Jump to content

Yet More Virus/Malware Support Scams


Jhay
 Share

Recommended Posts

Today I encountered another spam-attack type message while browsing sketchy websites, depicted by the image computerblock.png and yesterday encountered an attack similarly resembling the image spampopup.png. I know I have encountered these before and they don't necessarily pose a substantial threat to the security, health and welfare of my computer. Basically, I know they are scams and not genuinely real. However, I would like to check them out to see if they have actually caused my system any significant damage.

computerblock.png

spampopup.png

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

 

Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below, please see the following:
MBAM Clean Removal Process 2x
When reinstalling the program, please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Link to post
Share on other sites

Here is the MBAM log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/27/2016
Scan Time: 11:36 PM
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.10.28.04
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jordan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 296146
Time Elapsed: 10 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • Root Admin

Well, nothing in that scan. Let's look at some other scans and see.

 

Please restart the computer first and then run the following steps and post back the logs when ready.

STEP 01
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 02

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

STEP 03
Download Sophos Free Virus Removal Tool and save it to your desktop.
 

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View Log file (bottom left-hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found, please confirm that result.

STEP 04
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Link to post
Share on other sites

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Jordan (Administrator) on Sat 10/29/2016 at 15:51:21.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 25 

Successfully deleted: C:\ProgramData\esellerate (Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2GXTVZSI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3F0RKGIV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FJ4FSUF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P13BX1O (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON7X23GU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ONH9U4ZZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QT66MXIX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5LNZP8S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2GXTVZSI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3F0RKGIV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FJ4FSUF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P13BX1O (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON7X23GU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ONH9U4ZZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QT66MXIX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5LNZP8S (Temporary Internet Files Folder) 

Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value) 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/29/2016 at 15:54:31.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

AdwCleaner:
# AdwCleaner v6.030 - Logfile created 29/10/2016 at 16:01:43
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-28.2 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Jordan - JORDAN-PC
# Running from : C:\Users\Jordan\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\Software\Enigma Protector
[#] Key deleted on reboot: HKCU\Software\Enigma Protector
[#] Key deleted on reboot: [x64] HKCU\Software\Enigma Protector


***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [983 Bytes] - [29/10/2016 16:01:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [1306 Bytes] - [29/10/2016 16:01:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1128 Bytes] ##########
 

Sophos Virus Removal Tool found no threats. However, I had to disable my Kaspersky because it detected the installation file as malware. Here is the Kasperky log containing the details of the threat detection:

29.10.2016 16.06.27    Detected object (file) deleted    C:\Users\Jordan\Desktop\Unconfirmed 848200.crdownload    File: C:\Users\Jordan\Desktop\Unconfirmed 848200.crdownload    Object name: Packed.NSIS.FileMonster.gen    Object type: Trojan program    Time: 10/29/2016 4:06 PM
 

