Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unwanted chrome search bar UPDATED


  • This topic is locked This topic is locked
5 replies to this topic

#1 Jtford12

Jtford12

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 11 September 2016 - 05:04 PM

I currently have an unwanted search bar attached to my chrome browser. I have tried running multiple malware scans yet nothing fixes it. I have checked my extensions and add-ons but nothing seems to be causing it. I have also reinstalled chrome and made new profiles but it's still there. Guides say to simply uninstall the program causing it but i don't have any malicious programs installed. The search bar flashes a url "Play-bar" when i search something in it and redirects me to bing. a photo is provided in this link http://imgur.com/a/4rkef. Anything will help.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:32 AM

Posted 11 September 2016 - 05:53 PM

Hello, appears we need a deeper look then,

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Jtford12

Jtford12
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 11 September 2016 - 07:10 PM

I currently have an unwanted search bar attached to my chrome browser. I have tried running multiple malware scans yet nothing fixes it. I have checked my extensions and add-ons but nothing seems to be causing it. I have also reinstalled chrome and made new profiles but it's still there. Guides say to simply uninstall the program causing it but i don't have any malicious programs installed. The search bar flashes a url "Play-bar" when i search something in it and redirects me to bing. a photo is provided in this link http://imgur.com/a/4rkef. Anything will help.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Jacob Ford (administrator) on JTFORD (11-09-2016 19:48:41)
Running from C:\Users\Jacob Ford\AppData\Local\Temp
Loaded Profiles: Jacob Ford (Available Profiles: Jacob Ford)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(juvlarN) C:\Users\Jacob Ford\AppData\Local\Temp\Rar$EXa0.615\vibrance.GUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Hammer & Chisel, Inc.) C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-28] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5232072 2016-08-05] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [4131792 2015-09-10] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-09-09] (MSI)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [PaperCut NG Client] => C:\Program Files (x86)\PaperCut NG Client\pc-client.exe [359952 2015-02-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Spotify Web Helper] => C:\Users\Jacob Ford\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-18] (Spotify Ltd)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Discord] => C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Spotify] => C:\Users\Jacob Ford\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-18] (Spotify Ltd)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [vibranceGUI] => C:\Users\Jacob Ford\AppData\Local\Temp\Rar$EXa0.615\vibrance.GUI.exe [1072128 2015-05-26] (juvlarN) <===== ATTENTION
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [uTorrent] => C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-10] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-26] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-11]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2016-09-11]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Core Temp (2).lnk [2016-09-11]
ShortcutTarget: Core Temp (2).lnk -> C:\Program Files\Core Temp\Core Temp.exe ()
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-07-17] ()
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-09-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vibrance.GUI - Shortcut.lnk [2016-09-11]
ShortcutTarget: vibrance.GUI - Shortcut.lnk -> C:\Users\Jacob Ford\Desktop\NewTool\vibrance.GUI.exe (juvlarN)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
AutoConfigURL: [S-1-5-21-2168075039-1580078062-3771521820-1001] => hxxp://non-block.com/wpad.dat?ba3227ae9e38c8a69de64986aba7fe9b16260752
Tcpip\Parameters: [DhcpNameServer] 141.219.70.130 141.219.100.30
Tcpip\..\Interfaces\{31fc7835-623a-4c09-a0ba-86bd36422c52}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{e90dcd12-3628-47ba-8f5d-4cba49476815}: [DhcpNameServer] 141.219.70.130 141.219.100.30
ManualProxies: 0hxxp://non-block.com/wpad.dat?ba3227ae9e38c8a69de64986aba7fe9b16260752
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.4.1.5514075\npmathplugin.dll [2016-04-11] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: (No Name) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2016-06-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome: 
=======
CHR Profile: C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default
CHR Extension: (Google Drive) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-28]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-28]
CHR Extension: (Adblock Plus) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-11]
CHR Extension: (Summer Holidays) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\mfecfgangbaamlkdcebkbngncpabddea [2016-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-28]
CHR Extension: (Gmail) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-11]
CHR Profile: C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
CHR Extension: (BetterTTV) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-11]
CHR Extension: (Google Docs) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
CHR Extension: (Google Drive) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-11]
CHR Extension: (Google Sheets) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
CHR Extension: (Summer Holidays) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfecfgangbaamlkdcebkbngncpabddea [2016-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (exeGuard) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\oakkidgacnogpkfpogddnieajdfmgacf [2016-09-11]
CHR Extension: (Gmail) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-11]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-26] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1392648 2016-07-10] ()
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-09-12] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [452096 2015-09-17] (Rivet Networks) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [112592 2015-09-10] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe [282016 2015-06-17] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2016-08-14] (Electronic Arts)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [949480 2016-06-24] ()
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-08-14] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2016-09-10] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2016-09-10] ()
S4 RzKLService; G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5232072 2016-08-05] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-26] (AVAST Software)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [142408 2015-09-16] (Rivet Networks, LLC.)
S3 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150521.001\BHDrvx64.sys [1640152 2015-06-04] (Symantec Corporation)
S3 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605000.07C\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-06-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-06-27] (Symantec Corporation)
R1 ESEADriver2; C:\Users\Jacob Ford\AppData\Local\Temp\ESEADriver2.sys [315016 2016-06-28] ()
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [281896 2015-07-20] (Intel Corporation)
S3 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150519.100\IDSVia64.sys [684248 2015-06-04] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows ® Win 7 DDK provider)
R3 KillerEth; C:\Windows\System32\drivers\e24w8x64.sys [156232 2015-09-03] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160627.008\ENG64.SYS [138456 2016-06-27] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160627.008\EX64.SYS [2148056 2016-06-27] (Symantec Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [38216 2016-08-03] (SoftEther Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [46016 2016-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2016-04-21] (The OpenVPN Project)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [51024 2016-08-05] (SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SRTSP; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSP64.SYS [917720 2015-06-04] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSPX64.SYS [42200 2015-06-04] (Symantec Corporation)
S3 SymEFASI; C:\Windows\system32\drivers\NSx64\1605000.07C\SYMEFASI64.SYS [1611992 2015-06-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605000.07C\SymELAM.sys [23568 2015-06-04] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102616 2016-06-28] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NSx64\1605000.07C\Ironx64.SYS [288984 2015-06-04] (Symantec Corporation)
