Help using old computer to build new one

johnb35 · May 22, 2016

You can either copy and paste the text which would be easier to read or you can actually click on the "upload a file" button when you reply to this thread.

jakehill307 · May 22, 2016

Ok, prepare for a wave of text;

# AdwCleaner v5.117 - Logfile created 22/05/2016 at 13:38:46
# Updated 15/05/2016 by Xplode
# Database : 2016-05-15.2 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : Jake - JAKE-PC
# Running from : C:\Users\Jake\Downloads\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\s

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [817 bytes] - [22/05/2016 13:38:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [866 bytes] - [22/05/2016 13:37:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [961 bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Pro x64
Ran by Jake (Administrator) on Sun 05/22/2016 at 13:46:11.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 1

Successfully deleted: C:\Users\Jake\Appdata\LocalLow\koyotesoftmoviestoolbarha (Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 05/22/2016 at 13:48:14.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-----------------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/22/2016
Scan Time: 1:52 PM
Logfile: Malwarebytes Scan Log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.22.03
Rootkit Database: v2016.05.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Jake

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342142
Time Elapsed: 13 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

-------------------------------------

OTL logfile created on: 5/22/2016 2:08:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jake\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 69.78% Memory free
5.12 Gb Paging File | 4.14 Gb Available in Paging File | 80.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.12 Gb Total Space | 198.16 Gb Free Space | 42.60% Space Free | Partition Type: NTFS

