b0e63ff
    2017-02-23 13:08 - 2017-02-23 13:08 - 03996084 _____ C:\Users\jesst\Downloads\Diamond - 3121.mp4
    2017-02-23 13:01 - 2017-02-23 13:02 - 32002060 _____ C:\Users\jesst\Downloads\Fire - 3742.mp4
    2017-02-23 12:38 - 2017-02-23 12:38 - 02345747 _____ C:\Users\jesst\Downloads\Leaves - 7248.mp4
    2017-02-23 10:53 - 2017-02-23 10:53 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2715c4c838c67a4f
    2017-02-23 10:52 - 2017-02-23 10:52 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigne170548c14186f79
    2017-02-23 10:52 - 2017-02-23 10:52 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign80a416db9490f0a5
    2017-02-23 10:05 - 2017-02-23 10:05 - 103155620 _____ C:\Users\jesst\Downloads\Eyes beyond the Wall trailer new.avi
    2017-02-23 09:45 - 2017-02-23 09:45 - 05601888 _____ C:\Users\jesst\Downloads\Candle - 1212.mp4
    2017-02-23 07:25 - 2017-02-23 07:25 - 14483032 _____ C:\Users\jesst\Downloads\Ground Fog - 307.mp4
    2017-02-23 07:23 - 2017-02-23 07:23 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigna4d0acb58b24f848
    2017-02-23 07:09 - 2017-02-23 07:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd283090c0a25f5df
    2017-02-23 07:09 - 2017-02-23 07:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc686ac2ea87209f4
    2017-02-23 07:09 - 2017-02-23 07:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3b5fa18685aa1dfc
    2017-02-21 15:58 - 2017-03-01 20:02 - 00000000 ____D C:\Users\jesst\AppData\Roaming\Audacity
    2017-02-21 15:58 - 2017-02-21 15:58 - 00000000 ____D C:\Users\jesst\AppData\Local\Audacity
    2017-02-21 15:57 - 2017-02-21 15:58 - 00000000 ____D C:\Program Files (x86)\Audacity
    2017-02-21 15:57 - 2017-02-21 15:57 - 26496761 _____ (Audacity Team ) C:\Users\jesst\Downloads\audacity-win-2.1.2.exe
    2017-02-21 15:57 - 2017-02-21 15:57 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2017-02-21 15:57 - 2017-02-21 15:57 - 00001047 _____ C:\Users\Public\Desktop\Audacity.lnk
    2017-02-21 14:52 - 2017-02-21 14:52 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign793c0ef3add4e31d
    2017-02-21 14:51 - 2017-02-21 14:51 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign63a6dea5b1dea36e
    2017-02-21 14:51 - 2017-02-21 14:51 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4b839e0c06dcd146
    2017-02-21 14:23 - 2017-02-21 14:23 - 05491986 _____ C:\Users\jesst\Downloads\Ford - 4489.mp4
    2017-02-21 14:19 - 2017-02-21 14:19 - 01508619 _____ C:\Users\jesst\Downloads\Hands - 421.mp4
    2017-02-21 13:18 - 2017-02-21 13:18 - 00000000 ____D C:\ProgramData\Avg_Update_0217tb
    2017-02-21 12:49 - 2017-02-21 12:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2017-02-21 12:49 - 2017-02-21 12:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2017-02-19 06:58 - 2017-02-28 18:29 - 02646262 _____ C:\Users\jesst\Desktop\Parker Eve trailer.wve
    2017-02-18 13:03 - 2017-02-18 13:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign617eeb20fa1df79b
    2017-02-18 12:59 - 2017-02-18 12:59 - 08097458 _____ C:\Users\jesst\Downloads\Creek - 2763.mp4
    2017-02-18 12:44 - 2017-02-18 12:44 - 09592104 _____ C:\Users\jesst\Downloads\Video Game - 7249.mp4
    2017-02-18 11:59 - 2017-02-18 11:59 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigndea1abcfc873e01f
    2017-02-18 11:58 - 2017-02-18 11:58 - 12117361 _____ C:\Users\jesst\Downloads\EveBookCoverFinal.pdf
    2017-02-18 11:49 - 2017-02-18 11:49 - 06023552 _____ C:\Users\jesst\Desktop\Eyes beyond the walls wrap pdf new and last.pdf
    2017-02-18 11:14 - 2017-02-18 11:14 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2e10bbbc6d67af26
    2017-02-18 11:10 - 2017-02-18 11:10 - 02897689 _____ C:\Users\jesst\Downloads\Waves - 5121.mp4