S3 SymNetS; C:\Windows\system32\drivers\NSx64\1605000.07C\SYMNETS.SYS [567512 2015-06-04] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\JACOBF~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-11 19:48 - 2016-09-11 19:48 - 00000000 ____D C:\FRST
2016-09-11 19:47 - 2016-09-11 19:48 - 01855040 _____ (Free Sky Business LP) C:\Users\Jacob Ford\Downloads\FRST64_exeguard.exe
2016-09-11 17:22 - 2016-09-11 17:22 - 00000000 _____ C:\WINDOWS\cd_127
2016-09-11 15:14 - 2016-09-11 15:20 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-11 15:14 - 2016-09-11 15:14 - 11572656 _____ (SurfRight B.V.) C:\Users\Jacob Ford\Downloads\hitmanpro_x64.exe
2016-09-11 14:47 - 2016-09-11 18:11 - 00019898 _____ C:\WINDOWS\ntbtlog.txt
2016-09-11 14:43 - 2016-09-11 14:43 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-11 14:43 - 2016-09-11 14:43 - 00002340 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-11 12:43 - 2016-09-11 14:43 - 00000000 ____D C:\AdwCleaner
2016-09-11 12:09 - 2016-09-11 12:09 - 00070860 _____ C:\Users\Jacob Ford\Documents\cc_20160911_120900.reg
2016-09-11 11:41 - 2016-09-11 17:53 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-11 11:40 - 2016-09-11 11:40 - 22851472 _____ (Malwarebytes ) C:\Users\Jacob Ford\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-11 11:40 - 2016-09-11 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-11 11:40 - 2016-09-11 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-11 11:40 - 2016-09-11 11:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-11 11:40 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-11 11:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-11 11:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-11 11:35 - 2016-09-11 11:35 - 01065376 _____ (Google Inc.) C:\Users\Jacob Ford\Downloads\ChromeSetup.exe
2016-09-11 11:27 - 2016-09-11 11:27 - 00034947 _____ C:\Users\Jacob Ford\Downloads\Lab 4 Function Transformations.nb
2016-09-11 11:23 - 2016-09-11 11:24 - 00054468 _____ C:\Users\Jacob Ford\Downloads\Resume Checklist 2.pdf
2016-09-10 21:57 - 2016-09-10 21:57 - 00682280 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2016-09-10 21:54 - 2016-09-10 21:54 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Activision
2016-09-10 21:48 - 2016-09-10 21:54 - 161098633 _____ C:\Users\Jacob Ford\Downloads\Cheese Cube Unlimited v1.0.exe
2016-09-10 21:11 - 2016-09-10 21:11 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-09 13:40 - 2016-09-09 13:40 - 00147003 _____ C:\Users\Jacob Ford\Downloads\Unity Through Sports - Google Docs.pdf
2016-09-07 21:49 - 2016-09-07 21:51 - 00028130 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions (2).nb
2016-09-07 21:15 - 2016-09-07 21:57 - 00028853 _____ C:\Users\Jacob Ford\Downloads\Lab 3 Functions Assignment Calc I (1).nb
2016-09-07 21:09 - 2016-09-07 21:44 - 00027933 _____ C:\Users\Jacob Ford\Downloads\Lab 3 Functions Calc I.nb
2016-09-07 16:25 - 2016-09-07 16:25 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\WindSolutions
2016-09-07 16:24 - 2016-09-07 16:24 - 00000000 ____D C:\ProgramData\WindSolutions
2016-09-07 14:16 - 2016-09-11 12:02 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-09-07 14:16 - 2016-09-11 12:02 - 00001820 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Apple Computer
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Apple Computer
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\ProgramData\Apple Computer
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\ProgramData\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\iTunes
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\iPod
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\Bonjour
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-09-07 14:14 - 2016-09-07 14:15 - 170493768 _____ (Apple Inc.) C:\Users\Jacob Ford\Downloads\iTunes6464Setup.exe
2016-09-07 14:04 - 2016-09-07 14:10 - 136044335 _____ C:\Users\Jacob Ford\Downloads\Frank Ocean - Blonde.zip
2016-09-07 11:14 - 2016-09-07 11:14 - 00010680 _____ C:\Users\Jacob Ford\Downloads\Lab 3 Functions Assignment Calc I.nb
2016-09-05 14:58 - 2016-09-05 14:58 - 00022543 _____ C:\Users\Jacob Ford\Downloads\subscribe.htm
2016-09-05 12:08 - 2016-09-05 12:08 - 00027986 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions (1).nb
2016-09-05 12:06 - 2016-09-05 12:17 - 00019571 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions Assignment .nb
2016-09-05 11:56 - 2016-09-05 11:56 - 00027986 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions.nb
2016-09-03 21:46 - 2016-09-03 21:46 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Celavimus
2016-09-03 21:45 - 2016-09-11 12:02 - 00001369 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2016-09-03 21:45 - 2016-09-03 21:46 - 00000000 ____D C:\ProgramData\Celavimus
2016-09-03 21:45 - 2016-09-03 21:45 - 02020792 _____ ( ) C:\Users\Jacob Ford\Downloads\CEVOClientSetup.exe
2016-09-03 21:45 - 2016-09-03 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2016-09-03 21:45 - 2016-09-03 21:45 - 00000000 ____D C:\Program Files (x86)\CEVO
2016-09-01 18:33 - 2016-09-01 18:33 - 00627200 _____ C:\Users\Jacob Ford\Downloads\4.7 Write  Apply Exp and Power functions 2 days-0.ppt
2016-08-31 13:47 - 2016-08-31 13:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 13:47 - 2016-08-25 16:53 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-31 13:47 - 2016-05-03 22:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-31 13:47 - 2016-05-03 22:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-31 13:47 - 2016-05-03 22:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-31 13:47 - 2016-05-03 22:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-31 13:46 - 2016-08-25 19:27 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 35180992 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 34842680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 28238904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 20220928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 10865888 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 10746896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 10288040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 09094048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 08875408 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 08687888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 02912192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 02549184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437270.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 01586560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437270.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 01020472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00958008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00894520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00802584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00801744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00686712 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00616648 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00576168 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00573424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00471608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00439352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-31 13:17 - 2016-08-31 13:18 - 03012080 _____ (Blizzard Entertainment) C:\Users\Jacob Ford\Downloads\Battle.net-Setup.exe
2016-08-31 13:12 - 2016-08-31 13:12 - 00000000 ____D C:\Users\Jacob Ford\Documents\Battlefield 1 Open Beta
2016-08-31 13:06 - 2016-08-31 13:06 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-08-30 21:05 - 2016-08-30 21:05 - 00044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2016-08-30 19:19 - 2016-08-30 19:19 - 00717551 _____ C:\Users\Jacob Ford\Downloads\download.htm
2016-08-30 13:44 - 2016-08-30 13:44 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-08-30 13:43 - 2016-09-02 11:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-08-30 13:43 - 2016-09-02 11:32 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-30 13:36 - 2016-08-30 13:36 - 00000000 ____D C:\Users\Jacob Ford\AppData\LocalLow\Adobe
2016-08-30 13:35 - 2016-09-11 12:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-30 13:35 - 2016-09-02 11:32 - 00000000 ____D C:\ProgramData\McAfee
2016-08-30 13:35 - 2016-08-30 13:36 - 00000000 ____D C:\ProgramData\Adobe
2016-08-30 13:35 - 2016-08-30 13:35 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-30 13:35 - 2016-08-30 13:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-30 13:34 - 2016-08-30 13:36 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Adobe
2016-08-30 09:41 - 2016-08-30 09:41 - 00131258 _____ C:\Users\Jacob Ford\Downloads\Fall 2016 syllabus.pdf