Computer Name: JAKE-PC | User Name: Jake | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Jake\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation)
PRC - C:\Windows\syswow64\backgroundTaskHost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_26262) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_26262) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_26262) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_26262) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_26262) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV - (StateRepository) -- C:\Windows\syswow64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\syswow64\lfsvc.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\syswow64\CoreMessaging.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\syswow64\Unistore.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\syswow64\smphost.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\syswow64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (fcvsc) -- C:\Windows\SysNative\drivers\fcvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2016/05/22 20:33:28 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4 - HKCU..\Run: [OneDrive] C:\Users\Jake\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{b22f1305-4907-473d-9aa3-2655f0690a8a}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2016/05/22 21:21:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\InfusedApps
[2016/05/22 21:21:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2016/05/22 21:21:28 | 000,000,000 | ---D | C] -- C:\Windows.old
[2016/05/22 20:49:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2016/05/22 20:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Setup
[2016/05/22 20:46:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\OCR
[2016/05/22 20:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2016/05/22 20:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2016/05/22 20:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2016/05/22 20:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2016/05/22 20:45:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\winrm
[2016/05/22 20:45:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\WCN
[2016/05/22 20:45:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sysprep
[2016/05/22 20:45:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\slmgr
[2016/05/22 20:45:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Printing_Admin_Scripts
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\winrm
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WCN
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\UMDF
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\UMDF\en-US
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\en-US
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\en
[2016/05/22 20:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\0409
[2016/05/22 20:45:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\slmgr
[2016/05/22 20:45:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Printing_Admin_Scripts
[2016/05/22 20:45:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\en
[2016/05/22 20:45:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\UMDF\en-US
[2016/05/22 20:45:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\en-US
[2016/05/22 20:45:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\0409
[2016/05/22 20:45:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\en-US
[2016/05/22 20:45:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\DigitalLocker
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\zh-TW
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\zh-HK
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\zh-CN
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\WinMetadata
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Web
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Vss
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\tracing
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Tasks
[2016/05/22 20:37:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\TAPI
[2016/05/22 20:37:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Nui
[2016/05/22 20:37:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\F12
[2016/05/22 20:37:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\DiagSvcs
[2016/05/22 20:37:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Configuration
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\WindowsPowerShell
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\wbem
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\uk-UA
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\tr-TR
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\th-TH
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Tasks
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\syswow64
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sv-SE
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sru
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sr-Latn-RS
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sr-Latn-CS
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sppui
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\spp
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Speech_OneCore
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Speech
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\SMI
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sl-SI
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sk-SK
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\setup
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ru-RU
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ro-RO
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\restore
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Recovery
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RasToast
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ras
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\pt-PT
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\pt-BR
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\pl-PL
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\oobe
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\nl-NL
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\networklist
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NDF
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\nb-NO
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\MUI
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\MsDtc
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\MSDRM
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\migwiz
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\migration
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\MailContactsCalendarSync
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Macromed
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\lv-LV
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\lt-LT
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\LogFiles
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Licenses
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ko-KR
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ja-JP
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\it-IT
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Ipmi
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\InstallShield
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\InputMethod
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\inetsrv
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\IME
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\icsxml
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\hu-HU
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\hr-HR
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\he-IL
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\GroupPolicyUsers
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\GroupPolicy
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\FxsTmp
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\fr-FR
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\fr-CA
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\fi-FI
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\et-EE
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\es-MX
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\es-ES
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\en-US
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\en-GB
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\el-GR
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\DriverStore
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\downlevel
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Dism
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\de-DE
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\da-DK
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\cs-CZ
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\config
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Com
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\catroot
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Bthprops
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\bg-BG
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ar-SA
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\AppLocker
[2016/05/22 20:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\AdvancedInstallers
[2016/05/22 20:37:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SystemResources
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\Program Files (x86)\WindowsPowerShell
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\Nui
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\F12
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\dsc
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\DiagSvcs
[2016/05/22 20:37:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\Configuration
[2016/05/22 20:37:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Media
[2016/05/22 20:37:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2016/05/22 20:37:41 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\PurchaseDialog
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\PrintDialog
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\MiracastView
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\ImmersiveControlPanel
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\DevicesFlow
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\DesktopTileResources
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/05/22 20:37:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016/05/22 20:37:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\BitLockerDiscoveryVolumeContents
[2016/05/22 20:37:41 | 000,000,000 | -H-D | C] -- C:\ProgramData
[2016/05/22 20:37:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Installer
[2016/05/22 20:37:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ELAMBKUP
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\zh-TW
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\zh-HK
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\zh-CN
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WinMetadata
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\winevt
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WindowsPowerShell
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WinBioPlugIns
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WinBioDatabase
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\WDI
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\wbem
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\USOPrivate
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\uk-UA
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\tr-TR
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\th-TH
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Tasks
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SystemResetPlatform
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SystemApps
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sv-SE
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sru
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sr-Latn-RS
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sr-Latn-CS
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sppui
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\spp
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\spool
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Speech_OneCore
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Speech_OneCore