    2017-02-18 10:17 - 2017-02-19 06:58 - 23077988 _____ C:\Users\jesst\Desktop\Eyes beyond the walls wrap psd.psd
    2017-02-18 08:09 - 2017-02-18 08:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6cf1ca1de34841e5
    2017-02-18 08:09 - 2017-02-18 08:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign287638632723b833
    2017-02-18 08:09 - 2017-02-18 08:09 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign060075320eba8409
    2017-02-17 19:44 - 2017-02-23 10:07 - 02397585 _____ C:\Users\jesst\Desktop\Eyes beyond the Wall trailer.wve
    2017-02-17 19:44 - 2017-02-17 19:44 - 41473528 _____ C:\Users\jesst\Desktop\castle no windows.psd
    2017-02-17 19:12 - 2017-02-17 19:12 - 11294596 _____ C:\Users\jesst\Downloads\Fire - 2196.mp4
    2017-02-17 18:32 - 2017-02-17 18:32 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigndbfd01b07e1eb6dc
    2017-02-17 18:28 - 2017-02-17 18:28 - 03102014 _____ C:\Users\jesst\Downloads\Fire - 621.mp4
    2017-02-17 17:58 - 2017-02-17 17:58 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc1885d146d385e93
    2017-02-17 17:55 - 2017-02-17 17:55 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc873ac4fa8f5129d
    2017-02-17 16:29 - 2017-02-17 16:29 - 05165933 _____ C:\Users\jesst\Downloads\Lake - 2422.mp4
    2017-02-17 15:59 - 2017-02-17 15:59 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb32114f8d7d1f252
    2017-02-17 14:45 - 2017-02-17 14:45 - 00000817 _____ C:\Users\jesst\Downloads\Pictures - Shortcut.lnk
    2017-02-17 14:28 - 2017-02-17 14:28 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign71845815b524a3b8
    2017-02-17 14:16 - 2017-02-17 14:16 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign21f0bc4da4555fdc
    2017-02-17 14:15 - 2017-02-17 14:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd501bbbc3c842b37
    2017-02-17 14:15 - 2017-02-17 14:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3794e13bc529755e
    2017-02-17 10:29 - 2017-02-17 10:29 - 00654168 _____ C:\Users\jesst\Downloads\1f6f7f45b80c7c11795b36ded03cb6ca_tall-grass-field-tall-grass-field-clipart_1920-1200.jpeg
    2017-02-17 10:27 - 2017-02-17 10:27 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign057b0c59f128c614
    2017-02-17 10:26 - 2017-02-17 10:26 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigna925e3202c38b916
    2017-02-17 10:26 - 2017-02-17 10:26 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign456976099c55a06b
    2017-02-17 10:12 - 2017-02-17 10:12 - 14069480 _____ C:\Users\jesst\Downloads\Sailing Vessel - 2382.mp4
    2017-02-17 10:11 - 2017-02-17 10:11 - 07861498 _____ C:\Users\jesst\Downloads\Castle - 6976.mp4
    2017-02-17 09:42 - 2017-02-17 09:42 - 01667844 _____ C:\Users\jesst\Downloads\Birds - 7256.mp4
    2017-02-17 09:03 - 2017-02-17 09:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf427f8183a8de1ed
    2017-02-17 09:03 - 2017-02-17 09:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4bf6fcc9eb473c5a
    2017-02-17 09:03 - 2017-02-17 09:03 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign2696517c4c770b25
    2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignea00cd3ff88eeea9
    2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigna8451bc9acce7793
    2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign92ada4217ccf50f8
    2017-02-16 13:41 - 2017-02-16 13:41 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0baae66285e41222
    2017-02-15 11:59 - 2017-02-15 11:59 - 15984860 _____ C:\Users\jesst\Downloads\Tracks - 7729.mp4
    2017-02-14 10:15 - 2017-02-14 10:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf9b13459f09201e2
    2017-02-14 10:15 - 2017-02-14 10:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6a2ef2d2196c057c
    2017-02-14 10:15 - 2017-02-14 10:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign423146509a0d2769