2016-08-29 21:43 - 2016-08-29 21:43 - 00175019 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Assignment.pdf
2016-08-29 14:42 - 2016-08-29 14:42 - 00064851 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Introduction (1).nb
2016-08-29 14:17 - 2016-08-29 14:42 - 00237868 _____ C:\Users\Jacob Ford\Documents\Video1.nb
2016-08-29 12:07 - 2016-08-29 21:42 - 04010479 _____ C:\Users\Jacob Ford\Documents\Lab 1 Assignment.nb
2016-08-29 12:07 - 2016-08-29 12:07 - 00064804 _____ C:\Users\Jacob Ford\Documents\Lab 1 Introduction.nb
2016-08-29 12:07 - 2016-08-29 12:07 - 00017696 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Assignment.nb
2016-08-29 12:05 - 2016-08-29 12:05 - 00064851 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Introduction.nb
2016-08-28 16:39 - 2016-08-28 16:40 - 60413589 _____ C:\Users\Jacob Ford\Downloads\esea_match_7603978.zip
2016-08-27 19:28 - 2016-08-27 19:32 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Mathematica
2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\Jacob Ford\Documents\Wolfram Mathematica
2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Wolfram Research
2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Mathematica
2016-08-27 19:27 - 2016-08-27 19:28 - 00000000 ____D C:\ProgramData\Mathematica
2016-08-27 19:27 - 2016-08-27 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2016-08-27 19:27 - 2016-08-27 19:27 - 00000000 ____D C:\Program Files\Extras
2016-08-27 19:27 - 2016-08-27 19:27 - 00000000 ____D C:\Program Files\Common Files\Wolfram Research
2016-08-27 19:22 - 2016-08-27 19:22 - 00000000 ____D C:\Program Files\Wolfram Research
2016-08-27 19:16 - 2016-08-27 19:22 - 2553115969 _____ C:\Users\Jacob Ford\Downloads\Mathematica_10.4.1_WIN.zip
2016-08-26 10:41 - 2016-08-26 10:41 - 00154495 _____ C:\Users\Jacob Ford\Downloads\MA1160_Syllabus_FALL2016.pdf
2016-08-26 10:34 - 2016-08-26 10:34 - 00074718 _____ C:\Users\Jacob Ford\Downloads\MA1160 Schedule Fall 2016A.pdf
2016-08-26 10:25 - 2016-09-11 12:02 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-26 10:25 - 2016-08-26 10:25 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-26 10:25 - 2016-08-26 10:25 - 00004002 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1472221522
2016-08-26 10:24 - 2016-09-11 12:02 - 00002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-08-26 10:24 - 2016-08-26 10:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-26 10:24 - 2016-08-26 10:24 - 06253640 _____ (AVAST Software) C:\Users\Jacob Ford\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
2016-08-26 10:24 - 2016-08-26 10:24 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-26 10:24 - 2016-08-26 10:24 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-26 10:24 - 2016-08-26 10:24 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-26 10:24 - 2016-08-26 10:24 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\AVAST Software
2016-08-24 18:31 - 2016-08-24 18:31 - 00000000 ____D C:\Users\Jacob Ford\Documents\League of Legends
2016-08-24 18:24 - 2016-08-24 18:24 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\LolClient
2016-08-24 17:33 - 2016-08-24 17:33 - 00000000 ____D C:\ProgramData\Riot Games
2016-08-24 17:33 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-24 17:33 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-24 17:33 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-24 17:32 - 2016-08-24 17:32 - 00000000 ____D C:\Riot Games
2016-08-24 17:32 - 2016-08-24 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-08-24 14:48 - 2016-08-24 17:33 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Riot Games
2016-08-24 14:48 - 2016-08-24 14:48 - 28411368 _____ (Riot Games) C:\Users\Jacob Ford\Downloads\LeagueofLegends_NA_Installer_2016_05_13.exe
2016-08-24 14:35 - 2016-08-24 16:13 - 00000000 ____D C:\Users\Jacob Ford\Desktop\Books
2016-08-24 14:26 - 2016-09-11 12:02 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivateTunnel.lnk
2016-08-24 14:26 - 2016-09-10 21:10 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\PrivateTunnel
2016-08-24 14:26 - 2016-08-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Technologies
2016-08-24 14:26 - 2016-08-24 14:26 - 00000000 ____D C:\Program Files (x86)\OpenVPN Technologies
2016-08-24 14:25 - 2016-08-24 14:26 - 30736384 _____ (OpenVPN Technologies) C:\Users\Jacob Ford\Downloads\privatetunnel-win-2.7.exe
2016-08-22 21:14 - 2016-08-22 21:15 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Wabbitemu
2016-08-22 20:47 - 2016-09-11 18:07 - 00000000 ____D C:\Users\Jacob Ford\Desktop\Files
2016-08-22 20:39 - 2016-08-22 20:39 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Xerox
2016-08-22 20:37 - 2016-08-22 20:37 - 17654062 _____ C:\Users\Jacob Ford\Downloads\Windows.husky-bw.x64.zip
2016-08-22 20:31 - 2016-08-22 20:31 - 00004310 _____ C:\WINDOWS\default.xpb
2016-08-22 20:31 - 2016-08-22 20:31 - 00000000 ____D C:\ProgramData\Xerox
2016-08-22 20:26 - 2016-08-22 20:26 - 19351456 _____ C:\Users\Jacob Ford\Downloads\Windows.husky-color.x64.zip
2016-08-22 20:25 - 2016-09-11 12:02 - 00001286 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pc-toast-notify.lnk
2016-08-22 20:25 - 2016-08-22 20:25 - 00000053 _____ C:\Users\Jacob Ford\pc-client.properties
2016-08-22 20:25 - 2016-08-22 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaperCut NG
2016-08-22 20:25 - 2016-08-22 20:25 - 00000000 ____D C:\Program Files (x86)\PaperCut NG Client
2016-08-22 20:24 - 2016-08-22 20:24 - 48446585 _____ C:\Users\Jacob Ford\Downloads\papercut-win.v15.0.zip
2016-08-22 20:24 - 2016-08-22 20:24 - 00000000 ____D C:\Users\Jacob Ford\Downloads\papercut-win.v15.0
2016-08-22 16:34 - 2016-08-16 01:45 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-22 16:34 - 2016-08-11 10:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-22 16:34 - 2016-08-11 10:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-22 16:34 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-22 16:34 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-21 10:52 - 2016-08-21 10:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-18 21:12 - 2016-08-18 21:12 - 00180413 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-sixth-season_HI_english-1363567.zip
2016-08-18 17:50 - 2016-08-18 21:00 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.6.720p.HDTV.x265.ShAaNiG
2016-08-18 17:50 - 2016-08-18 17:50 - 00018502 _____ C:\Users\Jacob Ford\Downloads\[otorrents.com]Game-of-Thrones-Season-6-2016-720p.torrent
2016-08-18 17:49 - 2016-08-18 17:49 - 00166117 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-sixth-season_english-1364694.zip
2016-08-18 13:38 - 2016-08-18 17:49 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.6.1080p.HDTV.x265.ShAaNiG
2016-08-16 16:45 - 2016-08-16 17:19 - 00000000 ____D C:\Users\Jacob Ford\Documents\Overwatch
2016-08-16 15:55 - 2016-08-16 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-08-16 12:56 - 2016-08-18 20:59 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.5.720p.BluRay.x264.ShAaNiG
2016-08-16 03:18 - 2016-08-16 03:18 - 00183550 _____ C:\Users\Jacob Ford\Downloads\Game.of.Thrones - S05.720p.BluRay.en.zip
2016-08-16 03:15 - 2016-08-16 03:15 - 00168446 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-fifth-season-2015_english-1288021.zip
2016-08-16 03:14 - 2016-08-16 13:05 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.4.720p.BluRay.x264-ShAaNiG
2016-08-16 03:12 - 2016-08-16 03:12 - 00195993 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-fourth-season_HI_english-1055327.zip
2016-08-16 00:18 - 2016-08-16 00:18 - 49627504 _____ C:\Users\Jacob Ford\Downloads\torbrowser-install-6.0.3_en-US.exe
2016-08-15 22:36 - 2016-08-15 22:36 - 00000049 _____ C:\Users\Jacob Ford\jagex_cl_oldschool_LIVE.dat
2016-08-15 22:34 - 2016-09-11 12:02 - 00002122 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2016-08-15 22:34 - 2016-08-15 23:33 - 00000024 _____ C:\Users\Jacob Ford\random.dat
2016-08-15 22:34 - 2016-08-15 23:08 - 00000024 _____ C:\Users\Jacob Ford\jagexappletviewer.preferences
2016-08-15 22:34 - 2016-08-15 22:36 - 00000000 ____D C:\Users\Jacob Ford\jagexcache
2016-08-15 22:34 - 2016-08-15 22:34 - 24223744 _____ C:\Users\Jacob Ford\Downloads\RuneScape.msi
2016-08-15 22:34 - 2016-08-15 22:34 - 00000049 _____ C:\Users\Jacob Ford\jagex_cl_runescape_LIVE.dat
2016-08-15 22:34 - 2016-08-15 22:34 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2016-08-15 19:40 - 2016-09-11 12:08 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\TS3Client
2016-08-15 19:40 - 2016-09-11 12:02 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-08-15 19:40 - 2016-08-15 19:40 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-08-15 19:39 - 2016-08-15 19:39 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Jacob Ford\Downloads\TeamSpeak3-Client-win64-3.0.19.4.exe