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\Speech
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Speech
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Speech
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftwareDistribution
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sl-SI
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\sk-SK
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SKB
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\setup
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SecureBootUpdates
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\schemas
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SchCache
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ru-RU
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ro-RO
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\restore
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\rescache
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Recovery
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\RasToast
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ras
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\pt-PT
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\pt-BR
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ProximityToast
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\prefetch
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\PolicyDefinitions
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\PointOfService
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\pl-PL
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\PLA
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\oobe
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\nl-NL
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\networklist
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NDF
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\nb-NO
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MUI
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MsDtc
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MSDRM
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ModemLogs
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\migwiz
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\migration
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Migration
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MailContactsCalendarSync
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Macromed
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\lv-LV
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\lt-LT
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\LogFiles
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LiveKernelReports
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Licenses
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ko-KR
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ja-JP
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\it-IT
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Ipmi
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\InputMethod
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\InputMethod
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\inetsrv
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\IME
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\IME
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\icsxml
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\hu-HU
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\hr-HR
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\he-IL
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\GroupPolicyUsers
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\GroupPolicy
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\FxsTmp
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\fr-FR
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\fr-CA
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\fi-FI
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\et-EE
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\etc
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\es-MX
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\es-ES
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\en-US
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\en-GB
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\el-GR
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\downlevel
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Dism
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\diagnostics
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\de-DE
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\debug
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\da-DK
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\cs-CZ
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Comms
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Com
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\CodeIntegrity
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\catroot2
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Bthprops
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Branding
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Boot
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Boot
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\bg-BG
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\bcastdvr
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\ar-SA
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppReadiness
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\AppLocker
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\appcompat
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\AdvancedInstallers
[2016/05/22 20:37:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2016/05/22 20:37:40 | 000,000,000 | --SD | C] -- C:\Program Files\WindowsPowerShell
[2016/05/22 20:37:40 | 000,000,000 | R--D | C] -- C:\WINDOWS\assembly
[2016/05/22 20:37:40 | 000,000,000 | -HSD | C] -- C:\Program Files\Windows Sidebar
[2016/05/22 20:37:40 | 000,000,000 | -HSD | C] -- C:\Program Files (x86)\Windows Sidebar
[2016/05/22 20:37:40 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsApps
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Photo Viewer
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Multimedia Platform
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Multimedia Platform
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mail
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Defender
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Sysprep
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microsoft shared
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2016/05/22 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer
[2016/05/22 20:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\UMDF
[2016/05/22 20:37:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers
[2016/05/22 20:35:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\INF
[2016/05/22 20:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\CbsTemp
[2016/05/22 20:14:20 | 000,000,000 | R--D | C] -- C:\Users
[2016/05/22 20:14:20 | 000,000,000 | R--D | C] -- C:\Program Files
[2016/05/22 20:14:20 | 000,000,000 | R--D | C] -- C:\Program Files (x86)
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\Windows
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SMI
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\servicing
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DriverStore
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\config
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files
[2016/05/22 20:14:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\CatRoot
[2016/05/22 20:13:56 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2016/05/22 20:13:10 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2016/05/22 13:51:03 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/22 13:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/05/22 13:50:24 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2016/05/22 13:50:24 | 000,065,408 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2016/05/22 13:50:24 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2016/05/22 13:50:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/05/22 13:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/05/22 13:38:56 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\PeerDistRepub
[2016/05/22 13:36:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/05/22 13:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016/05/22 13:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2016/05/22 13:27:58 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Programs
[2016/05/22 13:25:13 | 000,000,000 | R--D | C] -- C:\Users\Jake\OneDrive
[2016/05/22 13:22:49 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Macromedia
[2016/05/22 13:06:13 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\MicrosoftEdge
[2016/05/22 13:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2016/05/22 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\ActiveSync
[2016/05/22 13:01:45 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Publishers
[2016/05/22 13:00:23 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\VirtualStore
[2016/05/22 13:00:08 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016/05/22 13:00:08 | 000,000,000 | R--D | C] -- C:\Users\Jake\Searches
[2016/05/22 13:00:08 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016/05/22 12:59:57 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Packages
[2016/05/22 12:59:55 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Adobe
[2016/05/22 12:59:38 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\TileDataLayer
[2016/05/22 12:59:26 | 000,000,000 | -H-D | C] -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/05/22 12:52:28 | 000,000,000 | -HSD | C] -- C:\Recovery
[2016/05/22 12:52:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2016/05/22 12:52:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2016/05/22 12:52:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2016/05/22 12:52:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2016/05/22 12:52:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2016/05/22 12:52:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\AppData\Local\Temporary Internet Files
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Templates
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Start Menu
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\SendTo
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Recent
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\PrintHood
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\NetHood
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Documents\My Videos
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Documents\My Pictures
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Documents\My Music
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\My Documents
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Local Settings
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\AppData\Local\History
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Cookies
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Application Data
[2016/05/22 12:48:25 | 000,000,000 | -HSD | C] -- C:\Users\Jake\AppData\Local\Application Data
[2016/05/22 12:48:23 | 000,000,000 | --SD | C] -- C:\Users\Jake\AppData\Roaming\Microsoft
[2016/05/22 12:48:23 | 000,000,000 | R-SD | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2016/05/22 12:48:23 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2016/05/22 12:48:23 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/05/22 12:48:23 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016/05/22 12:48:23 | 000,000,000 | -H-D | C] -- C:\Users\Jake\AppData
[2016/05/22 12:48:23 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Temp
[2016/05/22 12:48:23 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Microsoft
[2016/05/22 12:48:23 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/05/22 12:38:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2016/05/22 12:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2016/05/22 12:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2016/05/22 12:37:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs
[2016/05/22 12:30:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2016/05/22 12:26:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles

