Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Play-bar.net


  • This topic is locked This topic is locked
1 reply to this topic

#1 Jtford12

Jtford12

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 12 September 2016 - 11:04 AM

currently have an unwanted search bar attached to my chrome browser. I have tried running multiple malware scans yet nothing fixes it. I have checked my extensions and add-ons but nothing seems to be causing it. I havealso reinstalled chrome and made new profiles but it's still there. Guides say to simply uninstall the program causing it but i don't have any malicious programs installed. The search bar flashes a url "Play-bar" when i searchsomething in it and redirects me to bing. a photo is provided in this link http://imgur.com/a/4rkef. Anything will help.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Jacob Ford (administrator) on JTFORD (11-09-2016 19:48:41)
Running from C:\Users\Jacob Ford\AppData\Local\Temp
Loaded Profiles: Jacob Ford (Available Profiles: Jacob Ford)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browserChrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(juvlarN) C:\Users\Jacob Ford\AppData\Local\Temp\Rar$EXa0.615\vibrance.GUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Hammer & Chisel, Inc.) C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-28] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5232072 2016-08-05] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [4131792 2015-09-10] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-09-09] (MSI)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [PaperCut NG Client] => C:\Program Files (x86)\PaperCut NG Client\pc-client.exe [359952 2015-02-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Spotify Web Helper] => C:\Users\Jacob Ford\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-18] (Spotify Ltd)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Discord] => C:\Users\Jacob Ford\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [Spotify] => C:\Users\Jacob Ford\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-18] (Spotify Ltd)
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [vibranceGUI] => C:\Users\Jacob Ford\AppData\Local\Temp\Rar$EXa0.615\vibrance.GUI.exe [1072128 2015-05-26] (juvlarN) <===== ATTENTION
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\...\Run: [uTorrent] => C:\Users\Jacob Ford\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-10] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-26] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-11]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2016-09-11]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Core Temp (2).lnk [2016-09-11]
ShortcutTarget: Core Temp (2).lnk -> C:\Program Files\Core Temp\Core Temp.exe ()
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-07-17] ()
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-09-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vibrance.GUI - Shortcut.lnk [2016-09-11]
ShortcutTarget: vibrance.GUI - Shortcut.lnk -> C:\Users\Jacob Ford\Desktop\NewTool\vibrance.GUI.exe (juvlarN)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
AutoConfigURL: [S-1-5-21-2168075039-1580078062-3771521820-1001] => hxxp://non-block.com/wpad.dat?ba3227ae9e38c8a69de64986aba7fe9b16260752
Tcpip\Parameters: [DhcpNameServer] 141.219.70.130 141.219.100.30
Tcpip\..\Interfaces\{31fc7835-623a-4c09-a0ba-86bd36422c52}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{e90dcd12-3628-47ba-8f5d-4cba49476815}: [DhcpNameServer] 141.219.70.130 141.219.100.30
ManualProxies: 0hxxp://non-block.com/wpad.dat?ba3227ae9e38c8a69de64986aba7fe9b16260752
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2168075039-1580078062-3771521820-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.4.1.5514075\npmathplugin.dll [2016-04-11] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: (No Name) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2016-06-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome
=======
CHR Profile: C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default
CHR Extension: (Google Drive) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-28]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-28]
CHR Extension: (Adblock Plus) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-11]
CHR Extension: (Summer Holidays) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\mfecfgangbaamlkdcebkbngncpabddea [2016-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-28]
CHR Extension: (Gmail) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-11]
CHR Profile: C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
CHR Extension: (BetterTTV) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-11]
CHR Extension: (Google Docs) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
CHR Extension: (Google Drive) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-11]
CHR Extension: (Google Sheets) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