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016
Ran by Jordan (administrator) on JORDAN-PC (29-10-2016 19:11:52)
Running from C:\Users\Jordan\Desktop
Loaded Profiles: Jordan (Available Profiles: Jordan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Spotify Ltd) C:\Users\Jordan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-26] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-20] (Hewlett-Packard )
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G10] => C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [110008 2016-01-28] (CyberLink)
HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\...\Run: [Spotify Web Helper] => C:\Users\Jordan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-23] (Spotify Ltd)
HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\...\Run: [Power2GoExpress10] => C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [3065272 2016-01-28] (CyberLink Corp.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F5CDA2E0-CF64-4564-B668-F23236FE717D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-10-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-08] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\mgjuscpf.default [2016-10-29]
FF Extension: (All Aboard) - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\mgjuscpf.default\Extensions\@all-aboard-v1-2 [2016-10-03]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-06-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default [2016-10-29]
CHR Extension: (Google Slides) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-03]
CHR Extension: (Google Docs) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-03]
CHR Extension: (Google Drive) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-03]
CHR Extension: (YouTube) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-03]
CHR Extension: (Adblock Plus) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Google Sheets) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-03]
CHR Extension: (AdBlock) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-03]
CHR Extension: (Gmail) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-03]
CHR Extension: (Chrome Media Router) - C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CLVirtualBus01; C:\Windows\System32\DRIVERS\CLVirtualBus01.sys [95496 2014-11-05] (CyberLink)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-10-03] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1027984 2016-10-03] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50008 2016-10-03] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [126360 2016-10-03] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-29] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56376 2016-08-04] (NVIDIA Corporation)
R3 xcbdaNtscV; C:\Windows\System32\DRIVERS\xcbdaVx64.sys [214784 2009-06-10] (ViXS Systems Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 19:11 - 2016-10-29 19:12 - 00017313 _____ C:\Users\Jordan\Desktop\FRST.txt
2016-10-29 19:11 - 2016-10-29 19:11 - 02408448 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2016-10-29 19:11 - 2016-10-29 19:11 - 00000000 ____D C:\FRST
2016-10-29 18:15 - 2016-10-29 18:16 - 01239752 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\wlsetup-web.exe
2016-10-29 16:17 - 2016-10-29 16:17 - 00000263 _____ C:\Users\Jordan\Documents\kasperskydetect.txt
2016-10-29 16:10 - 2016-10-29 16:10 - 00000000 ____D C:\ProgramData\Sophos
2016-10-29 16:09 - 2016-10-29 16:09 - 00002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2016-10-29 16:09 - 2016-10-29 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-10-29 16:09 - 2016-10-29 16:09 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-10-29 16:07 - 2016-10-29 16:07 - 155779048 _____ (Sophos Limited) C:\Users\Jordan\Desktop\Sophos Virus Removal Tool.exe
2016-10-29 16:00 - 2016-10-29 16:01 - 00000000 ____D C:\AdwCleaner
2016-10-29 15:59 - 2016-10-29 15:59 - 03910208 _____ C:\Users\Jordan\Desktop\AdwCleaner.exe
2016-10-29 15:54 - 2016-10-29 15:54 - 00005180 _____ C:\Users\Jordan\Desktop\JRT.txt
2016-10-29 15:51 - 2016-10-29 15:51 - 01631928 _____ (Malwarebytes) C:\Users\Jordan\Desktop\JRT.exe
2016-10-29 15:50 - 2016-10-29 15:50 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\NVIDIA
2016-10-23 13:38 - 2016-10-23 13:38 - 00000000 ____D C:\fd13ef3f579df7ebfd39b4fa1723
2016-10-16 17:43 - 2016-10-16 17:43 - 12270846 _____ C:\Users\Jordan\Downloads\ethiopian777200lr.zip
2016-10-16 17:43 - 2016-10-16 17:43 - 00000000 ____D C:\Users\Jordan\Downloads\ethiopian777200lr
2016-10-16 16:42 - 2016-10-29 15:49 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\CyberLink
2016-10-16 16:42 - 2016-10-16 16:42 - 00000000 ____D C:\Users\Jordan\AppData\Local\Power2Go10
2016-10-16 16:41 - 2016-10-16 16:41 - 00002205 _____ C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk
2016-10-16 16:41 - 2016-10-16 16:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2016-10-16 16:41 - 2016-10-16 16:41 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2016-10-16 16:41 - 2016-10-16 16:41 - 00000000 ____D C:\Users\Jordan\AppData\Local\CyberLink
2016-10-16 16:40 - 2016-10-16 16:40 - 00002079 _____ C:\Users\Public\Desktop\CyberLink LabelPrint 2.5.lnk
2016-10-16 16:40 - 2016-10-16 16:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint 2.5
2016-10-16 16:40 - 2016-10-16 16:40 - 00000000 ____D C:\ProgramData\Temp
2016-10-16 16:39 - 2016-10-16 16:41 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2016-10-16 16:39 - 2016-10-16 16:41 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-10-16 16:39 - 2016-10-16 16:39 - 00002203 _____ C:\Users\Public\Desktop\CyberLink Power2Go 10.lnk
2016-10-16 16:39 - 2016-10-16 16:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 10
2016-10-16 16:39 - 2016-10-16 16:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf
2016-10-16 16:39 - 2014-11-05 05:17 - 00095496 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualBus01.sys
2016-10-16 16:39 - 2009-07-14 02:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-10-16 16:38 - 2016-10-16 16:41 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-10-16 16:38 - 2016-10-16 16:40 - 00000000 ____D C:\ProgramData\install_clap
2016-10-16 16:37 - 2016-10-16 16:37 - 00000000 ____D C:\Users\Jordan\Downloads\CyberLink Power2Go
2016-10-16 16:36 - 2016-10-16 16:53 - 00000000 ____D C:\ProgramData\CyberLink
2016-10-16 16:36 - 2016-10-16 16:36 - 01089304 _____ (CyberLink) C:\Users\Jordan\Downloads\CyberLink_Power2Go_Downloader.exe
2016-10-15 22:49 - 2016-10-23 22:14 - 00000000 ____D C:\Users\Jordan\AppData\Local\Spotify
2016-10-15 22:49 - 2016-10-23 22:04 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Spotify
2016-10-15 22:49 - 2016-10-15 22:49 - 00356056 _____ (Spotify Ltd) C:\Users\Jordan\Downloads\SpotifySetup.exe
2016-10-15 22:49 - 2016-10-15 22:49 - 00001811 _____ C:\Users\Jordan\Desktop\Spotify.lnk
2016-10-15 22:49 - 2016-10-15 22:49 - 00001797 _____ C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-15 22:48 - 2016-10-15 22:48 - 27474545 _____ (soundbounce.org ) C:\Users\Jordan\Downloads\soundbounce-setup-v1.0.exe
2016-10-15 22:48 - 2016-10-15 22:48 - 00001047 _____ C:\Users\Public\Desktop\Soundbounce.lnk
2016-10-15 22:48 - 2016-10-15 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soundbounce
2016-10-15 22:48 - 2016-10-15 22:48 - 00000000 ____D C:\Program Files (x86)\Soundbounce
2016-10-15 20:44 - 2016-10-15 21:03 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\vlc
2016-10-15 20:44 - 2016-10-15 20:44 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-10-15 20:44 - 2016-10-15 20:44 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\dvdcss
2016-10-15 20:44 - 2016-10-15 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-15 20:43 - 2016-10-15 20:43 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-10-15 20:42 - 2016-10-15 20:43 - 30533688 _____ C:\Users\Jordan\Downloads\vlc-2.2.4-win32.exe
2016-10-14 21:30 - 2016-10-14 21:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\527473B7.sys
2016-10-14 21:06 - 2016-10-14 21:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-10-10 17:45 - 2016-10-10 17:45 - 01257052 _____ C:\Users\Jordan\Downloads\vghs_ade_dyna_fsx_p3d.zip
2016-10-10 12:03 - 2016-10-10 12:03 - 32187625 _____ C:\Users\Jordan\Downloads\captain_sim_b777_repaint_egyptair_su-gbr.zip
2016-10-10 12:03 - 2016-10-10 12:03 - 00000000 ____D C:\Users\Jordan\Downloads\captain_sim_b777_repaint_egyptair_su-gbr
2016-10-08 15:44 - 2016-10-08 15:44 - 00000000 ____D C:\Users\Jordan\Documents\Custom Office Templates
2016-10-08 13:17 - 2016-10-08 13:17 - 21665483 _____ C:\Users\Jordan\Downloads\fdsfxpnl.zip
2016-10-08 13:17 - 2016-10-08 13:17 - 00000000 ____D C:\Users\Jordan\Downloads\fdsfxpnl