2016-08-15 19:38 - 2016-08-15 19:38 - 04117216 _____ (Husdawg, LLC) C:\Users\Jacob Ford\Downloads\Detection.exe
2016-08-14 22:37 - 2016-08-14 22:37 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2016-08-14 22:36 - 2016-08-14 22:37 - 01190712 _____ (Alcpu ) C:\Users\Jacob Ford\Downloads\Core-Temp-setup.exe
2016-08-14 22:27 - 2016-08-14 22:27 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\PunkBuster
2016-08-14 21:24 - 2016-08-14 21:24 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-08-14 21:23 - 2016-09-10 21:57 - 00107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-14 21:23 - 2016-09-10 21:57 - 00066872 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-08-14 21:23 - 2016-08-14 22:27 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-14 20:38 - 2016-09-11 12:02 - 00000566 _____ C:\Users\Public\Desktop\Origin.lnk
2016-08-14 20:38 - 2016-08-14 22:24 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-14 20:38 - 2016-08-14 22:23 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Origin
2016-08-14 20:34 - 2016-09-05 16:52 - 00000000 ____D C:\ProgramData\Origin
2016-08-14 20:34 - 2016-08-14 20:38 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Origin
2016-08-14 20:33 - 2016-08-14 20:37 - 31395216 _____ (Electronic Arts, Inc.) C:\Users\Jacob Ford\Downloads\OriginThinSetup.exe
2016-08-14 20:33 - 2016-08-14 20:33 - 31395216 _____ (Electronic Arts, Inc.) C:\Users\Jacob Ford\Downloads\OriginThinSetup (1).exe
2016-08-13 00:46 - 2016-08-13 00:46 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\HelloGames
2016-08-13 00:46 - 2016-08-13 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Man's Sky [GOG.com]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-11 19:02 - 2016-06-28 11:46 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 18:08 - 2016-06-28 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-11 17:38 - 2016-06-28 11:40 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7AD050D1-11B3-400C-A2FE-D66A8D78EB16}
2016-09-11 17:38 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-11 17:28 - 2016-06-28 12:31 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 17:28 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-11 17:23 - 2016-08-03 20:06 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-09-11 17:23 - 2016-06-28 11:46 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 17:22 - 2016-06-28 12:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-11 17:22 - 2016-04-27 02:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-11 17:22 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-11 14:43 - 2016-06-28 11:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-11 14:09 - 2016-06-28 15:24 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Battle.net
2016-09-11 14:09 - 2016-06-28 15:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-09-11 13:46 - 2016-06-28 12:37 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Deployment
2016-09-11 12:49 - 2016-06-28 12:37 - 00000000 ____D C:\Users\Jacob Ford\Desktop\NewTool
2016-09-11 12:08 - 2016-08-10 20:44 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\uTorrent
2016-09-11 12:07 - 2016-08-04 23:26 - 00000000 ____D C:\Program Files\CCleaner
2016-09-11 12:04 - 2016-06-28 11:46 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Google
2016-09-11 12:02 - 2016-08-10 20:44 - 00002655 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-09-11 12:02 - 2016-08-03 20:06 - 00002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2016-09-11 12:02 - 2016-08-03 19:57 - 00002055 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk
2016-09-11 12:02 - 2016-08-03 17:59 - 00000909 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-11 12:02 - 2016-06-28 12:57 - 00001881 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-09-11 12:02 - 2016-06-28 12:53 - 00001791 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2016-09-11 12:02 - 2016-06-28 12:29 - 00002380 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-11 12:02 - 2016-06-28 12:24 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-11 12:02 - 2016-06-28 12:02 - 00000973 _____ C:\Users\Public\Desktop\Steam.lnk
2016-09-11 12:02 - 2016-06-28 11:59 - 00000702 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2016-09-11 12:01 - 2016-06-28 12:39 - 00000533 _____ C:\Users\Jacob Ford\Desktop\MAIN.lnk
2016-09-11 12:01 - 2016-06-28 12:37 - 00002266 _____ C:\Users\Jacob Ford\Desktop\Discord.lnk
2016-09-11 12:01 - 2016-06-28 12:37 - 00001875 _____ C:\Users\Jacob Ford\Desktop\Spotify.lnk
2016-09-11 12:01 - 2016-06-28 12:37 - 00000877 _____ C:\Users\Jacob Ford\Desktop\ESEA Client.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00001096 _____ C:\Users\Jacob Ford\Desktop\Uplay.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00000820 _____ C:\Users\Jacob Ford\Desktop\Star Citizen Launcher.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00000525 _____ C:\Users\Jacob Ford\Desktop\SSD 1.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00000515 _____ C:\Users\Jacob Ford\Desktop\HDD 1.lnk
2016-09-11 11:48 - 2016-06-28 12:24 - 00000000 ____D C:\Users\Jacob Ford
2016-09-11 11:19 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-10 21:58 - 2016-06-28 12:48 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Spotify
2016-09-10 21:39 - 2016-06-28 12:36 - 00000000 ____D C:\Users\Jacob Ford\Desktop\Games
2016-09-10 21:17 - 2016-06-28 12:57 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Spotify
2016-09-10 11:06 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-02 11:34 - 2016-06-28 11:42 - 00000000 ____D C:\Program Files\Intel
2016-08-31 19:07 - 2016-06-28 12:36 - 00000000 ____D C:\Users\Jacob Ford\Desktop\BACKUP
2016-08-31 18:36 - 2016-06-28 11:08 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Packages
2016-08-31 13:48 - 2016-06-28 12:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-31 13:48 - 2016-06-28 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-31 11:07 - 2016-06-28 12:37 - 00000000 ____D C:\Users\Jacob Ford\Desktop\old
2016-08-30 13:36 - 2016-06-28 11:08 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Adobe
2016-08-27 17:52 - 2016-08-01 15:35 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\vlc
2016-08-27 15:52 - 2016-06-28 13:40 - 14216760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-26 10:25 - 2016-07-07 11:41 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-25 21:16 - 2016-06-28 12:48 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\discord
2016-08-25 19:27 - 2016-07-15 23:55 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-25 19:27 - 2016-06-28 13:40 - 23715064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-25 19:27 - 2016-06-28 13:40 - 14477600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-25 19:27 - 2016-06-28 13:40 - 03448808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-25 19:27 - 2015-11-10 06:09 - 03906992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-25 19:27 - 2014-12-11 01:24 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-25 17:12 - 2016-06-28 12:23 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 02475064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 01362368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-25 17:12 - 2016-06-28 12:23 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-25 17:12 - 2016-06-28 11:52 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-25 17:12 - 2016-06-28 11:52 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-24 21:48 - 2016-06-28 12:56 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-24 21:48 - 2016-06-28 12:56 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Discord
2016-08-22 15:21 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-22 15:15 - 2016-06-30 03:50 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\ElevatedDiagnostics
2016-08-22 11:17 - 2016-06-28 12:23 - 07320235 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-18 22:56 - 2016-07-29 16:56 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\{4D077BBC-6855-16CA-0363-3118DFB1CC26}
2016-08-17 00:02 - 2016-06-28 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-16 01:45 - 2016-07-06 20:59 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-16 01:45 - 2016-07-06 20:59 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-15 18:52 - 2016-07-10 01:04 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Arma 3
2016-08-15 17:01 - 2016-06-28 12:59 - 00000000 ____D C:\Users\Jacob Ford\Documents\The Witcher 3
2016-08-14 22:37 - 2016-06-28 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2016-08-14 22:37 - 2016-06-28 12:55 - 00000000 ____D C:\Program Files\Core Temp
2016-08-14 21:23 - 2016-06-28 11:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 20:32 - 2016-06-28 12:36 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Ubisoft Game Launcher
2016-08-14 13:39 - 2016-08-03 17:59 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\BitTorrent
 