    2017-02-13 21:54 - 2017-02-22 20:07 - 27062747 _____ C:\Users\jesst\Desktop\Maria banner.psd
    2017-02-13 20:15 - 2017-02-13 20:15 - 00953707 _____ C:\Users\jesst\Downloads\flourish-1337830.svg
    2017-02-13 20:00 - 2017-02-13 20:00 - 00007310 _____ C:\Users\jesst\Downloads\download.jpeg
    2017-02-13 19:43 - 2017-02-13 19:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign57a0c58ed09ba775
    2017-02-13 19:43 - 2017-02-13 19:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign458340bbaebcb7b0
    2017-02-13 19:43 - 2017-02-13 19:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign242e6913d18486f4
    2017-02-13 10:44 - 2017-02-13 10:44 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb3500952f634d4c8
    2017-02-13 10:44 - 2017-02-13 10:44 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9f389462f0580c24
    2017-02-13 10:44 - 2017-02-13 10:44 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1c10b86899c3e251
    2017-02-12 15:15 - 2017-02-12 15:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignc463bb6cd1ed6dfc
    2017-02-12 15:15 - 2017-02-12 15:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign8df7d10b1c820d4b
    2017-02-11 16:38 - 2017-02-11 16:38 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3a406beb242f1ddd
    2017-02-11 15:56 - 2017-02-11 15:56 - 52196127 _____ C:\Users\jesst\Downloads\fireworks.mp4
    2017-02-11 15:23 - 2017-02-11 15:23 - 12703037 _____ C:\Users\jesst\Downloads\062-Front-Back-Paperback-Book-Mockup-COVERVAULT.zip
    2017-02-11 15:20 - 2017-02-11 15:20 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign743e5d86bae061fe
    2017-02-11 15:19 - 2017-02-11 15:19 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignccd3cc963d9b0ac3
    2017-02-11 15:19 - 2017-02-11 15:19 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1385f169c2b8a5c6
    2017-02-10 17:17 - 2017-02-10 17:17 - 78022382 _____ C:\Users\jesst\Downloads\Pamela Ackerson's The Wilderness Series Trailer Final (1).mp4
    2017-02-10 17:15 - 2017-02-10 17:15 - 00231700 _____ C:\Users\jesst\Desktop\Linda trailer one.wve
    2017-02-10 13:28 - 2017-02-10 13:28 - 02764900 _____ C:\Users\jesst\Downloads\Street - 5023.mp4
    2017-02-10 13:15 - 2017-02-10 13:15 - 07696478 _____ C:\Users\jesst\Downloads\Street - 1158.mp4
    2017-02-10 13:08 - 2017-02-10 13:08 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3ec0d92429fff7f7
    2017-02-10 11:39 - 2017-02-10 11:39 - 00129713 _____ C:\Users\jesst\Downloads\AdobeStock_53753397_WM.jpeg
    2017-02-10 11:38 - 2017-02-10 11:38 - 00089969 _____ C:\Users\jesst\Downloads\AdobeStock_5383165_WM.jpeg
    2017-02-10 10:45 - 2017-02-10 10:45 - 02604450 _____ C:\Users\jesst\Downloads\AdobeStock_54921449.jpeg
    2017-02-10 10:37 - 2017-02-10 10:37 - 04615311 _____ C:\Users\jesst\Downloads\AdobeStock_132205630.jpeg
    2017-02-10 10:34 - 2017-02-10 10:34 - 02230264 _____ C:\Users\jesst\Downloads\AdobeStock_54921514.jpeg
    2017-02-10 10:34 - 2017-02-10 10:34 - 02230264 _____ C:\Users\jesst\Downloads\AdobeStock_54921514 (1).jpeg
    2017-02-09 18:19 - 2017-02-09 18:19 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6f240ba0f4a5719f
    2017-02-09 18:10 - 2017-02-09 18:10 - 38903430 _____ C:\Users\jesst\Downloads\052-Book-Novel-Mockup-5x8-COVERVAULT (1).zip
    2017-02-09 15:09 - 2017-02-09 15:09 - 00207129 _____ C:\Users\jesst\Downloads\AdobeStock_54921514_WM.jpeg
    2017-02-09 14:09 - 2017-02-09 14:09 - 02166996 _____ C:\Users\jesst\Downloads\Atomic - 3118.mp4
    2017-02-09 08:05 - 2017-02-09 08:05 - 04837021 _____ C:\Users\jesst\Downloads\Ostfriesland - 6328.mp4
    2017-02-09 07:59 - 2017-02-09 07:59 - 04390090 _____ C:\Users\jesst\Downloads\Rain - 6847.mp4