2016-10-08 13:15 - 2016-10-08 13:15 - 07125379 _____ (Captain Sim) C:\Users\Jordan\Downloads\csx772_1710.exe
2016-10-08 13:04 - 2016-10-08 13:04 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Captain Sim
2016-10-08 13:04 - 2016-10-08 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captain Sim
2016-10-08 13:03 - 2016-10-08 13:03 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\CaptainSim
2016-10-08 13:02 - 2016-10-08 13:16 - 00000000 ____D C:\ProgramData\CaptainSim
2016-10-08 12:57 - 2016-10-08 13:00 - 303037010 _____ (Captain Sim) C:\Users\Jordan\Downloads\csx772_1700.exe
2016-10-08 12:57 - 2016-10-08 12:58 - 31847388 _____ (Captain Sim) C:\Users\Jordan\Downloads\csx773_1700.exe
2016-10-08 12:51 - 2016-10-08 13:01 - 00002165 _____ C:\Users\Jordan\Desktop\XPax.lnk
2016-10-08 12:51 - 2016-10-08 13:00 - 00000000 ____D C:\Windows\Downloaded Installations
2016-10-08 12:51 - 2016-10-08 12:53 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\HiFi
2016-10-08 12:51 - 2016-10-08 12:51 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiFi
2016-10-08 12:51 - 2016-10-08 12:51 - 00000000 ____D C:\Program Files (x86)\HiFi
2016-10-08 12:49 - 2016-10-08 12:50 - 00000000 ____D C:\Users\Jordan\Downloads\Hifisim-XPax
2016-10-08 12:41 - 2016-10-08 12:46 - 169396374 _____ C:\Users\Jordan\Downloads\Hifisim-XPax.zip
2016-10-08 12:40 - 2016-10-08 12:40 - 00000000 ____D C:\Users\Jordan\Downloads\XPax_Update_SP2_B356
2016-10-08 12:39 - 2016-10-08 12:39 - 05274787 _____ C:\Users\Jordan\Downloads\XPax_Update_SP2_B356.zip
2016-10-08 12:36 - 2016-10-08 12:36 - 00000000 ____D C:\Users\Jordan\Downloads\FSCaptain
2016-10-08 12:34 - 2016-10-08 12:35 - 183922810 _____ C:\Users\Jordan\Downloads\FSCaptain.zip
2016-10-08 12:29 - 2016-10-16 17:38 - 00000000 ____D C:\Users\Jordan\Documents\Flight Simulator X - Steam Edition Files
2016-10-08 12:25 - 2016-10-08 12:25 - 00000000 ____D C:\Users\Jordan\Downloads\vsaxdal1
2016-10-08 12:22 - 2016-10-08 12:23 - 05606083 _____ C:\Users\Jordan\Downloads\vsaxdal1.zip
2016-10-08 12:20 - 2016-10-08 12:20 - 01350156 _____ C:\Users\Jordan\Downloads\1608_Delta_Safety.zip
2016-10-08 12:20 - 2016-10-08 12:20 - 00000000 ____D C:\Users\Jordan\Downloads\1608_Delta_Safety
2016-10-07 22:52 - 2016-10-07 22:52 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00334608 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00244504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-07 22:45 - 2016-10-07 22:45 - 00271112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-10-07 21:12 - 2016-10-07 21:12 - 00002164 _____ C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-07 21:12 - 2016-10-07 21:12 - 00002104 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-07 21:12 - 2016-10-07 21:12 - 00002104 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-07 21:12 - 2016-10-07 21:12 - 00000000 ___RD C:\Users\Jordan\OneDrive
2016-10-07 21:12 - 2016-10-07 21:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-07 21:12 - 2016-10-07 21:12 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-10-07 21:11 - 2016-10-23 13:38 - 00000000 ___HT C:\Windows\wusa.lock
2016-10-07 21:11 - 2016-10-07 21:11 - 00000000 ____D C:\13d9101e426ce389ad9452d2
2016-10-07 21:07 - 2016-10-07 21:07 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-10-07 21:07 - 2016-10-07 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-10-07 21:05 - 2016-10-23 13:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-07 21:05 - 2016-10-07 21:05 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-07 21:03 - 2016-10-23 13:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-07 21:03 - 2016-10-07 21:03 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-07 21:02 - 2016-10-07 21:02 - 03768120 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Setup.X86.en-US_O365HomePremRetail_0380fcf4-070a-4dfb-bed2-1752963ea89b_TX_PR_.exe
2016-10-07 20:06 - 2016-10-07 20:06 - 00000000 ____D C:\Users\Jordan\Downloads\GE View
2016-10-04 21:42 - 2016-10-16 14:43 - 00000000 ____D C:\Users\Jordan\Documents\Pinnacle
2016-10-04 21:40 - 2016-10-29 16:50 - 00004608 _____ C:\Users\Jordan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-04 21:39 - 2016-10-29 19:05 - 00000000 ____D C:\Users\Jordan\temp
2016-10-04 21:39 - 2016-10-29 18:22 - 00000000 ____D C:\Users\Jordan\AppData\Local\Avid
2016-10-04 21:39 - 2016-10-29 16:23 - 00000813 _____ C:\Users\Jordan\AppData\Roaming\JORDAN-PC.MTBF.txt
2016-10-04 21:39 - 2016-10-04 21:39 - 00000000 ____D C:\Users\Jordan\Documents\InstantCDDVD
2016-10-04 21:36 - 2016-10-04 21:36 - 00002246 _____ C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
2016-10-04 21:34 - 2016-10-04 21:34 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2016-10-04 21:28 - 2016-10-29 18:22 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-10-04 21:26 - 2016-10-04 21:39 - 00000000 ____D C:\Users\Jordan\AppData\Local\Pinnacle
2016-10-04 21:26 - 2016-10-04 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
2016-10-04 21:26 - 2016-10-04 21:34 - 00000000 ____D C:\ProgramData\Pinnacle
2016-10-04 21:26 - 2016-10-04 21:34 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2016-10-04 21:25 - 2016-10-04 21:38 - 00000000 ____D C:\Users\Jordan\AppData\Local\Downloaded Installations
2016-10-04 21:22 - 2016-10-04 21:24 - 00000000 ____D C:\Users\Jordan\Desktop\PinnacleStudioSetup
2016-10-04 21:20 - 2016-10-26 23:24 - 00000600 _____ C:\Users\Jordan\AppData\Local\PUTTY.RND
2016-10-04 21:03 - 2016-10-04 21:03 - 00592080 _____ (ITS CIS CSS Syracuse University) C:\Users\Jordan\Desktop\Syracuse University Remote Access.exe
2016-10-04 21:03 - 2016-10-04 21:03 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\SURA
2016-10-04 21:02 - 2016-10-26 23:24 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\FileZilla
2016-10-04 21:02 - 2016-10-04 21:02 - 06654776 _____ (Tim Kosse) C:\Users\Jordan\Downloads\FileZilla_3.22.1_win64-setup_bundled2.exe
2016-10-04 21:02 - 2016-10-04 21:02 - 00001858 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-10-04 21:02 - 2016-10-04 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-10-04 21:02 - 2016-10-04 21:02 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-10-03 22:41 - 2016-10-16 23:34 - 00000000 ____D C:\Users\Jordan\AppData\Local\CrashDumps
2016-10-03 22:30 - 2016-10-03 22:39 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\fs_earth_x
2016-10-03 22:30 - 2016-10-03 22:30 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2016-10-03 22:30 - 2016-10-03 22:30 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2016-10-03 22:30 - 2016-10-03 22:30 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fs Earth for FSX
2016-10-03 22:30 - 2016-10-03 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fs Earth for FSX
2016-10-03 22:29 - 2016-10-03 22:29 - 00000000 ____D C:\Users\Jordan\Downloads\fsxea52
2016-10-03 22:28 - 2016-10-03 22:28 - 03627824 _____ C:\Users\Jordan\Downloads\fsxea52.zip
2016-10-03 21:59 - 2016-10-03 21:59 - 12642538 _____ C:\Users\Jordan\Downloads\fsw_gmap_brw_20.zip
2016-10-03 21:59 - 2016-10-03 21:59 - 00000000 ____D C:\Users\Jordan\Downloads\fsw_gmap_brw_20
2016-10-03 21:41 - 2016-10-03 21:41 - 08460792 _____ (Sublime HQ Pty Ltd ) C:\Users\Jordan\Downloads\Sublime Text Build 3126 x64 Setup.exe
2016-10-03 21:41 - 2016-10-03 21:41 - 00000886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-10-03 21:41 - 2016-10-03 21:41 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Sublime Text 3
2016-10-03 21:41 - 2016-10-03 21:41 - 00000000 ____D C:\Users\Jordan\AppData\Local\Sublime Text 3
2016-10-03 21:41 - 2016-10-03 21:41 - 00000000 ____D C:\Program Files\Sublime Text 3
2016-10-03 21:34 - 2016-10-03 21:34 - 00000000 ____D C:\Users\Jordan\Downloads\fsx_bmw
2016-10-03 21:33 - 2016-10-03 21:34 - 03554185 _____ C:\Users\Jordan\Downloads\fsx_bmw.zip
2016-10-03 21:32 - 2016-10-03 21:32 - 00000000 ____D C:\Users\Jordan\Downloads\bmw
2016-10-03 21:31 - 2016-10-03 21:32 - 03576329 _____ C:\Users\Jordan\Downloads\bmw.zip
2016-10-03 21:24 - 2016-10-03 21:24 - 00000061 ___SH C:\Windows\cnerolf.bin
2016-10-03 21:23 - 2016-10-03 21:23 - 00000000 ____D C:\Users\Jordan\Downloads\FSUIPC4
2016-10-03 21:18 - 2016-10-03 21:18 - 03988172 _____ C:\Users\Jordan\Downloads\FSUIPC4.zip