========== Files - Modified Within 30 Days ==========

[2016/05/22 20:33:36 | 000,001,988 | ---- | M] () -- C:\WINDOWS\SysWow64\ticrf.rat
[2016/05/22 20:33:35 | 000,215,943 | ---- | M] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/05/22 20:33:35 | 000,008,798 | ---- | M] () -- C:\WINDOWS\SysWow64\icrav03.rat
[2016/05/22 20:33:35 | 000,000,741 | ---- | M] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/05/22 20:33:28 | 000,017,463 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\services
[2016/05/22 20:33:28 | 000,003,683 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\lmhosts.sam
[2016/05/22 20:33:28 | 000,001,988 | ---- | M] () -- C:\WINDOWS\SysNative\ticrf.rat
[2016/05/22 20:33:28 | 000,001,358 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\protocol
[2016/05/22 20:33:28 | 000,000,824 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2016/05/22 20:33:28 | 000,000,407 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\networks
[2016/05/22 20:33:27 | 000,215,943 | ---- | M] () -- C:\WINDOWS\SysNative\dssec.dat
[2016/05/22 20:33:27 | 000,015,462 | ---- | M] () -- C:\WINDOWS\SysNative\OEMDefaultAssociations.xml
[2016/05/22 20:33:27 | 000,008,798 | ---- | M] () -- C:\WINDOWS\SysNative\icrav03.rat
[2016/05/22 20:33:27 | 000,000,858 | ---- | M] () -- C:\WINDOWS\SysNative\DefaultQuestions.json
[2016/05/22 20:33:27 | 000,000,741 | ---- | M] () -- C:\WINDOWS\SysNative\NOISE.DAT
[2016/05/22 20:33:27 | 000,000,389 | ---- | M] () -- C:\WINDOWS\SysNative\AutoWorkplace.exe.config
[2016/05/22 20:33:08 | 000,296,742 | ---- | M] () -- C:\WINDOWS\SysNative\perfi009.dat
[2016/05/22 20:33:08 | 000,033,362 | ---- | M] () -- C:\WINDOWS\SysNative\perfd009.dat
[2016/05/22 13:51:46 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/22 13:50:34 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/05/22 13:48:13 | 000,879,220 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/05/22 13:48:13 | 000,747,420 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/05/22 13:48:13 | 000,142,854 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/05/22 13:42:54 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/05/22 13:40:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/05/22 13:40:43 | 1610,317,824 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/22 13:29:47 | 000,069,932 | ---- | M] () -- C:\Users\Jake\Desktop\SMART.png
[2016/05/22 13:28:20 | 000,001,255 | ---- | M] () -- C:\Users\Jake\Desktop\CrystalDiskInfo.lnk
[2016/05/22 13:05:53 | 000,045,806 | ---- | M] () -- C:\Users\Jake\Desktop\Removed Apps.html
[2016/05/22 12:45:58 | 000,189,240 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/05/22 10:18:45 | 000,002,411 | ---- | M] () -- C:\Users\Jake\Documents\windowskey.vbs

========== Files Created - No Company Name ==========

[2016/05/22 21:24:08 | 000,000,619 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2016/05/22 21:24:08 | 000,000,619 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2016/05/22 20:41:15 | 000,747,420 | ---- | C] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/05/22 20:41:15 | 000,296,742 | ---- | C] () -- C:\WINDOWS\SysNative\perfi009.dat
[2016/05/22 20:41:15 | 000,142,854 | ---- | C] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/05/22 20:41:15 | 000,033,362 | ---- | C] () -- C:\WINDOWS\SysNative\perfd009.dat
[2016/05/22 20:38:29 | 000,001,988 | ---- | C] () -- C:\WINDOWS\SysWow64\ticrf.rat
[2016/05/22 20:38:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/05/22 20:38:28 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/05/22 20:38:28 | 000,008,798 | ---- | C] () -- C:\WINDOWS\SysWow64\icrav03.rat
[2016/05/22 20:38:16 | 000,017,463 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\etc\services
[2016/05/22 20:38:16 | 000,003,683 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\etc\lmhosts.sam
[2016/05/22 20:38:16 | 000,001,358 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\etc\protocol
[2016/05/22 20:38:16 | 000,000,824 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2016/05/22 20:38:16 | 000,000,407 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\etc\networks
[2016/05/22 20:38:15 | 000,015,462 | ---- | C] () -- C:\WINDOWS\SysNative\OEMDefaultAssociations.xml
[2016/05/22 20:38:15 | 000,001,988 | ---- | C] () -- C:\WINDOWS\SysNative\ticrf.rat
[2016/05/22 20:38:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysNative\NOISE.DAT
[2016/05/22 20:37:58 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysNative\dssec.dat
[2016/05/22 20:37:58 | 000,008,798 | ---- | C] () -- C:\WINDOWS\SysNative\icrav03.rat
[2016/05/22 20:37:58 | 000,000,858 | ---- | C] () -- C:\WINDOWS\SysNative\DefaultQuestions.json
[2016/05/22 20:37:58 | 000,000,389 | ---- | C] () -- C:\WINDOWS\SysNative\AutoWorkplace.exe.config
[2016/05/22 13:50:34 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/05/22 13:29:47 | 000,069,932 | ---- | C] () -- C:\Users\Jake\Desktop\SMART.png
[2016/05/22 13:28:19 | 000,001,255 | ---- | C] () -- C:\Users\Jake\Desktop\CrystalDiskInfo.lnk
[2016/05/22 13:25:14 | 000,002,360 | ---- | C] () -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2016/05/22 13:05:53 | 000,045,806 | ---- | C] () -- C:\Users\Jake\Desktop\Removed Apps.html
[2016/05/22 12:52:52 | 000,879,220 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/05/22 12:48:24 | 000,000,352 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/05/22 12:48:24 | 000,000,334 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/05/22 12:45:41 | 1610,317,824 | -HS- | C] () -- C:\hiberfil.sys
[2016/05/22 12:27:27 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/05/22 12:25:52 | 000,189,240 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/05/22 10:15:27 | 000,002,411 | ---- | C] () -- C:\Users\Jake\Documents\windowskey.vbs
[2015/10/30 08:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 08:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 08:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 08:18:34 | 000,157,696 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2015/10/30 08:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 08:18:31 | 001,858,424 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2015/10/30 08:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 08:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 08:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 08:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 08:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 08:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 08:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 08:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/11/25 13:29:40 | 000,001,071 | ---- | C] () -- C:\Users\Jake\Documents - Shortcut.lnk