    2017-02-09 02:33 - 2017-02-09 02:33 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2017-02-09 02:33 - 2017-02-09 02:33 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2017-02-08 17:22 - 2017-02-08 17:22 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignfc139b87f5d9a2fe
    2017-02-08 16:46 - 2017-02-08 16:46 - 03175031 _____ C:\Users\jesst\Downloads\Liquid - 16.vid
    2017-02-08 16:31 - 2017-02-08 16:31 - 03583405 _____ C:\Users\jesst\Downloads\Star - 690.mp4
    2017-02-08 15:10 - 2017-02-08 15:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1822decdd02205eb
    2017-02-08 12:29 - 2017-02-08 12:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignd99dddde2b1075cb
    2017-02-08 12:29 - 2017-02-08 12:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9b56b08a9e1e4302
    2017-02-08 12:29 - 2017-02-08 12:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign11988ebade914bc1
    2017-02-08 11:48 - 2017-02-13 21:50 - 00000000 ____D C:\Users\jesst\Desktop\PSD FILES
    2017-02-08 10:18 - 2017-02-08 10:18 - 03127917 _____ C:\Users\jesst\Downloads\Agriculture - 1098.mp4
    2017-02-07 07:07 - 2017-02-07 07:07 - 18830878 _____ C:\Users\jesst\Desktop\new add for OUDA.psd
    2017-02-07 06:21 - 2017-02-07 06:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignafa4ca57cde6f94b
    2017-02-07 06:20 - 2017-02-07 06:20 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign6cdbf2de79b9bf34
    2017-02-06 15:54 - 2017-02-06 15:54 - 06442051 _____ C:\Users\jesst\Downloads\004-6X9-Stacked-Paperback-books-COVERVAULT.zip
    2017-02-06 15:49 - 2017-02-06 15:49 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf04f24b31559cc7b
    2017-02-06 12:31 - 2017-02-06 12:31 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5d3d454c22ce5299
    2017-02-06 10:46 - 2017-02-06 10:46 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignaf5b47ab49655655
    2017-02-06 10:45 - 2017-02-06 10:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignbc624b3f4386c373
    2017-02-06 10:45 - 2017-02-06 10:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign603ad8b31f0ef047
    2017-02-05 12:43 - 2017-02-10 06:04 - 03564617 _____ C:\Users\jesst\Desktop\Gary trailer one.wve
    2017-02-05 12:08 - 2017-02-05 12:08 - 05883475 _____ C:\Users\jesst\Downloads\New York City - 1044.mp4
    2017-02-05 11:46 - 2017-02-05 11:46 - 38903430 _____ C:\Users\jesst\Downloads\052-Book-Novel-Mockup-5x8-COVERVAULT.zip
    2017-02-05 11:33 - 2017-02-05 11:33 - 06403319 _____ C:\Users\jesst\Downloads\Arable - 7015.mp4
    2017-02-05 11:33 - 2017-02-05 11:33 - 05414378 _____ C:\Users\jesst\Downloads\Arable - 7015 (1).mp4
    2017-02-05 11:23 - 2017-02-05 11:24 - 17714337 _____ C:\Users\jesst\Downloads\063-5x8-Paperback-Book-Small-Spine-Mockup-COVERVAULT.zip
    2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf931b2c3ab4a96f4
    2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf76640d3393c91c4
    2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignb1f63b777aab973c
    2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5e5742c61ec4785c
    2017-02-05 11:21 - 2017-02-05 11:21 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign1138e5285c0e352a
    2017-02-05 10:06 - 2017-02-05 10:06 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignae5503b7254453ae
    2017-02-04 19:29 - 2017-02-04 19:29 - 00010262 _____ C:\Users\jesst\Downloads\abstract-1299326.svg
    2017-02-04 19:15 - 2017-02-04 19:15 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign360f67926f9711cb
    2017-02-04 19:10 - 2017-02-04 19:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignabf471da72ebbdd9
    2017-02-04 19:10 - 2017-02-04 19:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign615455035dc7d15e
    2017-02-04 19:10 - 2017-02-04 19:10 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3ea9ce7e06b02a37