2016-10-03 21:17 - 2016-10-03 21:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-10-03 21:17 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-10-03 21:17 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-10-03 21:17 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-10-03 21:17 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-10-03 21:17 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-10-03 21:17 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-10-03 21:17 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-10-03 21:17 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-10-03 21:17 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-10-03 21:17 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-10-03 21:17 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-10-03 21:17 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-10-03 21:17 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-10-03 21:17 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-10-03 21:17 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-10-03 21:17 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-10-03 21:17 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-10-03 21:17 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-10-03 21:17 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-10-03 21:17 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-10-03 21:17 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-10-03 21:17 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-10-03 21:17 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-10-03 21:17 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-10-03 21:17 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-10-03 21:17 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-10-03 21:17 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-10-03 21:17 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-10-03 21:17 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-10-03 21:17 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-10-03 21:17 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-10-03 21:17 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-10-03 21:17 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-10-03 21:17 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-10-03 21:17 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-10-03 21:17 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-10-03 21:17 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-10-03 21:17 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-10-03 21:17 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-10-03 21:17 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-10-03 21:17 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-10-03 21:17 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-10-03 21:17 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-10-03 21:17 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-10-03 21:17 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-10-03 21:17 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-10-03 21:17 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-10-03 21:17 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-10-03 21:17 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-10-03 21:17 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-10-03 21:17 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-10-03 21:17 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-10-03 21:17 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-10-03 21:17 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-10-03 21:17 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-10-03 21:17 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-10-03 21:17 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-10-03 21:17 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-10-03 21:17 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-10-03 21:17 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-10-03 21:17 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-10-03 21:17 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-10-03 21:17 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-10-03 21:17 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-10-03 21:17 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-10-03 21:17 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-10-03 21:17 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-10-03 21:17 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-10-03 21:17 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-10-03 21:17 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-10-03 21:17 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-10-03 21:17 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-10-03 21:17 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-10-03 21:17 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-10-03 21:17 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-10-03 21:17 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-10-03 21:17 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-10-03 21:17 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-10-03 21:17 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-10-03 21:17 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-10-03 21:17 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-10-03 21:17 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-10-03 21:17 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-10-03 21:17 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-10-03 21:17 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-10-03 21:17 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-10-03 21:17 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-10-03 21:17 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-10-03 21:17 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-10-03 21:17 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-10-03 21:17 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-10-03 21:17 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-10-03 21:17 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-10-03 21:17 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-10-03 21:17 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-10-03 21:17 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-10-03 21:17 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-10-03 21:17 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-10-03 21:17 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-10-03 21:17 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-10-03 21:17 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-10-03 21:17 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-10-03 21:17 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-10-03 21:17 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-10-03 21:17 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-10-03 21:17 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-10-03 21:17 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-10-03 21:17 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-10-03 21:17 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-10-03 21:17 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-10-03 21:17 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-10-03 21:17 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-10-03 21:17 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-10-03 21:17 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-10-03 21:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-10-03 21:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-10-03 21:17 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-10-03 21:17 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-10-03 21:17 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-10-03 21:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-10-03 21:17 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-10-03 21:17 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-10-03 21:17 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-10-03 21:17 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-10-03 21:17 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-10-03 21:17 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-10-03 21:17 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-10-03 21:17 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-10-03 21:17 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-10-03 21:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-10-03 21:17 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-10-03 21:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-10-03 21:16 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-10-03 21:16 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-10-03 21:16 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-10-03 21:16 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-10-03 21:16 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-10-03 21:16 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-10-03 21:16 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-10-03 21:16 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-10-03 21:16 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-10-03 21:16 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-10-03 21:16 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-10-03 21:16 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-10-03 21:16 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-10-03 21:16 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-10-03 21:16 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-10-03 21:16 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-10-03 21:16 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-10-03 21:16 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-10-03 21:13 - 2016-10-03 21:13 - 00000000 ____D C:\Users\Jordan\Downloads\woains24