CHR Extension: (Summer Holidays) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfecfgangbaamlkdcebkbngncpabddea [2016-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (exeGuard) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\oakkidgacnogpkfpogddnieajdfmgacf [2016-09-11]
CHR Extension: (Gmail) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Jacob Ford\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-11]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-26] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1392648 2016-07-10] ()
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-09-12] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [452096 2015-09-17] (Rivet Networks) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [112592 2015-09-10] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe [282016 2015-06-17] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2016-08-14] (Electronic Arts)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [949480 2016-06-24] ()
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-08-14] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2016-09-10] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2016-09-10] ()
S4 RzKLService; G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5232072 2016-08-05] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-26] (AVAST Software)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [142408 2015-09-16] (Rivet Networks, LLC.)
S3 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150521.001\BHDrvx64.sys [1640152 2015-06-04] (Symantec Corporation)
S3 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605000.07C\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-06-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-06-27] (Symantec Corporation)
R1 ESEADriver2; C:\Users\Jacob Ford\AppData\Local\Temp\ESEADriver2.sys [315016 2016-06-28] ()
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [281896 2015-07-20] (Intel Corporation)
S3 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150519.100\IDSVia64.sys [684248 2015-06-04] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows ® Win 7 DDK provider)
R3 KillerEth; C:\Windows\System32\drivers\e24w8x64.sys [156232 2015-09-03] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160627.008\ENG64.SYS [138456 2016-06-27] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160627.008\EX64.SYS [2148056 2016-06-27] (Symantec Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [38216 2016-08-03] (SoftEther Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [46016 2016-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2016-04-21] (The OpenVPN Project)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [51024 2016-08-05] (SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SRTSP; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSP64.SYS [917720 2015-06-04] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSPX64.SYS [42200 2015-06-04] (Symantec Corporation)
S3 SymEFASI; C:\Windows\system32\drivers\NSx64\1605000.07C\SYMEFASI64.SYS [1611992 2015-06-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605000.07C\SymELAM.sys [23568 2015-06-04] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102616 2016-06-28] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NSx64\1605000.07C\Ironx64.SYS [288984 2015-06-04] (Symantec Corporation)
S3 SymNetS; C:\Windows\system32\drivers\NSx64\1605000.07C\SYMNETS.SYS [567512 2015-06-04] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\JACOBF~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-11 19:48 - 2016-09-11 19:48 - 00000000 ____D C:\FRST
2016-09-11 19:47 - 2016-09-11 19:48 - 01855040 _____ (Free Sky Business LP) C:\Users\Jacob Ford\Downloads\FRST64_exeguard.exe
2016-09-11 17:22 - 2016-09-11 17:22 - 00000000 _____ C:\WINDOWS\cd_127
2016-09-11 15:14 - 2016-09-11 15:20 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-11 15:14 - 2016-09-11 15:14 - 11572656 _____ (SurfRight B.V.) C:\Users\Jacob Ford\Downloads\hitmanpro_x64.exe
2016-09-11 14:47 - 2016-09-11 18:11 - 00019898 _____ C:\WINDOWS\ntbtlog.txt
2016-09-11 14:43 - 2016-09-11 14:43 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-11 14:43 - 2016-09-11 14:43 - 00002340 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-11 12:43 - 2016-09-11 14:43 - 00000000 ____D C:\AdwCleaner
2016-09-11 12:09 - 2016-09-11 12:09 - 00070860 _____ C:\Users\Jacob Ford\Documents\cc_20160911_120900.reg
2016-09-11 11:41 - 2016-09-11 17:53 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-11 11:40 - 2016-09-11 11:40 - 22851472 _____ (Malwarebytes ) C:\Users\Jacob Ford\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-11 11:40 - 2016-09-11 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-11 11:40 - 2016-09-11 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-11 11:40 - 2016-09-11 11:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-11 11:40 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-11 11:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-11 11:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-11 11:35 - 2016-09-11 11:35 - 01065376 _____ (Google Inc.) C:\Users\Jacob Ford\Downloads\ChromeSetup.exe