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2015/10/30 08:17:59 | 006,601,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2015/10/30 08:18:31 | 005,237,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 08:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 08:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 08:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

========== Purity Check ==========

< End of report >

johnb35 · May 22, 2016

Ok, I'm not really seeing anything there. Lets try this.

Please download and run TDSSkiller

When the program opens, click on change parameters, put a check next to detect tdlfs file system, click ok, click on the start scan button.

TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.

After trying to clean them it will pop up with the results of the scan and its actions.

Please reboot the system if asked to do so.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

Please open the log and copy and paste it back here.

jakehill307 · May 22, 2016

johnb35 said:
Ok, I'm not really seeing anything there. Lets try this.

Please download and run TDSSkiller

When the program opens, click on change parameters, put a check next to detect tdlfs file system, click ok, click on the start scan button.

TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.

After trying to clean them it will pop up with the results of the scan and its actions.

Please reboot the system if asked to do so.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

Please open the log and copy and paste it back here.

Thanks for the help John, I will try this tommorow and post the results here

jakehill307 · May 23, 2016

The text file is too large to copy and paste into a message but 0 threats found, perhaps it is just the hardrive dying as opposed to a virus?

spirit · May 23, 2016

jakehill307 said:
The text file is too large to copy and paste into a message but 0 threats found, perhaps it is just the hardrive dying as opposed to a virus?

It could be. Did you ever manage to get the Hitachi software to check your drive? You need to burn the ISO to a CD and boot off it to test the drive. It could take a few hours. I've never used the Hitachi software before but if there is the option to then do a deep/extended/media scan to fully test the drive for bad sectors. Your PC is displaying the symptoms of a bad hard drive. You could check the Event Viewer in Windows too and see if you have any errors in there that could be related to a bad hard disk.

jakehill307 · May 23, 2016

spirit said:
It could be. Did you ever manage to get the Hitachi software to check your drive? You need to burn the ISO to a CD and boot off it to test the drive. It could take a few hours. I've never used the Hitachi software before but if there is the option to then do a deep/extended/media scan to fully test the drive for bad sectors. Your PC is displaying the symptoms of a bad hard drive. You could check the Event Viewer in Windows too and see if you have any errors in there that could be related to a bad hard disk.

I managed to get it working earlier, I only ran a quick scan though, it said "operation complete - disposition code 0x00. I will run the extended one tommorow, although I think I might just buy a new one to go with my SSD instead of risking keeping a dodgy/infected one.

spirit · May 23, 2016

jakehill307 said:
I managed to get it working earlier, I only ran a quick scan though, it said "operation complete - disposition code 0x00. I will run the extended one tommorow, although I think I might just buy a new one to go with my SSD instead of risking keeping a dodgy/infected one.