2016-10-03 21:12 - 2016-10-16 23:34 - 00000000 ____D C:\Users\Jordan\Documents\Flight Simulator X Files
2016-10-03 21:11 - 2016-10-03 21:12 - 00000000 ____D C:\Users\Jordan\Downloads\fsw_gmap_garmin_20
2016-10-03 21:07 - 2016-10-03 21:07 - 13028341 _____ C:\Users\Jordan\Downloads\fsw_gmap_garmin_20.zip
2016-10-03 21:03 - 2016-10-03 21:03 - 00996297 _____ C:\Users\Jordan\Downloads\woains24.zip
2016-10-03 20:38 - 2016-10-03 20:39 - 00000000 ____D C:\Users\Jordan\Downloads\road_v11
2016-10-03 20:35 - 2016-10-03 20:36 - 00196254 _____ C:\Users\Jordan\Downloads\GE View.zip
2016-10-03 20:28 - 2016-10-03 20:30 - 04758595 _____ C:\Users\Jordan\Downloads\road_v11.zip
2016-10-03 20:25 - 2016-10-03 20:25 - 00000000 ____D C:\Users\Jordan\Downloads\rex_road_highway_textures_for_fsx
2016-10-03 20:23 - 2016-10-03 20:25 - 05376817 _____ C:\Users\Jordan\Downloads\rex_road_highway_textures_for_fsx.zip
2016-10-03 20:10 - 2016-10-03 20:10 - 00000222 _____ C:\Users\Jordan\Desktop\Microsoft Flight Simulator X Steam Edition.url
2016-10-03 20:10 - 2016-10-03 20:10 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-03 20:06 - 2016-10-03 20:06 - 00000000 ____D C:\Users\Jordan\AppData\Local\Steam
2016-10-03 20:06 - 2016-10-03 20:06 - 00000000 ____D C:\Users\Jordan\AppData\Local\CEF
2016-10-03 20:04 - 2016-10-29 16:03 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-03 20:04 - 2016-10-03 20:04 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2016-10-03 20:04 - 2016-10-03 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-03 20:03 - 2016-10-03 20:03 - 01446792 _____ C:\Users\Jordan\Downloads\SteamSetup.exe
2016-10-03 19:55 - 2016-10-03 19:55 - 00770088 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-10-03 19:53 - 2016-10-03 19:58 - 00000000 ____D C:\cd7e96c27cf3447e7b38cdc351a3
2016-10-03 19:53 - 2016-10-03 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-03 19:52 - 2016-10-03 19:52 - 00000000 ____D C:\Users\Jordan\AppData\Local\NVIDIA
2016-10-03 19:42 - 2016-10-03 19:42 - 00000000 ____D C:\9264e20d95ef3fe09ab05a
2016-10-03 19:41 - 2016-10-03 19:42 - 01429344 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\NDP462-KB3151802-Web.exe
2016-10-03 19:40 - 2016-10-29 16:02 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-03 19:40 - 2016-10-03 19:40 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-03 19:40 - 2016-09-16 18:30 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-10-03 19:40 - 2016-09-09 14:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-10-03 19:40 - 2016-09-09 14:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-10-03 19:40 - 2016-09-09 14:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-10-03 19:40 - 2016-09-09 14:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-10-03 19:39 - 2016-10-03 19:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-03 19:39 - 2016-10-03 19:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-03 19:39 - 2016-09-16 20:46 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-10-03 19:39 - 2016-09-16 20:46 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 01364024 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-10-03 19:39 - 2016-09-16 18:57 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-10-03 19:39 - 2016-09-16 18:57 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-10-03 19:39 - 2016-09-16 03:40 - 07379415 _____ C:\Windows\system32\nvcoproc.bin
2016-10-03 19:38 - 2016-10-16 16:38 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-03 19:38 - 2016-09-19 19:09 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-10-03 19:38 - 2016-09-19 19:09 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-10-03 19:38 - 2016-09-19 19:09 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 40070200 _____ C:\Windows\system32\nvcompiler.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 35180992 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 34809912 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 28214840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 19854064 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 17464952 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 17270984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 14353512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 14118336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-10-03 19:38 - 2016-09-16 20:46 - 10868288 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 10746872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 10287344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 09090952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 08877480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 08684304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 03917840 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 03595832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 03458608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 03161024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437290.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437290.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 01020472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00956864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00943672 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00895032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00493608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00409296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00179952 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00157464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-10-03 19:38 - 2016-09-16 20:46 - 00039730 _____ C:\Windows\system32\nvinfo.pb
2016-10-03 19:38 - 2016-09-16 20:46 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-10-03 19:38 - 2016-09-16 20:46 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-10-03 19:38 - 2016-08-04 06:25 - 00113208 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-10-03 19:38 - 2016-08-04 06:25 - 00102968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-10-03 19:38 - 2016-08-04 06:25 - 00056376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-10-03 19:12 - 2016-10-03 19:12 - 00008192 __RSH C:\BOOTSECT.BAK
2016-10-03 19:12 - 2016-10-03 17:10 - 00000000 ____D C:\Windows\Panther
2016-10-03 19:12 - 2010-11-20 23:23 - 00383786 __RSH C:\bootmgr
2016-10-03 18:31 - 2016-10-29 16:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-03 18:31 - 2016-10-03 18:31 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-03 18:31 - 2016-10-03 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-03 18:31 - 2016-10-03 18:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-03 18:31 - 2016-10-03 18:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-03 18:31 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-03 18:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-03 18:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-03 18:15 - 2016-10-03 18:15 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-03 18:15 - 2016-10-03 18:15 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-03 18:14 - 2016-10-03 18:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-10-03 18:05 - 2016-10-03 18:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jordan\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-03 17:58 - 2016-10-29 16:03 - 00000000 ___RD C:\Users\Jordan\Google Drive
2016-10-03 17:58 - 2016-10-03 17:58 - 00001701 _____ C:\Users\Jordan\Desktop\Google Drive.lnk
2016-10-03 17:57 - 2016-10-03 17:57 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-10-03 17:57 - 2016-10-03 17:57 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-10-03 17:57 - 2016-10-03 17:57 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-10-03 17:57 - 2016-10-03 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-03 17:51 - 2016-10-03 17:51 - 01065376 _____ (Google Inc.) C:\Users\Jordan\Downloads\googledrivesync.exe
2016-10-03 17:50 - 2016-10-03 22:00 - 00000000 ____D C:\Users\Jordan\AppData\Local\Mozilla
2016-10-03 17:50 - 2016-10-03 17:50 - 01065376 _____ (Google Inc.) C:\Users\Jordan\Downloads\GoogleEarthSetup.exe