2016-09-11 11:27 - 2016-09-11 11:27 - 00034947 _____ C:\Users\Jacob Ford\Downloads\Lab 4 Function Transformations.nb
2016-09-11 11:23 - 2016-09-11 11:24 - 00054468 _____ C:\Users\Jacob Ford\Downloads\Resume Checklist 2.pdf
2016-09-10 21:57 - 2016-09-10 21:57 - 00682280 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2016-09-10 21:54 - 2016-09-10 21:54 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Activision
2016-09-10 21:48 - 2016-09-10 21:54 - 161098633 _____ C:\Users\Jacob Ford\Downloads\Cheese Cube Unlimited v1.0.exe
2016-09-10 21:11 - 2016-09-10 21:11 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-09 13:40 - 2016-09-09 13:40 - 00147003 _____ C:\Users\Jacob Ford\Downloads\Unity Through Sports - Google Docs.pdf
2016-09-07 21:49 - 2016-09-07 21:51 - 00028130 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions (2).nb
2016-09-07 21:15 - 2016-09-07 21:57 - 00028853 _____ C:\Users\Jacob Ford\Downloads\Lab 3 Functions Assignment Calc I (1).nb
2016-09-07 21:09 - 2016-09-07 21:44 - 00027933 _____ C:\Users\Jacob Ford\Downloads\Lab 3 Functions Calc I.nb
2016-09-07 16:25 - 2016-09-07 16:25 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\WindSolutions
2016-09-07 16:24 - 2016-09-07 16:24 - 00000000 ____D C:\ProgramData\WindSolutions
2016-09-07 14:16 - 2016-09-11 12:02 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-09-07 14:16 - 2016-09-11 12:02 - 00001820 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Apple Computer
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Apple Computer
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\ProgramData\Apple Computer
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\ProgramData\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\iTunes
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\iPod
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files\Bonjour
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-09-07 14:16 - 2016-09-07 14:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-09-07 14:14 - 2016-09-07 14:15 - 170493768 _____ (Apple Inc.) C:\Users\Jacob Ford\Downloads\iTunes6464Setup.exe
2016-09-07 14:04 - 2016-09-07 14:10 - 136044335 _____ C:\Users\Jacob Ford\Downloads\Frank Ocean - Blonde.zip
2016-09-07 11:14 - 2016-09-07 11:14 - 00010680 _____ C:\Users\Jacob Ford\Downloads\Lab 3 Functions Assignment Calc I.nb
2016-09-05 14:58 - 2016-09-05 14:58 - 00022543 _____ C:\Users\Jacob Ford\Downloads\subscribe.htm
2016-09-05 12:08 - 2016-09-05 12:08 - 00027986 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions (1).nb
2016-09-05 12:06 - 2016-09-05 12:17 - 00019571 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions Assignment .nb
2016-09-05 11:56 - 2016-09-05 11:56 - 00027986 _____ C:\Users\Jacob Ford\Downloads\Lab 2 Defining Functions.nb
2016-09-03 21:46 - 2016-09-03 21:46 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Celavimus
2016-09-03 21:45 - 2016-09-11 12:02 - 00001369 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2016-09-03 21:45 - 2016-09-03 21:46 - 00000000 ____D C:\ProgramData\Celavimus
2016-09-03 21:45 - 2016-09-03 21:45 - 02020792 _____ ( ) C:\Users\Jacob Ford\Downloads\CEVOClientSetup.exe
2016-09-03 21:45 - 2016-09-03 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2016-09-03 21:45 - 2016-09-03 21:45 - 00000000 ____D C:\Program Files (x86)\CEVO
2016-09-01 18:33 - 2016-09-01 18:33 - 00627200 _____ C:\Users\Jacob Ford\Downloads\4.7 Write  Apply Exp and Power functions 2 days-0.ppt
2016-08-31 13:47 - 2016-08-31 13:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 13:47 - 2016-08-25 16:53 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-31 13:47 - 2016-05-03 22:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-31 13:47 - 2016-05-03 22:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-31 13:47 - 2016-05-03 22:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-31 13:47 - 2016-05-03 22:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-31 13:46 - 2016-08-25 19:27 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 35180992 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 34842680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 28238904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 20220928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 10865888 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 10746896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 10288040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 09094048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 08875408 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 08687888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 02912192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 02549184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437270.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 01586560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437270.