    2017-02-03 15:39 - 2017-02-03 15:39 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign58e83d527f3182b2
    2017-02-03 14:45 - 2017-02-03 14:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9c15656c65d3e62c
    2017-02-03 14:39 - 2017-02-03 14:39 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign84106649ae679ac5
    2017-02-02 16:06 - 2017-02-02 16:06 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsigndc575028ed100418
    2017-02-02 16:05 - 2017-02-02 16:05 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign39867cb35f4fb526
    2017-02-02 16:05 - 2017-02-02 16:05 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0f8bb9dd42c49a18
    2017-02-02 12:04 - 2017-02-02 12:04 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign36cd9cdc535e2106
    2017-02-02 12:04 - 2017-02-02 12:04 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign10d8279fa2b35c42
    2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignfc4840e5ffba7213
    2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignf607c1ee8a149a57
    2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign9e0dc0678df71d78
    2017-02-02 11:50 - 2017-02-02 11:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign87933b2dcd4e5b98
    2017-02-02 09:17 - 2017-02-02 09:18 - 05789106 _____ C:\Users\jesst\Desktop\Gary groundsmen.pdf
    2017-02-02 08:29 - 2017-02-02 08:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignef6db4f15a559f2f
    2017-02-02 08:29 - 2017-02-02 08:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign85f9cae434dedf0b
    2017-02-02 08:29 - 2017-02-02 08:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign4c532a2d052973d2
    2017-01-31 20:48 - 2017-02-02 14:31 - 154081525 _____ C:\Users\jesst\Desktop\Gary groundsmen.psd
    2017-01-31 20:43 - 2017-01-31 20:43 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign3828e4d020544d06
    2017-01-31 18:54 - 2017-01-31 18:54 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign30d23ed5fc06c195
    2017-01-31 18:53 - 2017-01-31 18:53 - 00338301 _____ C:\Users\jesst\Downloads\BookCover6x9_BW_330.zip
    2017-01-31 17:50 - 2017-01-31 17:50 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign5a41bd5d7ebcc7f5
    2017-01-31 17:34 - 2017-01-31 17:34 - 45333253 _____ C:\Users\jesst\Downloads\016-6x9-Book-Series-Ereader-Mockup-COVERVAULT.zip
    2017-01-31 17:34 - 2017-01-31 17:34 - 45333253 _____ C:\Users\jesst\Downloads\016-6x9-Book-Series-Ereader-Mockup-COVERVAULT (1).zip
    2017-01-31 09:29 - 2017-01-31 09:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsignaa7d4c67bde53144
    2017-01-31 09:29 - 2017-01-31 09:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign625f69d3d12a2e4c
    2017-01-31 09:29 - 2017-01-31 09:29 - 00000000 ____D C:\Users\jesst\AppData\Local\Tempzxpsign0e958021ad3fe750

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-03-02 08:50 - 2016-11-18 18:23 - 00000000 ____D C:\Program Files (x86)\AVG
    2017-03-02 08:50 - 2016-11-18 18:22 - 00000000 ____D C:\ProgramData\Avg
    2017-03-02 08:49 - 2016-11-18 18:22 - 00000000 ____D C:\Users\jesst\AppData\Local\AvgSetupLog
    2017-03-02 08:48 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-03-02 08:48 - 2016-05-16 13:55 - 00000000 ___RD C:\Users\jesst\Creative Cloud Files
    2017-03-02 08:48 - 2016-05-16 13:55 - 00000000 ____D C:\ProgramData\boost_interprocess
    2017-03-02 08:47 - 2016-05-20 08:23 - 00000000 ___RD C:\Users\jesst\Dropbox
    2017-03-02 08:47 - 2016-05-16 13:45 - 00000000 ____D C:\Users\jesst\AppData\Local\Adobe
    2017-03-02 08:44 - 2016-05-16 13:39 - 00000000 ___RD C:\Users\jesst\OneDrive
    2017-03-02 08:43 - 2016-05-16 13:35 - 00000000 __SHD C:\Users\jesst\IntelGraphicsProfiles
    2017-03-02 08:40 - 2015-11-02 12:02 - 00000000 __RHD C:\Users\Public\AccountPictures