==================== Files in the root of some directories =======
 
2016-07-13 23:07 - 2016-07-13 23:07 - 1065984 _____ () C:\Users\Jacob Ford\AppData\Local\file__0.localstorage
2016-07-30 15:10 - 2016-07-30 15:10 - 0007602 _____ () C:\Users\Jacob Ford\AppData\Local\Resmon.ResmonCfg
2016-06-28 12:23 - 2016-06-28 12:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Files to move or delete:
====================
C:\Users\Jacob Ford\AppData\Local\Temp\Rar$EXa0.615\vibrance.GUI.exe
 
 
Some files in TEMP:
====================
C:\Users\Jacob Ford\AppData\Local\Temp\9c5b-6110-9541-706c.exe
C:\Users\Jacob Ford\AppData\Local\Temp\FRST64.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-09-06 13:18
 
==================== End of FRST.txt ============================



#4 Jtford12

Jtford12
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 11 September 2016 - 07:11 PM

Addition: 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Jacob Ford (11-09-2016 19:48:58)
Running from C:\Users\Jacob Ford\AppData\Local\Temp
Windows 10 Home Version 1511 (X64) (2016-06-28 16:27:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2168075039-1580078062-3771521820-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2168075039-1580078062-3771521820-503 - Limited - Disabled)
Guest (S-1-5-21-2168075039-1580078062-3771521820-501 - Limited - Disabled)
Jacob Ford (S-1-5-21-2168075039-1580078062-3771521820-1001 - Administrator - Enabled) => C:\Users\Jacob Ford
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
AudioFXSetup (Version: 1.2.701 - Nahimic) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: World at War (HKLM\...\Steam App 10090) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
CEVO CS:GO Client Beta version 2.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 2.0 - )
CheckDevicesConfigurator (Version: 1.2.701 - Nahimic) Hidden
Core Temp 1.2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.2 - Alcpu)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Curse Client - 1  (HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Discord (HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.101 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.6 (x32 Version: 2.6.0.32 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1168 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel® USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.0.42 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Killer Bandwidth Control Filter Driver (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer E240x Drivers (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.56.1120 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1120 - Rivet Networks)
LauncherSetup (Version: 1.2.701 - Nahimic) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKVToolNix 5.8.0 (HKLM-x32\...\MKVToolNix) (Version: 5.8.0 - Moritz Bunkus)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.02 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 1.0.0.07 - MSI)
Mumble 1.2.16 (HKLM-x32\...\{8C0C80AA-EA4D-4461-8B73-15A3A27F7D98}) (Version: 1.2.16 - Thorvald Natvig)
Nahimic for MSI (HKLM-x32\...\{92186aa9-f51d-426c-a276-ca21a47cf8dd}) (Version: 1.2.7 - Nahimic)
NahimicSettingsConfigurator (Version: 1.2.701 - Nahimic) Hidden
Norton Security (HKLM-x32\...\NS) (Version: 22.5.0.124 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PaperCut NG Client 15.0 (HKLM-x32\...\PaperCut NG Client_is1) (Version:  - PaperCut Software International Pty Ltd)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.7.0.8 - OpenVPN Technologies)
ProductDaemonSetup (Version: 1.2.701 - Nahimic) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7599 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.21.9613 - SoftEther VPN Project)
Spotify (HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
UIInstallUpgrade (Version: 1.2.701 - Nahimic) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17329 - Microsoft Corporation)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
Wolfram Extras 10.4 (5514075) (HKLM\...\A-WIN-Extras 10.4.1 5514075_is1) (Version: 10.4.1 - Wolfram Research, Inc.)
Wolfram Mathematica 10.4 (M-WIN-L 10.4.1 5514214) (HKLM\...\M-WIN-L 10.4.1 5514214_is1) (Version: 10.4.1 - Wolfram Research, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2168075039-1580078062-3771521820-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DA4B512-B18E-4373-A5D8-2CC4B16C1053} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {1C1B7B01-6544-4265-8567-24911D67128F} - System32\Tasks\SafeZone scheduled Autoupdate 1472221522 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {252CC34B-6350-44AA-9FD0-D4618BB80B5F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {329EED8D-0F6B-486F-945D-C520F6600A04} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [2015-08-28] ()
Task: {345F603A-89F4-418C-9F37-BA3B4031CDE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-28] (Google Inc.)
Task: {3CDC7D6E-F228-42D3-B39F-03A9C0500568} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {46CBAB5C-E1BF-413B-ADAA-026F85C4AAB6} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {5F6A888A-E1D6-43D4-9EDE-1A36496CB903} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {70653CB1-3EDC-4C37-8E77-ACD72E8F3EA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {87E96071-6DB9-468B-9A6D-FC6A553CF2ED} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {A03CC200-7049-4D9E-A2D4-D5EAA467DD91} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe [2015-08-28] ()
Task: {CF6C86E1-1C70-48E0-B044-E622B55861ED} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\WSCStub.exe [2015-06-17] (Symantec Corporation)
Task: {D03A56D2-D649-4C57-8D8C-5991D1C86362} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe [2015-08-28] ()
Task: {D11E3402-252A-4E69-A1D8-A30C7879F8EC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-26] (AVAST Software)
Task: {E7FE0313-69A6-4471-BA8F-0FC454FE58CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {F7BA728B-1076-4747-8232-52698A244C40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-28] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-28 12:23 - 2016-08-25 17:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-14 21:23 - 2016-09-10 21:57 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-06-24 14:15 - 2016-06-24 14:15 - 00949480 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2016-08-14 21:23 - 2016-09-10 21:57 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-06-08 21:04 - 2016-06-08 21:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-04-27 02:10 - 2016-04-27 02:10 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 21:27 - 2015-08-28 21:27 - 00209888 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll
2015-08-28 21:27 - 2015-08-28 21:27 - 00297440 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIOSD.dll
2016-06-30 13:51 - 2016-06-30 13:51 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-27 02:10 - 2016-04-27 02:10 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-28 12:29 - 2016-06-28 12:29 - 00959168 _____ () C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-27 02:10 - 2016-04-27 02:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-27 02:10 - 2016-04-27 02:10 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-27 02:10 - 2016-04-27 02:10 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-27 02:10 - 2016-04-27 02:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-27 02:10 - 2016-04-27 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-27 02:10 - 2016-04-27 02:10 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-28 21:24 - 2015-08-28 21:24 - 00532448 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
2015-08-28 21:24 - 2015-08-28 21:24 - 00816128 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe
2015-08-28 21:28 - 2015-08-28 21:28 - 00276992 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe
2016-08-16 09:27 - 2016-08-16 09:27 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 09:27 - 2016-08-16 09:27 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-30 13:51 - 2016-06-30 13:52 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-06-30 13:50 - 2016-06-30 13:50 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-09-11 14:43 - 2016-09-07 01:03 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.101\libglesv2.dll
2016-09-11 14:43 - 2016-09-07 01:03 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.101\libegl.dll
2016-08-26 10:24 - 2016-08-26 10:24 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-11 11:17 - 2016-09-11 11:17 - 03085488 _____ () C:\Program Files\AVAST Software\Avast\defs\16091102\algo.dll
2016-08-26 10:24 - 2016-08-26 10:24 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-08-28 21:23 - 2015-08-28 21:23 - 00262112 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIOSD.dll
2015-08-28 21:23 - 2015-08-28 21:23 - 00180192 _____ () C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIDevProps.dll