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 01020472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00958008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00894520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00802584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00801744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00686712 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00616648 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00576168 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00573424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00471608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00439352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-31 13:46 - 2016-08-25 19:27 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-31 13:17 - 2016-08-31 13:18 - 03012080 _____ (Blizzard Entertainment) C:\Users\Jacob Ford\Downloads\Battle.net-Setup.exe
2016-08-31 13:12 - 2016-08-31 13:12 - 00000000 ____D C:\Users\Jacob Ford\Documents\Battlefield 1 Open Beta
2016-08-31 13:06 - 2016-08-31 13:06 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-08-30 21:05 - 2016-08-30 21:05 - 00044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2016-08-30 19:19 - 2016-08-30 19:19 - 00717551 _____ C:\Users\Jacob Ford\Downloads\download.htm
2016-08-30 13:44 - 2016-08-30 13:44 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-08-30 13:43 - 2016-09-02 11:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-08-30 13:43 - 2016-09-02 11:32 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-30 13:36 - 2016-08-30 13:36 - 00000000 ____D C:\Users\Jacob Ford\AppData\LocalLow\Adobe
2016-08-30 13:35 - 2016-09-11 12:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-30 13:35 - 2016-09-02 11:32 - 00000000 ____D C:\ProgramData\McAfee
2016-08-30 13:35 - 2016-08-30 13:36 - 00000000 ____D C:\ProgramData\Adobe
2016-08-30 13:35 - 2016-08-30 13:35 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-30 13:35 - 2016-08-30 13:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-30 13:34 - 2016-08-30 13:36 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Adobe
2016-08-30 09:41 - 2016-08-30 09:41 - 00131258 _____ C:\Users\Jacob Ford\Downloads\Fall 2016 syllabus.pdf
2016-08-29 21:43 - 2016-08-29 21:43 - 00175019 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Assignment.pdf
2016-08-29 14:42 - 2016-08-29 14:42 - 00064851 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Introduction (1).nb
2016-08-29 14:17 - 2016-08-29 14:42 - 00237868 _____ C:\Users\Jacob Ford\Documents\Video1.nb
2016-08-29 12:07 - 2016-08-29 21:42 - 04010479 _____ C:\Users\Jacob Ford\Documents\Lab 1 Assignment.nb
2016-08-29 12:07 - 2016-08-29 12:07 - 00064804 _____ C:\Users\Jacob Ford\Documents\Lab 1 Introduction.nb
2016-08-29 12:07 - 2016-08-29 12:07 - 00017696 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Assignment.nb
2016-08-29 12:05 - 2016-08-29 12:05 - 00064851 _____ C:\Users\Jacob Ford\Downloads\Lab 1 Introduction.nb
2016-08-28 16:39 - 2016-08-28 16:40 - 60413589 _____ C:\Users\Jacob Ford\Downloads\esea_match_7603978.zip
2016-08-27 19:28 - 2016-08-27 19:32 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Mathematica
2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\Jacob Ford\Documents\Wolfram Mathematica
2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Wolfram Research
2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Mathematica
2016-08-27 19:27 - 2016-08-27 19:28 - 00000000 ____D C:\ProgramData\Mathematica
2016-08-27 19:27 - 2016-08-27 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2016-08-27 19:27 - 2016-08-27 19:27 - 00000000 ____D C:\Program Files\Extras
2016-08-27 19:27 - 2016-08-27 19:27 - 00000000 ____D C:\Program Files\Common Files\Wolfram Research
2016-08-27 19:22 - 2016-08-27 19:22 - 00000000 ____D C:\Program Files\Wolfram Research
2016-08-27 19:16 - 2016-08-27 19:22 - 2553115969 _____ C:\Users\Jacob Ford\Downloads\Mathematica_10.4.1_WIN.zip
2016-08-26 10:41 - 2016-08-26 10:41 - 00154495 _____ C:\Users\Jacob Ford\Downloads\MA1160_Syllabus_FALL2016.pdf
2016-08-26 10:34 - 2016-08-26 10:34 - 00074718 _____ C:\Users\Jacob Ford\Downloads\MA1160 Schedule Fall 2016A.pdf
2016-08-26 10:25 - 2016-09-11 12:02 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-26 10:25 - 2016-08-26 10:25 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-26 10:25 - 2016-08-26 10:25 - 00004002 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1472221522
2016-08-26 10:24 - 2016-09-11 12:02 - 00002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-08-26 10:24 - 2016-08-26 10:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-26 10:24 - 2016-08-26 10:24 - 06253640 _____ (AVAST Software) C:\Users\Jacob Ford\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
2016-08-26 10:24 - 2016-08-26 10:24 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-26 10:24 - 2016-08-26 10:24 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-26 10:24 - 2016-08-26 10:24 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-26 10:24 - 2016-08-26 10:24 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-26 10:24 - 2016-08-26 10:24 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\AVAST Software