    2017-03-02 08:39 - 2016-11-18 18:32 - 00000000 ____D C:\Users\jesst\AppData\Roaming\AVG
    2017-03-02 08:39 - 2016-09-18 06:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-03-02 08:38 - 2016-07-16 00:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
    2017-03-02 08:19 - 2017-01-08 13:24 - 00025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
    2017-03-02 06:53 - 2016-09-18 05:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-03-02 06:51 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-03-01 21:35 - 2016-07-13 12:42 - 00432008 _____ C:\Users\jesst\OneDrive\Documents\starburn.txt
    2017-03-01 21:01 - 2016-05-16 13:35 - 00000000 ____D C:\Users\jesst\AppData\Local\Packages
    2017-03-01 20:05 - 2016-05-17 16:31 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjesst.job
    2017-03-01 20:04 - 2016-09-18 05:56 - 00000000 ____D C:\Users\jesst
    2017-02-27 21:20 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
    2017-02-27 21:12 - 2016-09-18 05:55 - 01406478 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-02-27 20:20 - 2016-03-18 04:24 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2017-02-26 09:59 - 2016-09-18 06:28 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjesst
    2017-02-24 10:46 - 2016-05-16 16:11 - 00000000 ____D C:\WINDOWS\system32\MRT
    2017-02-24 10:43 - 2016-05-16 16:11 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-02-22 20:59 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-02-22 09:41 - 2016-12-09 11:03 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
    2017-02-22 09:41 - 2016-05-16 13:39 - 00002374 _____ C:\Users\jesst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-02-16 08:00 - 2016-11-18 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
    2017-02-11 17:39 - 2016-11-04 09:03 - 00000000 ___RD C:\Users\jesst\Desktop\TEASERS FOR TOB AUTHORS
    2017-02-07 06:13 - 2016-05-23 09:34 - 00002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-02-07 06:13 - 2016-05-23 09:34 - 00002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-02-06 13:48 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-02-06 13:48 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-02-05 19:03 - 2016-07-15 21:43 - 00000000 ____D C:\Users\jesst\OneDrive\Documents\Calibre Library
    2017-02-03 20:53 - 2017-01-29 18:20 - 02434463 _____ C:\Users\jesst\Desktop\Pam Ackerson video trailer..wve
    2017-01-31 09:28 - 2017-01-28 15:54 - 04005869 _____ C:\Users\jesst\Desktop\Interview Codi.wve

    ==================== Files in the root of some directories =======

    2016-08-31 22:16 - 2016-08-31 22:16 - 0000112 _____ () C:\Users\jesst\AppData\Roaming\JP2K CS6 Prefs
    2016-09-06 07:02 - 2016-09-06 07:02 - 0000028 _____ () C:\Users\jesst\AppData\Roaming\kulerdata.json
    2016-11-08 06:46 - 2016-11-18 08:14 - 0000129 _____ () C:\Users\jesst\AppData\Roaming\WB.CFG
    2016-08-28 19:21 - 2016-08-28 19:21 - 0005260 _____ () C:\Users\jesst\AppData\Local\recently-used.xbel
    2016-08-28 14:26 - 2016-08-28 14:26 - 0000017 _____ () C:\Users\jesst\AppData\Local\resmon.resmoncfg
    2016-09-01 15:29 - 2016-09-17 22:14 - 0019698 _____ () C:\ProgramData\Coinstaller.log
    2016-09-01 15:26 - 2016-09-01 15:26 - 0000086 _____ () C:\ProgramData\dleascan.log

    Some files in TEMP:
    ====================
    2016-12-17 20:56 - 2016-12-15 00:01 - 170618168 _____ (                                                            ) C:\Users\jesst\AppData\Local\Temp\filmora_64bit_full846.exe
    2017-03-02 07:18 - 2016-11-11 19:02 - 11581544 _____ (SurfRight B.V.) C:\Users\jesst\AppData\Local\Temp\HitmanPro.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-02-21 08:19

    ==================== End of FRST.txt ============================

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.