2016-10-03 17:50 - 2016-10-03 17:50 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-10-03 17:50 - 2016-10-03 17:50 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Mozilla
2016-10-03 17:50 - 2016-10-03 17:50 - 00000000 ____D C:\Users\Jordan\AppData\LocalLow\Google
2016-10-03 17:50 - 2016-10-03 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-03 17:38 - 2016-10-03 17:38 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-03 17:38 - 2016-10-03 17:38 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-03 17:38 - 2016-10-03 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-03 17:38 - 2016-10-03 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-03 17:37 - 2016-10-03 17:37 - 46883960 _____ C:\Users\Jordan\Downloads\Firefox Setup 49.0.1.exe
2016-10-03 17:35 - 2016-10-03 17:35 - 00000000 ____D C:\808ea3e4252a262c5f
2016-10-03 17:35 - 2016-10-03 17:35 - 00000000 ____D C:\193e5f0e1348d1da7c96
2016-10-03 17:32 - 2016-10-03 19:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-03 17:31 - 2016-10-03 17:31 - 00000000 ____D C:\NVIDIA
2016-10-03 17:27 - 2016-10-29 16:20 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-10-03 17:27 - 2016-10-03 17:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-03 17:26 - 2016-10-29 18:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-03 17:26 - 2016-10-03 17:26 - 00002150 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-10-03 17:26 - 2016-10-03 17:26 - 00002132 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-10-03 17:26 - 2016-10-03 17:26 - 00001374 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-10-03 17:26 - 2016-10-03 17:26 - 00000000 ____D C:\Windows\ELAMBKUP
2016-10-03 17:26 - 2016-10-03 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2016-10-03 17:26 - 2016-10-03 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-10-03 17:26 - 2016-10-03 17:26 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-10-03 17:26 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-10-03 17:25 - 2016-10-03 17:40 - 01027984 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-10-03 17:25 - 2016-06-26 15:10 - 00189264 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-10-03 17:23 - 2016-10-03 17:23 - 351102072 _____ (NVIDIA Corporation) C:\Users\Jordan\Downloads\372.90-desktop-win8-win7-64bit-international-whql.exe
2016-10-03 17:22 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-10-03 17:22 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-10-03 17:22 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-10-03 17:22 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-10-03 17:21 - 2016-10-03 17:21 - 177912864 _____ (Kaspersky Lab) C:\Users\Jordan\Downloads\kis17.0.0.611en_10743.exe
2016-10-03 17:21 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-10-03 17:21 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-10-03 17:21 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-10-03 17:21 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-10-03 17:21 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-10-03 17:21 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-10-03 17:21 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-10-03 17:21 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-10-03 17:21 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-10-03 17:21 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-10-03 17:19 - 2016-10-29 18:24 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-03 17:19 - 2016-10-29 17:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-03 17:19 - 2016-10-23 13:39 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 17:19 - 2016-10-23 13:39 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 17:19 - 2016-10-08 13:45 - 00140752 _____ C:\Users\Jordan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-03 17:19 - 2016-10-03 20:32 - 00000000 ____D C:\Users\Jordan\AppData\Local\Google
2016-10-03 17:19 - 2016-10-03 17:57 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-03 17:19 - 2016-10-03 17:19 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-03 17:19 - 2016-10-03 17:19 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-03 17:19 - 2016-10-03 17:19 - 00000000 ____D C:\Users\Jordan\AppData\Local\Deployment
2016-10-03 17:19 - 2016-10-03 17:19 - 00000000 ____D C:\Users\Jordan\AppData\Local\Apps\2.0
2016-10-03 17:16 - 2016-10-16 16:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-03 17:16 - 2016-10-03 17:16 - 00001661 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Beats Audio.lnk
2016-10-03 17:16 - 2016-10-03 17:16 - 00000000 ____D C:\ProgramData\SonicFocus
2016-10-03 17:16 - 2016-10-03 17:16 - 00000000 ____D C:\Program Files\IDT
2016-10-03 17:16 - 2011-01-26 09:52 - 12897792 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2016-10-03 17:16 - 2011-01-26 09:52 - 04637184 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2016-10-03 17:16 - 2011-01-26 09:52 - 01499136 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2016-10-03 17:16 - 2011-01-26 09:52 - 00835072 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2016-10-03 17:16 - 2011-01-26 09:52 - 00651776 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2016-10-03 17:16 - 2011-01-26 09:52 - 00520192 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2016-10-03 17:16 - 2011-01-26 09:52 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2016-10-03 17:16 - 2011-01-26 09:52 - 00221184 _____ (IDT, Inc.) C:\Windows\system32\HPToneCtrls64.dll
2016-10-03 17:16 - 2011-01-26 09:52 - 00220160 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2016-10-03 17:16 - 2010-08-12 22:14 - 00220496 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK64.DLL
2016-10-03 17:16 - 2010-08-12 22:14 - 00081232 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM64.DLL
2016-10-03 17:16 - 2010-08-12 22:14 - 00078160 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO64.DLL
2016-10-03 17:16 - 2010-08-12 22:14 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\sfcom.dll
2016-10-03 17:16 - 2010-03-31 22:11 - 00162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2016-10-03 17:16 - 2009-10-09 08:45 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2016-10-03 17:16 - 2009-03-02 09:58 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2016-10-03 17:16 - 2009-03-02 09:47 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2016-10-03 17:12 - 2016-10-03 17:12 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\WinBatch
2016-10-03 17:11 - 2016-10-03 17:11 - 00001447 _____ C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-03 17:11 - 2016-10-03 17:11 - 00001413 _____ C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-10-03 17:10 - 2016-10-07 21:12 - 00000000 ____D C:\Users\Jordan
2016-10-03 17:10 - 2016-10-04 21:39 - 00000000 ____D C:\Users\Jordan\AppData\Local\VirtualStore
2016-10-03 17:10 - 2016-10-03 17:10 - 00000020 ___SH C:\Users\Jordan\ntuser.ini
2016-10-03 17:10 - 2016-10-03 17:10 - 00000000 _SHDL C:\Users\Jordan\My Documents
2016-10-03 17:10 - 2016-10-03 17:10 - 00000000 _SHDL C:\Users\Jordan\Documents\My Videos
2016-10-03 17:10 - 2016-10-03 17:10 - 00000000 _SHDL C:\Users\Jordan\Documents\My Pictures
2016-10-03 17:10 - 2016-10-03 17:10 - 00000000 _SHDL C:\Users\Jordan\Documents\My Music
2016-10-03 17:10 - 2011-04-12 04:28 - 00000000 ____D C:\Users\Jordan\AppData\Roaming\Media Center Programs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 16:38 - 2009-07-14 01:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-29 16:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-10-29 16:10 - 2009-07-14 00:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-29 16:10 - 2009-07-14 00:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-29 16:02 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-24 20:23 - 2009-07-14 01:08 - 00008676 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-10 10:59 - 2009-07-14 00:45 - 00496224 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-07 21:05 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-10-03 20:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-10-03 19:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help
2016-10-03 19:12 - 2009-07-14 01:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-10-03 18:15 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-03 18:15 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-10-03 17:40 - 2016-06-20 17:29 - 00050008 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-10-03 17:40 - 2016-06-02 22:39 - 00126360 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-10-03 17:39 - 2016-06-20 17:51 - 00305496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-10-03 17:14 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries

==================== Files in the root of some directories =======

2016-10-04 21:39 - 2016-10-29 16:23 - 0000813 _____ () C:\Users\Jordan\AppData\Roaming\JORDAN-PC.MTBF.txt
2016-10-04 21:39 - 2016-10-29 19:05 - 0000958 _____ () C:\Users\Jordan\AppData\Roaming\__AvidCloudManager.log
2016-10-04 21:39 - 2016-10-29 18:15 - 0000786 _____ () C:\Users\Jordan\AppData\Roaming\__AvidCloudManagerPrevious.log
2016-10-04 21:40 - 2016-10-29 16:50 - 0004608 _____ () C:\Users\Jordan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-04 21:20 - 2016-10-26 23:24 - 0000600 _____ () C:\Users\Jordan\AppData\Local\PUTTY.RND

Some files in TEMP:
====================
C:\Users\Jordan\AppData\Local\Temp\libeay32.dll
C:\Users\Jordan\AppData\Local\Temp\msvcr120.dll
C:\Users\Jordan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-03 18:12

==================== End of FRST.txt ============================

Addition:
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2016
Ran by Jordan (29-10-2016 19:12:26)
Running from C:\Users\Jordan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-10-03 21:10:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2563237544-1932412345-1817232179-500 - Administrator - Disabled)
Guest (S-1-5-21-2563237544-1932412345-1817232179-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2563237544-1932412345-1817232179-1002 - Limited - Enabled)
Jordan (S-1-5-21-2563237544-1932412345-1817232179-1000 - Administrator - Enabled) => C:\Users\Jordan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