2016-08-24 18:31 - 2016-08-24 18:31 - 00000000 ____D C:\Users\Jacob Ford\Documents\League of Legends
2016-08-24 18:24 - 2016-08-24 18:24 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\LolClient
2016-08-24 17:33 - 2016-08-24 17:33 - 00000000 ____D C:\ProgramData\Riot Games
2016-08-24 17:33 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-24 17:33 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-24 17:33 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-24 17:32 - 2016-08-24 17:32 - 00000000 ____D C:\Riot Games
2016-08-24 17:32 - 2016-08-24 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-08-24 14:48 - 2016-08-24 17:33 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Riot Games
2016-08-24 14:48 - 2016-08-24 14:48 - 28411368 _____ (Riot Games) C:\Users\Jacob Ford\Downloads\LeagueofLegends_NA_Installer_2016_05_13.exe
2016-08-24 14:35 - 2016-08-24 16:13 - 00000000 ____D C:\Users\Jacob Ford\Desktop\Books
2016-08-24 14:26 - 2016-09-11 12:02 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivateTunnel.lnk
2016-08-24 14:26 - 2016-09-10 21:10 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\PrivateTunnel
2016-08-24 14:26 - 2016-08-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Technologies
2016-08-24 14:26 - 2016-08-24 14:26 - 00000000 ____D C:\Program Files (x86)\OpenVPN Technologies
2016-08-24 14:25 - 2016-08-24 14:26 - 30736384 _____ (OpenVPN Technologies) C:\Users\Jacob Ford\Downloads\privatetunnel-win-2.7.exe
2016-08-22 21:14 - 2016-08-22 21:15 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Wabbitemu
2016-08-22 20:47 - 2016-09-11 18:07 - 00000000 ____D C:\Users\Jacob Ford\Desktop\Files
2016-08-22 20:39 - 2016-08-22 20:39 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Xerox
2016-08-22 20:37 - 2016-08-22 20:37 - 17654062 _____ C:\Users\Jacob Ford\Downloads\Windows.husky-bw.x64.zip
2016-08-22 20:31 - 2016-08-22 20:31 - 00004310 _____ C:\WINDOWS\default.xpb
2016-08-22 20:31 - 2016-08-22 20:31 - 00000000 ____D C:\ProgramData\Xerox
2016-08-22 20:26 - 2016-08-22 20:26 - 19351456 _____ C:\Users\Jacob Ford\Downloads\Windows.husky-color.x64.zip
2016-08-22 20:25 - 2016-09-11 12:02 - 00001286 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pc-toast-notify.lnk
2016-08-22 20:25 - 2016-08-22 20:25 - 00000053 _____ C:\Users\Jacob Ford\pc-client.properties
2016-08-22 20:25 - 2016-08-22 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaperCut NG
2016-08-22 20:25 - 2016-08-22 20:25 - 00000000 ____D C:\Program Files (x86)\PaperCut NG Client
2016-08-22 20:24 - 2016-08-22 20:24 - 48446585 _____ C:\Users\Jacob Ford\Downloads\papercut-win.v15.0.zip
2016-08-22 20:24 - 2016-08-22 20:24 - 00000000 ____D C:\Users\Jacob Ford\Downloads\papercut-win.v15.0
2016-08-22 16:34 - 2016-08-16 01:45 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-22 16:34 - 2016-08-11 10:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-22 16:34 - 2016-08-11 10:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-22 16:34 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-22 16:34 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-21 10:52 - 2016-08-21 10:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-18 21:12 - 2016-08-18 21:12 - 00180413 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-sixth-season_HI_english-1363567.zip
2016-08-18 17:50 - 2016-08-18 21:00 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.6.720p.HDTV.x265.ShAaNiG
2016-08-18 17:50 - 2016-08-18 17:50 - 00018502 _____ C:\Users\Jacob Ford\Downloads\[otorrents.com]Game-of-Thrones-Season-6-2016-720p.torrent
2016-08-18 17:49 - 2016-08-18 17:49 - 00166117 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-sixth-season_english-1364694.zip
2016-08-18 13:38 - 2016-08-18 17:49 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.6.1080p.HDTV.x265.ShAaNiG
2016-08-16 16:45 - 2016-08-16 17:19 - 00000000 ____D C:\Users\Jacob Ford\Documents\Overwatch
2016-08-16 15:55 - 2016-08-16 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-08-16 12:56 - 2016-08-18 20:59 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.5.720p.BluRay.x264.ShAaNiG
2016-08-16 03:18 - 2016-08-16 03:18 - 00183550 _____ C:\Users\Jacob Ford\Downloads\Game.of.Thrones - S05.720p.BluRay.en.zip
2016-08-16 03:15 - 2016-08-16 03:15 - 00168446 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-fifth-season-2015_english-1288021.zip
2016-08-16 03:14 - 2016-08-16 13:05 - 00000000 ____D C:\Users\Jacob Ford\Downloads\Game.of.Thrones.Season.4.720p.BluRay.x264-ShAaNiG
2016-08-16 03:12 - 2016-08-16 03:12 - 00195993 _____ C:\Users\Jacob Ford\Downloads\game-of-thrones-fourth-season_HI_english-1055327.zip
2016-08-16 00:18 - 2016-08-16 00:18 - 49627504 _____ C:\Users\Jacob Ford\Downloads\torbrowser-install-6.0.3_en-US.exe
2016-08-15 22:36 - 2016-08-15 22:36 - 00000049 _____ C:\Users\Jacob Ford\jagex_cl_oldschool_LIVE.dat