2016-06-30 13:51 - 2016-06-30 13:51 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-30 13:51 - 2016-06-30 13:51 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-28 11:50 - 2016-06-14 16:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-28 12:02 - 2016-08-08 19:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-06-28 12:02 - 2015-07-01 18:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-06-28 12:02 - 2016-08-23 15:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-06-28 12:02 - 2016-01-27 03:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-06-28 12:02 - 2016-01-27 03:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-06-28 12:02 - 2016-01-27 03:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-06-28 12:02 - 2016-01-27 03:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-06-28 12:02 - 2016-01-27 03:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-06-28 12:02 - 2015-07-01 18:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-06-28 12:02 - 2015-07-01 18:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-06-28 12:02 - 2016-08-23 15:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-28 12:02 - 2016-07-04 18:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-03-23 14:04 - 2016-03-23 14:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 14:02 - 2016-03-23 14:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 14:02 - 2016-03-23 14:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-08-26 10:24 - 2016-08-26 10:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-28 12:02 - 2016-08-04 16:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-12 04:01 - 2015-09-12 04:01 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-06-28 12:02 - 2015-09-24 19:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-06-28 12:44 - 2016-09-11 17:48 - 00174080 _____ () C:\Users\Jacob Ford\AppData\Roaming\vibranceGUI\vibranceDLL.dll
2016-08-24 21:48 - 2016-08-24 17:49 - 01950392 _____ () C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-08-25 21:16 - 2016-08-25 21:16 - 01050296 _____ () \\?\C:\Users\Jacob Ford\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-08-25 21:16 - 2016-08-25 21:16 - 03793080 _____ () \\?\C:\Users\Jacob Ford\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-08-25 21:16 - 2016-08-25 21:16 - 00894136 _____ () \\?\C:\Users\Jacob Ford\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2016-08-25 21:16 - 2016-08-25 21:16 - 01119416 _____ () \\?\C:\Users\Jacob Ford\AppData\Roaming\discord\0.0.296\modules\discord_toaster\discord_toaster.node
2016-08-24 21:48 - 2016-08-24 17:49 - 02230456 _____ () C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-08-24 21:48 - 2016-08-24 17:49 - 00088760 _____ () C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-09-11 18:11 - 2016-09-11 18:11 - 00170496 _____ () \\?\C:\Users\Jacob Ford\AppData\Local\Temp\D4ED.tmp.node
2016-09-01 20:53 - 2016-09-10 13:22 - 02022072 _____ () \\?\C:\Users\Jacob Ford\AppData\Roaming\discord\0.0.296\modules\discord_contact_import\discord_contact_import.node
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2016-09-01 13:36 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\Control Panel\Desktop\\Wallpaper -> c:\users\jacob ford\desktop\..jpg
DNS Servers: 141.219.70.130 - 141.219.100.30
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: MSIREGISTER_MR => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: RzKLService => 2
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "PaperCut NG Client"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\StartupFolder: => "vibrance.GUI - Shortcut.lnk"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\StartupFolder: => "Core Temp (2).lnk"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "swg"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "vibranceGUI"
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\StartupApproved\Run: => "Chromium"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AD32766F-89EB-4E25-AA6D-9F1CF50C2C89}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{726DBF52-8186-4739-A0BB-2B921BA81153}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8B860E86-C1DB-4587-B57A-E8A0BA1B79D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2303662C-87D2-422D-ACC6-D92728F10B16}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5C7E0E32-7DD7-4309-8586-DED075D6F860}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CEC3EDAC-D047-4637-9B16-1EF673860157}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FC769028-E392-4693-BCBC-BC2D5CC10090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{26F5B130-093F-45C2-B0A9-97E0A88DC974}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1D7F82C3-EFAC-4A91-9205-FFDA27858AE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72D6E920-8AC7-4948-A86E-20D6A268865C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8CD75384-9D99-474E-BB24-069B6C1D33C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{F96ADBE2-E44B-422F-83DB-92204471CF79}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{7AA043F1-3232-4FF7-816D-6AFFE5EC592E}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{410031E4-6D4B-4FA8-A973-CF019F666CE4}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{C738C3F8-7C38-4DF0-917D-079296D95A19}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{4C0F6470-C380-429C-A3EB-D3906847E730}] => (Allow) G:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{E9130D7B-490B-4ABD-B2D6-48A3E21FA656}] => (Allow) G:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{BF77BE3E-6E8F-4367-9568-E70896101369}] => (Allow) G:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{7BBC65EC-7C3F-45CA-84E4-7B8BD1BE15CD}] => (Allow) G:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{E811A697-A7CE-4833-82C6-4E4CF4BDCC16}] => (Allow) G:\SteamLibrary\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{7D638E4C-7F0D-4424-8B7D-2CC8D5757E52}] => (Allow) G:\SteamLibrary\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{441C6B0B-0068-44A1-ADDF-92A2F83C31CF}] => (Allow) G:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{875DAEF1-AF86-4A82-A08A-7142ECC820E6}] => (Allow) G:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{7F817B7D-9C0F-4D69-B7F1-0A8E6EB58627}] => (Allow) G:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AE59F3BF-B87D-4B35-BDBF-FFD48DEE84E6}] => (Allow) G:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5A41730E-3208-4658-B4C1-1741C52F33AE}] => (Allow) G:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0A1F2032-94C7-430D-A96D-BBC0C762E3BE}] => (Allow) G:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{34033ADC-A30F-4923-9CA2-E731329207CE}G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B8FF8CC3-9FAA-4A33-9A75-52F8DB2DBA92}G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{B6EB1101-28D2-409B-B062-BA2A5C578D6E}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{7ACD3107-B23F-4586-B9F2-F24387B2440F}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{A828E7B4-E55E-4070-A548-D0293FE7E508}G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E1E8723E-0410-40D7-816B-51258DC819D5}G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{AE5AB8B0-7FE2-4077-99CD-EE8D039059D6}G:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) G:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{0C5E7BC7-EBA9-4214-B318-5AED7EF467EE}G:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) G:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{BF7AAABA-0DEA-4110-9BEC-D709F9D2E270}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{6FAD7E74-2F48-44B6-B86B-F45DEFE1FC0C}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{BE6FA87B-4CB6-45CE-82BB-A21A12B5E5B9}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{91F591CB-E33B-49DF-8E3D-22E1D0E4D829}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{965328BD-8A38-4CE4-880E-8AFC2504DC43}C:\users\jacob ford\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jacob ford\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2F63FB9D-2353-4D04-BFA1-86B32299EDDA}C:\users\jacob ford\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jacob ford\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F2BFB6EA-ED0F-4925-8FB9-A7B80BA5E713}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{F8D85412-2A82-48DC-851F-FEC84FE5A9F2}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{368BA63E-D65F-4709-A415-E66C449D2869}D:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{34D37C4D-8D49-4081-A0CD-5E162716B780}D:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{FE3783C3-C77B-4AAC-BBD8-C8E94A1FDAF2}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{648BFE3F-C5C8-4EDD-A4EF-FFD2E0997719}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F0147431-7E05-4FBC-9C33-561E2FB3E4EB}G:\users\jacob\appdata\roaming\utorrent\utorrent.exe] => (Allow) G:\users\jacob\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{6DE894B9-31FD-4EE3-BEDE-E78A41E2CA88}G:\users\jacob\appdata\roaming\utorrent\utorrent.exe] => (Allow) G:\users\jacob\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{16909F25-443B-499D-BC27-143EA51D1BC7}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{5E53C8BA-A870-4B41-B366-271890C7EB6D}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{EA209BE3-29AA-42E5-ABFC-0449D1BB455F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{04A38E9A-6184-49C3-B474-1AFFDA541F7A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{B5C61E3F-3BDB-46B7-B672-ABB6942E3AC6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{7EB95FAE-42A7-4237-9D91-096296E131B6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{DBDA60A6-EAB0-41A4-8A99-AC81A435DE16}] => (Allow) C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5630455-C31B-4611-A31D-6B03C28F21CA}] => (Allow) C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC863440-10BA-4271-BF92-655B0EA771D9}] => (Allow) C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D48E7151-E1CE-4588-9ECE-B1683629897C}] => (Allow) C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{097792BE