777 Captain (777-200) Base Pack [FSX/SE] Update 1.71 FSX-SE (HKLM-x32\...\x772_stm) (Version: 1.71 - © 1999-2016 Captain Sim)
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.6603 - CyberLink Corp.)
CyberLink Power2Go 10 (HKLM-x32\...\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}) (Version: 10.0.2522.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.5816.0 - CyberLink Corp.)
FileZilla Client 3.22.1 (HKLM-x32\...\FileZilla Client) (Version: 3.22.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Earth (HKLM-x32\...\{2C44ABB9-8621-4EF5-AF34-0886DCDA7C21}) (Version: 7.1.7.2600 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7369.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.10.115 - Corel Corporation)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.1.0.115 - Corel Corporation)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Soundbounce version 1.0a (HKLM-x32\...\{A1E1F8D8-BEA1-44A0-90DD-ECB5DF59A082}_is1) (Version: 1.0a - soundbounce.org)
Spotify (HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3126 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
XPax (HKLM-x32\...\{F2392BB6-52EF-4A0A-9A54-199AD0F2F3DA}) (Version: 0.00.0350 - HiFi Flightware)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2563237544-1932412345-1817232179-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2563237544-1932412345-1817232179-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {259B3A50-6259-4D83-9191-ED233CA205B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-03] (Google Inc.)
Task: {756CD365-E841-4E8D-9C25-78DFA1403520} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-07-11] (AO Kaspersky Lab)
Task: {7B19AB72-74EF-42D5-9C3A-8BCCB80548C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-03] (Google Inc.)
Task: {88591A53-49BA-464A-962C-5072DE06B4BA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {9108EE54-AAC5-41C5-9A23-DA5EFC77A5CE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-09] (Microsoft Corporation)
Task: {B198A1E1-A36C-4467-95AA-068DA782FA7D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-03 19:39 - 2016-09-16 18:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-10-07 21:12 - 2016-10-07 21:12 - 00959168 _____ () C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-10-03 10:57 - 2016-10-03 10:57 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-23 13:39 - 2016-10-20 04:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-23 13:39 - 2016-10-20 04:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-10-03 19:40 - 2016-06-14 16:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-03 20:05 - 2016-09-07 23:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-10-03 20:05 - 2016-08-31 21:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-10-03 20:05 - 2016-08-31 21:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-10-03 20:05 - 2016-08-31 21:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-10-03 20:05 - 2016-10-12 21:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-10-03 20:05 - 2016-01-27 03:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-03 20:05 - 2016-01-27 03:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-03 20:05 - 2016-01-27 03:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-03 20:05 - 2016-01-27 03:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-03 20:05 - 2016-01-27 03:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-10-03 20:05 - 2016-10-12 21:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-03 20:05 - 2016-07-04 18:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-29 16:03 - 2016-10-29 16:03 - 00098816 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32api.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00110080 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\pywintypes27.dll
2016-10-29 16:03 - 2016-10-29 16:03 - 00364544 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\pythoncom27.dll
2016-10-29 16:03 - 2016-10-29 16:03 - 00320512 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32com.shell.shell.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00776704 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_hashlib.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 01176576 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._core_.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00806400 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._gdi_.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00816128 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._windows_.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 01067008 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._controls_.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00733184 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._misc_.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00682496 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\pysqlite2._sqlite.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00088064 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_ctypes.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00119808 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32file.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00108544 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32security.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00007168 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\hashobjs_ext.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00017920 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\thumbnails_ext.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00088064 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\usb_ext.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00012800 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\common.time34.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00018432 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32event.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00167936 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32gui.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00046080 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_socket.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 01208320 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_ssl.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00128512 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_elementtree.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00127488 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\pyexpat.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00038912 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32inet.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00036864 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_psutil_windows.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00525208 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\windows._lib_cacheinvalidation.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00011264 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32crypt.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00077312 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._html2.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00027136 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_multiprocessing.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00020480 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\_yappi.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00035840 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32process.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00686080 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\unicodedata.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00078848 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._animate.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00123392 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\wx._wizard.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00024064 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32pipe.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00010240 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\select.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00025600 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32pdh.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00017408 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32profile.pyd
2016-10-29 16:03 - 2016-10-29 16:03 - 00022528 ____R () C:\Users\Jordan\AppData\Local\Temp\_MEI37842\win32ts.pyd
2016-10-07 21:12 - 2016-10-07 21:12 - 00679624 _____ () C:\Users\Jordan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-10-14 20:54 - 2016-08-04 16:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-10-16 16:39 - 2016-01-28 03:45 - 00626104 _____ () C:\Program Files (x86)\CyberLink\Power2Go10\CLMediaLibrary.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2563237544-1932412345-1817232179-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0CC9A52F-C4E2-4204-8F36-D263B308788D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{632A10B5-B343-4F8F-8EC1-908320E7913B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{034AB3B6-3496-4C34-911E-F50C960CC0CD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C752D002-0E5A-4DC2-86A8-D07A5CF45A4E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C3833C7-4905-44C2-9A23-516CB5FAF2B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{17588DA4-3B9C-4CC6-A2F2-02893BDC6739}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6517C106-96B4-409C-B9E6-FE6EED23D07E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C0DFB09D-EC14-4EB8-94CE-FF5C1C5A3EB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5960E90-252A-4215-8FED-22093AF477E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FEE3858E-BD35-478C-8E5B-16FD6D6926B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F8798B5-84A6-4510-9B48-5C5F7FC928E0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{24BF7D26-6D50-4EAE-AD2E-C5DDD894BDC4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{95D9D75E-5632-4381-ACB8-81B4B55EB12E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{33719AEC-6A70-4BED-843E-92A40BD77CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{F598006B-07AF-4324-A71C-8FBB82AA2287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{F199CBC7-5FBE-416E-A6AA-D1B3FB98BB52}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{ADC709B0-931D-4C25-B418-AECB8BE8A462}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{F8F4EA0E-47CC-4E2C-9367-AE8F3E0B993A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{13EDEC83-5F05-40E8-B527-B19F5174FA63}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{7125AF73-FC11-44C4-A57F-91E630001716}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{E89A49B7-F7D9-4623-851A-04178ED82F73}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{E1FD6198-6E4B-4D44-A4AD-8F778A57EE87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4DBDF475-6A13-4E50-8971-BD67502323E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-10-2016 16:38:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
16-10-2016 16:40:03 Installed LabelPrint
29-10-2016 15:51:25 JRT Pre-Junkware Removal
29-10-2016 16:09:01 Installed Sophos Virus Removal Tool.

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2016 04:04:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/29/2016 03:47:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/28/2016 01:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/27/2016 11:11:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/26/2016 09:28:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/25/2016 08:15:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/24/2016 08:25:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/24/2016 08:22:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c8f9
Exception code: 0xc0000374
Fault offset: 0x00000000000c40f2
Faulting process id: 0x1d8
Faulting application start time: 0x01d22e552f1fabdc
Faulting application path: C:\Windows\system32\svchost.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 2467703d-9a49-11e6-ba92-e06995daf5de

Error: (10/24/2016 08:19:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/24/2016 11:12:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Office Software Protection Platform service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kaspersky Secure Connection Service 1.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft .NET Framework NGEN v4.0.30319_X64 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/29/2016 04:01:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/29/2016 04:01:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/29/2016 04:01:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2016-10-03 17:40:43.578
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-03 17:40:43.576
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-03 17:40:43.574
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-03 17:40:43.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8172.31 MB
Available physical RAM: 4173.73 MB
Total Virtual: 16342.82 MB
Available Virtual: 12106.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.26 GB) (Free:1270.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: () (Fixed) (Total:149.04 GB) (Free:6.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 6D84B434)
Partition 1: (Active) - (Size=1397.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 48E2519E)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • Root Admin

Okay, let me have you run the following please.

Please visit this web page and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

  • Root Admin

Looks pretty good. Let me have you run this temp cleaner.

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Then restart the computer and reset your browsers.

 

Please visit each of the following sites and let's reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome

I would like to reset Chrome back to defaults to completely clear out what is going on with Chrome.

You can keep your “Bookmarks” if you want to keep them, but you have to export them first – >> Export Bookmarks << – Everything else should be removed.

Then I need you to go to >> Google Sync << and sign into your account.
Scroll down until you see the reset sync button and click on the button
At the prompt click on Ok.

.
Reset Your Browser Settings
.

  1. In the top-right corner of the browser window, click the “Chrome Menu” icon (Three horizontal lines)
  2. Select Settings.
  3. At the bottom, click Show advanced settings…
  4. Scroll down until you see “Reset settings”, Then click on the button Reset Settings.
  5. In the dialog that appears, click Reset.

.
Close Chrome and restart it and check it out for me please

Link to post
Share on other sites

  • Root Admin

At this time the logs look pretty good. You may want to run a disk check and then try the Windows Updates again. If still an issue may need to work in the PC Help section for assistance with that issue.

As far as malware are you seeing any other issues anymore?

 

Link to post
Share on other sites

  • Root Admin

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
 
bwebb7v.jpgDownload Delfix from here and save it to your desktop. (you may already have this)

  • Ensure Remove disinfection tools is checked.
  • Click the Run button.
  • Reboot


Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.


 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.