2016-08-15 22:34 - 2016-09-11 12:02 - 00002122 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2016-08-15 22:34 - 2016-08-15 23:33 - 00000024 _____ C:\Users\Jacob Ford\random.dat
2016-08-15 22:34 - 2016-08-15 23:08 - 00000024 _____ C:\Users\Jacob Ford\jagexappletviewer.preferences
2016-08-15 22:34 - 2016-08-15 22:36 - 00000000 ____D C:\Users\Jacob Ford\jagexcache
2016-08-15 22:34 - 2016-08-15 22:34 - 24223744 _____ C:\Users\Jacob Ford\Downloads\RuneScape.msi
2016-08-15 22:34 - 2016-08-15 22:34 - 00000049 _____ C:\Users\Jacob Ford\jagex_cl_runescape_LIVE.dat
2016-08-15 22:34 - 2016-08-15 22:34 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2016-08-15 19:40 - 2016-09-11 12:08 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\TS3Client
2016-08-15 19:40 - 2016-09-11 12:02 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-08-15 19:40 - 2016-08-15 19:40 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-08-15 19:39 - 2016-08-15 19:39 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Jacob Ford\Downloads\TeamSpeak3-Client-win64-3.0.19.4.exe
2016-08-15 19:38 - 2016-08-15 19:38 - 04117216 _____ (Husdawg, LLC) C:\Users\Jacob Ford\Downloads\Detection.exe
2016-08-14 22:37 - 2016-08-14 22:37 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2016-08-14 22:36 - 2016-08-14 22:37 - 01190712 _____ (Alcpu ) C:\Users\Jacob Ford\Downloads\Core-Temp-setup.exe
2016-08-14 22:27 - 2016-08-14 22:27 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\PunkBuster
2016-08-14 21:24 - 2016-08-14 21:24 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-08-14 21:23 - 2016-09-10 21:57 - 00107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-14 21:23 - 2016-09-10 21:57 - 00066872 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-08-14 21:23 - 2016-08-14 22:27 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-14 20:38 - 2016-09-11 12:02 - 00000566 _____ C:\Users\Public\Desktop\Origin.lnk
2016-08-14 20:38 - 2016-08-14 22:24 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-14 20:38 - 2016-08-14 22:23 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Origin
2016-08-14 20:34 - 2016-09-05 16:52 - 00000000 ____D C:\ProgramData\Origin
2016-08-14 20:34 - 2016-08-14 20:38 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Origin
2016-08-14 20:33 - 2016-08-14 20:37 - 31395216 _____ (Electronic Arts, Inc.) C:\Users\Jacob Ford\Downloads\OriginThinSetup.exe
2016-08-14 20:33 - 2016-08-14 20:33 - 31395216 _____ (Electronic Arts, Inc.) C:\Users\Jacob Ford\Downloads\OriginThinSetup (1).exe
2016-08-13 00:46 - 2016-08-13 00:46 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\HelloGames
2016-08-13 00:46 - 2016-08-13 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Man's Sky [GOG.com]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-11 19:02 - 2016-06-28 11:46 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 18:08 - 2016-06-28 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-11 17:38 - 2016-06-28 11:40 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7AD050D1-11B3-400C-A2FE-D66A8D78EB16}
2016-09-11 17:38 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-11 17:28 - 2016-06-28 12:31 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 17:28 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-11 17:23 - 2016-08-03 20:06 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-09-11 17:23 - 2016-06-28 11:46 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 17:22 - 2016-06-28 12:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-11 17:22 - 2016-04-27 02:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-11 17:22 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-11 14:43 - 2016-06-28 11:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-11 14:09 - 2016-06-28 15:24 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Battle.net
2016-09-11 14:09 - 2016-06-28 15:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-09-11 13:46 - 2016-06-28 12:37 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Deployment
2016-09-11 12:49 - 2016-06-28 12:37 - 00000000 ____D C:\Users\Jacob Ford\Desktop\NewTool
2016-09-11 12:08 - 2016-08-10 20:44 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\uTorrent
2016-09-11 12:07 - 2016-08-04 23:26 - 00000000 ____D C:\Program Files\CCleaner
2016-09-11 12:04 - 2016-06-28 11:46 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Google
2016-09-11 12:02 - 2016-08-10 20:44 - 00002655 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-09-11 12:02 - 2016-08-03 20:06 - 00002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2016-09-11 12:02 - 2016-08-03 19:57 - 00002055 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk
2016-09-11 12:02 - 2016-08-03 17:59 - 00000909 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-11 12:02 - 2016-06-28 12:57 - 00001881 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-09-11 12:02 - 2016-06-28 12:53 - 00001791 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2016-09-11 12:02 - 2016-06-28 12:29 - 00002380 _____ C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-11 12:02 - 2016-06-28 12:24 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-11 12:02 - 2016-06-28 12:02 - 00000973 _____ C:\Users\Public\Desktop\Steam.lnk