-2C00-45BA-8CCB-A22A4C78DA4F}] => (Allow) C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{36D14035-9222-4980-B45E-7F57DD5B612E}] => (Allow) C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF036DD5-16AC-43E1-9F55-C352C7852FA2}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{0D4DCAEF-A99A-40C3-BCCE-2ABB370E950F}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{68E238F4-3B15-4BBD-89F1-E74E3DCA584D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{131FB487-D4A7-4C4F-B8BD-55D937B0A18B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{99D41699-D937-424F-9F70-61FDFB1325D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF51D373-5B9A-42D7-9305-DF9E52B06E02}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{682CE789-978A-4BD3-B083-11E112F3C7E5}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{EA604C60-AA85-4AEF-AD43-047837193603}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E35BA07C-0823-4A13-BA1F-81FB3A8E10BD}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{77C31246-A907-4CAA-B412-E2821A92F28C}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{5C0321AC-FE86-4D84-B0E9-9B116007D8AA}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DA390C34-8A00-4979-A724-160322D95788}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{81799695-28FA-4119-A449-B85B2355CBE5}G:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) G:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{AAAD4219-16DA-43F0-B7C6-4E33A9886088}G:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) G:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{77F68508-E534-4AD5-9BF5-F4E3A0293C1B}] => (Allow) G:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{F64E857E-D7F0-4CC5-B373-4D3E38609B43}] => (Allow) G:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{395AEFCE-CB45-4793-BA99-EFC3AFDBDD80}] => (Allow) G:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{2FE238D2-B32D-400E-B8EF-51B2D31999C2}] => (Allow) G:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{CB050090-D818-436F-B089-73E04544E79E}G:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) G:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{F0C0BB7A-6107-46DF-85CB-5A36D39504DD}G:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) G:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{9EE0581C-9AEF-431D-90A8-2329B27E287D}G:\overwatch\overwatch.exe] => (Allow) G:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{BDD4DC24-6AA5-4995-B2EA-DEA0A68980C1}G:\overwatch\overwatch.exe] => (Allow) G:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{8B70893E-FC86-4C53-9755-D9CD42F4155D}G:\overwatch\overwatch.exe] => (Allow) G:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B35ABB82-77F8-44AF-B4E5-77730D20A4DE}G:\overwatch\overwatch.exe] => (Allow) G:\overwatch\overwatch.exe
FirewallRules: [{2D2C109B-3F01-4D8C-8118-9674FD66400A}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{BF11F3BC-C0EC-41F9-8BCF-9CC3B65910C4}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{FA30D62F-6602-4918-BA73-3E18FD1857A5}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe
FirewallRules: [{72A33DC1-9341-4975-84C1-077D04C8573E}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe
FirewallRules: [{7C0E759F-BCB7-40FD-9627-EB972BA29BBC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe
FirewallRules: [{708FD3CA-57EC-4F61-B621-1CCFBCDFA5AA}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe
FirewallRules: [{D20BB99B-AC97-4E2E-BECC-6AFFADD7CD07}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe
FirewallRules: [{395EE1FE-4FB7-4D0C-8B6B-9436A4F6098C}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe
FirewallRules: [{3B43D204-B130-4C6C-9F69-F26BB96D06C1}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{0B0CF774-D79E-4570-BDB8-FDB3A7D6BB29}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{75E5AAD4-9BBE-4926-B689-7654CE1DDAA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{502B92F1-5CCF-42D6-9713-6BB370C2CFF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{969D285A-F810-4D5E-A904-5C1878985B03}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ADF756C1-A288-4649-B1F9-3130C56E79E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ADC900E8-5948-442C-A90F-C927F59996C1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{56F7411D-0A58-4AEF-A90D-B5DEE55FBB4C}] => (Allow) G:\SteamLibrary\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{60F6C442-CD6C-4D0A-A8B8-231A4063254A}] => (Allow) G:\SteamLibrary\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{01598051-606C-4284-8D6E-A9871359BC3F}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{FE139D5A-1E83-45DA-A2D3-2C1BBE02A010}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{AD1C6A59-01DA-41DE-8B08-C30A70D48E9E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{C3C3F590-96E0-4120-9804-D4C173218040}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{A4E0BD01-AD98-439F-A533-F5114773998A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{26CC76C9-770E-4719-8F54-B6AE37DD340D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6ECF6AA0-95A2-4C0E-AA2F-A9436F1E7FFB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FAE1038A-32B3-4720-9AA3-0E249A627311}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AFF18022-5E27-4829-ABBF-BA28166B4A49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
26-08-2016 10:13:03 Windows Modules Installer
27-08-2016 15:01:45 Windows Modules Installer
29-08-2016 11:06:01 Windows Modules Installer
31-08-2016 11:00:58 Windows Modules Installer
02-09-2016 11:06:25 Windows Modules Installer
03-09-2016 11:13:15 Windows Modules Installer
04-09-2016 11:20:31 Windows Modules Installer
05-09-2016 11:54:05 Windows Modules Installer
07-09-2016 11:12:35 Windows Modules Installer
09-09-2016 11:05:20 Windows Modules Installer
10-09-2016 21:56:42 Installed DirectX
11-09-2016 12:05:57 JRT Pre-Junkware Removal
11-09-2016 14:40:43 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/11/2016 05:25:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 14.8.0.1042, time stamp: 0x5639dd97
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x047f4c35
Faulting process id: 0x20dc
Faulting application start time: 0x01d20c72f3bb7408
Faulting application path: C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: 67886902-f752-4c23-966f-b21d10354856
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/11/2016 05:25:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (09/11/2016 02:58:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: regedit.exe, version: 10.0.10586.0, time stamp: 0x5632d798
Faulting module name: USER32.dll, version: 10.0.10586.20, time stamp: 0x565423d2
Exception code: 0xc00000fd
Fault offset: 0x000000000001d644
Faulting process id: 0x930
Faulting application start time: 0x01d20c5e6a66f185
Faulting application path: C:\WINDOWS\regedit.exe
Faulting module path: C:\WINDOWS\system32\USER32.dll
Report Id: dc7ca37b-30a2-42b0-84f5-e5a14f73f45b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/11/2016 02:57:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: regedit.exe, version: 10.0.10586.0, time stamp: 0x5632d798
Faulting module name: USER32.dll, version: 10.0.10586.20, time stamp: 0x565423d2
Exception code: 0xc00000fd
Fault offset: 0x000000000001d644
Faulting process id: 0x248c
Faulting application start time: 0x01d20c5e2462f33a
Faulting application path: C:\WINDOWS\regedit.exe
Faulting module path: C:\WINDOWS\system32\USER32.dll
Report Id: a1ba0909-0443-4c45-bf87-302a2207f62f
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/11/2016 02:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7e0
Faulting module name: Windows.Internal.Shell.Broker.dll, version: 10.0.10586.0, time stamp: 0x5632d526
Exception code: 0xc0000005
Fault offset: 0x000000000003baea
Faulting process id: 0x1494
Faulting application start time: 0x01d20c5c506388b1
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
Report Id: 0f598527-5b5b-44a3-b6e2-d45e88f5279f
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/11/2016 02:41:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7e0
Faulting module name: Windows.Internal.Shell.Broker.dll, version: 10.0.10586.0, time stamp: 0x5632d526
Exception code: 0xc0000005
Fault offset: 0x000000000003baea
Faulting process id: 0x13f8
Faulting application start time: 0x01d20c5c0443fa8b
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
Report Id: fdafc3eb-44c6-4b35-9b54-58332659c640
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/11/2016 02:40:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (09/11/2016 01:46:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (09/11/2016 01:46:18 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/11/2016 01:46:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (09/11/2016 06:48:51 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:51 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:51 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:51 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:42 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:42 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:42 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 06:48:42 PM) (Source: DCOM) (EventID: 10000) (User: JTFORD)
Description: Unable to start a DCOM Server: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. The error:
"193"
Happened while starting this command:
C:\Users\Jacob Ford\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe -Embedding
 