Sounds like a plan. The deep scan might give more accurate results. I think your disk is bad.

johnb35 · May 23, 2016

Yeah, I don't see nothing to worry about there. Could be either a failing hdd or software issue. Can you look in event viewer to see any error messages that may explain the long bootup time? Look in either system or application logs under windows.

jakehill307 · May 23, 2016

Thanks for all the help guys, I will run a deep scan and check event viewer tommorow and report back. Can you reccomend a decent brand RAM to purchase? I've checked my mobo specs and best it can take is 2 x DDR3 4GB 1600, Corsair is the cheapest brand I recognise at £30 for two sticks. I checked CPU-X and my current RAM is 1 x DDR3 4GB 800

johnb35 · May 23, 2016

Corsair is usually the more expensive. Look at either Gskill or Kingston. You should get matching ram though to match your old stick. Cpuz should give you a model number for the ram stick.

jakehill307 · May 23, 2016

CPUZ showed me it is DDR3 4GB 800 but I figured if my mobo can take 1600 I should just get 2 x 4GB sticks of 1600 and remove my old stick. Or is that a bad thing to do? The corsair sticks I have found are XMS3 or Vengeance. Both priced around £30 for 2 sticks

spirit · May 23, 2016

jakehill307 said:
CPUZ showed me it is DDR3 4GB 800 but I figured if my mobo can take 1600 I should just get 2 x 4GB sticks of 1600 and remove my old stick. Or is that a bad thing to do? The corsair sticks I have found are XMS3 or Vengeance. Both priced around £30 for 2 sticks

That's a good idea and good value too. Go for it!

johnb35 · May 23, 2016

jakehill307 said:
CPUZ showed me it is DDR3 4GB 800

There is no such thing as ddr3 800, what you are actually seeing is 1600mhz since ddr means double data rate. So in fact ddr3 1333mhz will come up as ddr3 667 in cpuz. You can also physically look at the label on the memory stick and it will show you that its 1600mhz.

jakehill307 · May 23, 2016

johnb35 said:
There is no such thing as ddr3 800, what you are actually seeing is 1600mhz since ddr means double data rate. So in fact ddr3 1333mhz will come up as ddr3 667 in cpuz. You can also physically look at the label on the memory stick and it will show you that its 1600mhz.

Ah thank you for that, if my existing one is 1600mhz I will just get one the same as my existing and save myself a bit of money, thank you. Just a replacement hard drive to get noe to go with my SSD

jakehill307 · May 24, 2016

With my SSD due tomorrow I opened up my PC and noticed I only have space for one hard drive. As you can see from my poor sketch I have the space to mount 4 in total. However I only have 1 ledge on the other side for it to sit on.

This is probably a stupid question but I assume there is something I can buy to add another 'ledge' in, an extension piece of some sort? If so can anyone point me in the right direction? I have searched all sorts and cannot find anything.

beers · May 24, 2016

Do the holes line up to mount it vertically?

jakehill307 · May 24, 2016

beers said:
Do the holes line up to mount it vertically?

I suppose it could mount vertically but then I am still stuck with the same problem of only 1 side of the hard drive mounted with screws, just in a vertical position.

beers · May 24, 2016

jakehill307 said:
still stuck with the same problem of only 1 side of the hard drive mounted with screws

What specific case do you have?

Here's my 3d printing PC for reference which has a similar situation.
http://i.imgur.com/85pTPRn.jpg

jakehill307 · May 24, 2016

beers said:
What specific case do you have?

Here's my 3d printing PC for reference which has a similar situation.
http://i.imgur.com/85pTPRn.jpg

I have no idea on the case, no brand names or numbers anywhere on it. I understand what you mean by vertically now I will have to wait for the SSD to arrive to see if I can mount it like that. I just assumed you could buy another piece of metal which attaches to the existing 'ledge' creating another 'ledge' underneath for a second hard drive, if that makes sense

Help using old computer to build new one

Administrator

Member

Administrator

Member

Member

Attachments

Moderator

Member

Moderator

Administrator

Member

Administrator

Member

Moderator

Administrator

Member

Member

Moderator

Member

Moderator

Member