2016-09-11 12:02 - 2016-06-28 11:59 - 00000702 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2016-09-11 12:01 - 2016-06-28 12:39 - 00000533 _____ C:\Users\Jacob Ford\Desktop\MAIN.lnk
2016-09-11 12:01 - 2016-06-28 12:37 - 00002266 _____ C:\Users\Jacob Ford\Desktop\Discord.lnk
2016-09-11 12:01 - 2016-06-28 12:37 - 00001875 _____ C:\Users\Jacob Ford\Desktop\Spotify.lnk
2016-09-11 12:01 - 2016-06-28 12:37 - 00000877 _____ C:\Users\Jacob Ford\Desktop\ESEA Client.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00001096 _____ C:\Users\Jacob Ford\Desktop\Uplay.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00000820 _____ C:\Users\Jacob Ford\Desktop\Star Citizen Launcher.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00000525 _____ C:\Users\Jacob Ford\Desktop\SSD 1.lnk
2016-09-11 12:01 - 2016-06-28 12:36 - 00000515 _____ C:\Users\Jacob Ford\Desktop\HDD 1.lnk
2016-09-11 11:48 - 2016-06-28 12:24 - 00000000 ____D C:\Users\Jacob Ford
2016-09-11 11:19 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-10 21:58 - 2016-06-28 12:48 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Spotify
2016-09-10 21:39 - 2016-06-28 12:36 - 00000000 ____D C:\Users\Jacob Ford\Desktop\Games
2016-09-10 21:17 - 2016-06-28 12:57 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Spotify
2016-09-10 11:06 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-02 11:34 - 2016-06-28 11:42 - 00000000 ____D C:\Program Files\Intel
2016-08-31 19:07 - 2016-06-28 12:36 - 00000000 ____D C:\Users\Jacob Ford\Desktop\BACKUP
2016-08-31 18:36 - 2016-06-28 11:08 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Packages
2016-08-31 13:48 - 2016-06-28 12:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-31 13:48 - 2016-06-28 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-31 11:07 - 2016-06-28 12:37 - 00000000 ____D C:\Users\Jacob Ford\Desktop\old
2016-08-30 13:36 - 2016-06-28 11:08 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Adobe
2016-08-27 17:52 - 2016-08-01 15:35 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\vlc
2016-08-27 15:52 - 2016-06-28 13:40 - 14216760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-26 10:25 - 2016-07-07 11:41 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-25 21:16 - 2016-06-28 12:48 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\discord
2016-08-25 19:27 - 2016-07-15 23:55 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-25 19:27 - 2016-06-28 13:40 - 23715064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-25 19:27 - 2016-06-28 13:40 - 14477600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-25 19:27 - 2016-06-28 13:40 - 03448808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-25 19:27 - 2015-11-10 06:09 - 03906992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-25 19:27 - 2014-12-11 01:24 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-25 17:12 - 2016-06-28 12:23 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 02475064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 01362368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-25 17:12 - 2016-06-28 12:23 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-25 17:12 - 2016-06-28 12:23 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-25 17:12 - 2016-06-28 11:52 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-25 17:12 - 2016-06-28 11:52 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-24 21:48 - 2016-06-28 12:56 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-24 21:48 - 2016-06-28 12:56 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Discord
2016-08-22 15:21 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-22 15:15 - 2016-06-30 03:50 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\ElevatedDiagnostics
2016-08-22 11:17 - 2016-06-28 12:23 - 07320235 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-18 22:56 - 2016-07-29 16:56 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\{4D077BBC-6855-16CA-0363-3118DFB1CC26}
2016-08-17 00:02 - 2016-06-28 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-16 01:45 - 2016-07-06 20:59 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-16 01:45 - 2016-07-06 20:59 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-15 18:52 - 2016-07-10 01:04 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Arma 3
2016-08-15 17:01 - 2016-06-28 12:59 - 00000000 ____D C:\Users\Jacob Ford\Documents\The Witcher 3
2016-08-14 22:37 - 2016-06-28 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2016-08-14 22:37 - 2016-06-28 12:55 - 00000000 ____D C:\Program Files\Core Temp
2016-08-14 21:23 - 2016-06-28 11:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-14 20:32 - 2016-06-28 12:36 - 00000000 ____D C:\Users\Jacob Ford\AppData\Local\Ubisoft Game Launcher
2016-08-14 13:39 - 2016-08-03 17:59 - 00000000 ____D C:\Users\Jacob Ford\AppData\Roaming\BitTorrent
 