Error: (09/11/2016 05:38:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007371c: Security Update for Windows 10 Version 1511 for x64-based Systems (KB3172729).
 
Error: (09/11/2016 05:38:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800703f1: Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3176493).
 
 
CodeIntegrity:
===================================
  Date: 2016-09-11 14:38:04.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIOSD.dll that did not meet the Store signing level requirements.
 
  Date: 2016-09-11 14:38:04.083
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2016-09-11 11:35:09.582
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIOSD.dll that did not meet the Store signing level requirements.
 
  Date: 2016-09-11 11:35:09.568
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2016-09-07 14:26:14.457
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-30 13:03:56.815
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2016-08-30 13:03:56.800
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIOSD.dll that did not meet the Store signing level requirements.
 
  Date: 2016-08-29 21:07:31.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIOSD.dll that did not meet the Store signing level requirements.
 
  Date: 2016-08-29 21:07:31.425
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2016-08-29 21:05:26.138
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIDevProps.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 25%
Total physical RAM: 16344.74 MB
Available physical RAM: 12232.53 MB
Total Virtual: 32728.74 MB
Available Virtual: 28243.41 MB
 
==================== Drives ================================
 
Drive c: (Main) (Fixed) (Total:232.1 GB) (Free:56.19 GB) NTFS
Drive d: (SSD 2) (Fixed) (Total:111.79 GB) (Free:35.46 GB) NTFS
Drive g: (HDD 1) (Fixed) (Total:930.73 GB) (Free:505.39 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: EB762CDE)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D3CAAF56)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2FA479B6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:32 AM

Posted 11 September 2016 - 09:39 PM

please start a new topic as per step7 and post these logs in this forum....

Virus, Trojan, Spyware, and Malware Removal Logs forum

Edit: I.ve merged your 2 posts together here/

Edited by boopme, 11 September 2016 - 09:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:32 AM

Posted 12 September 2016 - 12:30 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users