==================== Files in the root of some directories =======
 
2016-07-13 23:07 - 2016-07-13 23:07 - 1065984 _____ () C:\Users\Jacob Ford\AppData\Local\file__0.localstorage
2016-07-30 15:10 - 2016-07-30 15:10 - 0007602 _____ () C:\Users\Jacob Ford\AppData\Local\Resmon.ResmonCfg
2016-06-28 12:23 - 2016-06-28 12:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Files to move or delete:
====================
C:\Users\Jacob Ford\AppData\Local\Temp\Rar$EXa0.615\vibrance.GUI.exe
 
 
Some files in TEMP:
====================
C:\Users\Jacob Ford\AppData\Local\Temp\9c5b-6110-9541-706c.exe
C:\Users\Jacob Ford\AppData\Local\Temp\FRST64.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-09-06 13:18
 
==================== End of FRST.txt ============================

Attached Files


Edited by Chris Cosgrove, 12 September 2016 - 11:33 AM.
2 Duplicates of this post deleted


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 12 September 2016 - 01:45 PM

Hi Jtford12 :)

I noticed that you posted the same thread on Malwarebytes Forums.

https://forums.malwarebytes.org/topic/188216-play-barnet/

Since AdvancedSetup already replied to your thread over there and asked a helper to assist you, I'll close your thread here so it doesn't cause any conflict. Having multiple helpers assist a user at once across multiple forums isn't really productive.

Thank you!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users