Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Win32 CTX virus? Or false positive [Solved]


  • This topic is locked This topic is locked

#1
sheck910

sheck910

    Member

  • Member
  • PipPip
  • 17 posts

Hello,

    My AVG has been picking up two seperate possible infections.  Win32 CTX and also WIN32 Heur 

After running several removal programs in safe mode I'm still receiving said notifications. 

 

I have also read that this could be an AVG issue relating to false positives.   

 

If AVG is the issue I'm willing to switch with expert advice to another program.  

 

Here is my FRST Log - thanks in advance for all your help 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Jamie (administrator) on JAMIE-PC (20-03-2016 08:37:06)
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie & DefaultAppPool (Available Profiles: Jamie & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-07] (Google Inc.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series (Copy 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-06] (Glarysoft Ltd)
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\RunOnce: [Uninstall C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\B-Link Wireless Utility.lnk [2016-01-10]
ShortcutTarget: B-Link Wireless Utility.lnk -> C:\Program Files (x86)\B-Link\Common\RaUI.exe (B-Link Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2015-09-23]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
BootExecute: autocheck autochk *  bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e146362e-446f-4d00-8d29-27b8870b4eec}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\3o3gxhf2.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://sharepoint/C1/C2/C4/Performance%20Reports/default.aspx
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-15]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 B-LinkCU; C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-25] (SurfRight B.V.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RalinkRegistryWriter; C:\Program Files (x86)\B-Link\Common\RaRegistry.exe [383280 2013-03-27] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe [452912 2013-02-04] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-02-22] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-02-28] (Glarysoft Ltd)
U4 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [49584 2016-03-20] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-02-25] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-20 08:37 - 2016-03-20 08:37 - 00020127 _____ C:\Users\Jamie\Desktop\FRST.txt
2016-03-20 08:36 - 2016-03-20 08:37 - 00000000 ____D C:\FRST
2016-03-20 08:33 - 2016-03-20 08:35 - 02374144 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe
2016-03-20 07:54 - 2016-03-20 07:54 - 00049584 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-03-18 21:46 - 2016-03-18 21:46 - 00001313 _____ C:\Users\Jamie\Desktop\Todoist.lnk
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Doist_Ltd
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\CEF
2016-03-18 21:45 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Todoist
2016-03-16 13:27 - 2016-03-16 13:27 - 00041470 _____ C:\Users\Jamie\Downloads\manfred-klein_irish-unci-alphabet.zip
2016-03-16 13:27 - 2016-03-16 13:27 - 00036801 _____ C:\Users\Jamie\Downloads\astigmatic-one-eye-typographic-institute_uncial-antiqua.zip
2016-03-15 10:37 - 2016-03-15 10:37 - 00347816 _____ C:\Users\Jamie\Downloads\095952238523 (1).pdf
2016-03-14 21:23 - 2016-03-18 21:45 - 27704576 _____ (Doist Ltd. ) C:\Users\Jamie\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe
2016-03-13 12:14 - 2016-03-13 12:51 - 00012003 _____ C:\Users\Jamie\Desktop\avgrep.txt
2016-03-13 12:11 - 2016-03-13 12:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 12:08 - 2016-03-13 12:11 - 01524224 _____ C:\Users\Jamie\Downloads\AdwCleaner (1).exe
2016-03-13 12:06 - 2016-03-13 12:06 - 00000344 _____ C:\Users\Jamie\Desktop\Virus Removal.txt
2016-03-12 17:41 - 2016-03-12 17:45 - 04952064 _____ C:\Users\Jamie\Downloads\DesktopGadgetsInstaller.zip
2016-03-11 07:58 - 2016-03-11 07:58 - 00000029 _____ C:\Users\Jamie\Documents\Ebay Pending.txt
2016-03-11 07:09 - 2016-03-11 07:09 - 00005422 _____ C:\Users\Jamie\Documents\cc_20160311_060921.reg
2016-03-11 07:04 - 2016-03-11 07:07 - 15576432 _____ C:\Users\Jamie\Downloads\Glary_Utilities_v5.46.0.66.exe
2016-03-10 21:58 - 2016-03-10 21:58 - 00058292 _____ C:\Users\Jamie\Downloads\ufonts.com_lucidity-ballpoint.ttf
2016-03-10 08:29 - 2016-03-10 08:29 - 00347980 _____ C:\Users\Jamie\Downloads\095952238523.pdf
2016-03-09 06:40 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 06:40 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 06:40 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 05:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 06:40 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 06:40 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 06:40 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 06:40 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 06:40 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 06:40 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 06:40 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 06:40 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 06:40 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 06:40 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 06:40 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 06:40 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 06:40 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 04:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 06:40 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 06:40 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 06:40 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 06:40 - 2016-02-24 03:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 06:40 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 06:40 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 06:40 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 06:40 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 06:40 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 06:40 - 2016-02-24 03:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 06:40 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 06:40 - 2016-02-24 03:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 06:40 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 06:40 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 06:40 - 2016-02-24 03:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 06:40 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 06:40 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 06:40 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 06:40 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 06:40 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 06:40 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 06:40 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 06:40 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 06:40 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 06:40 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 06:40 - 2016-02-24 02:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 06:40 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 06:40 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 06:40 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 06:40 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 06:40 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 06:40 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 06:40 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 06:40 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 06:40 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 06:40 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 06:40 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 06:40 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 06:40 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 06:40 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 06:40 - 2016-02-24 02:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 06:40 - 2016-02-24 02:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 06:40 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 06:40 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 06:40 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 06:40 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 06:40 - 2016-02-24 02:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 06:40 - 2016-02-24 02:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 06:40 - 2016-02-24 01:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 06:40 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 06:40 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 06:40 - 2016-02-24 01:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 06:40 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 06:40 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 06:40 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 06:40 - 2016-02-24 00:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 06:40 - 2016-02-24 00:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 06:39 - 2016-02-24 03:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 06:39 - 2016-02-24 03:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 06:39 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 06:39 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 06:39 - 2016-02-24 02:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 06:39 - 2016-02-24 02:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-07 21:11 - 2016-03-07 21:11 - 49028362 _____ C:\Users\Jamie\Downloads\Ash Blank Mock.psd
2016-03-07 21:04 - 2016-03-07 21:04 - 20941601 _____ C:\Users\Jamie\Downloads\wg_free_tee_mockup.zip
2016-03-03 20:28 - 2016-03-03 20:28 - 00001053 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-03-03 20:12 - 2016-03-03 20:13 - 00051443 _____ C:\Users\Jamie\Downloads\seangc.zip
2016-03-03 20:09 - 2016-03-03 20:09 - 00055425 _____ C:\Users\Jamie\Downloads\seantgc.zip
2016-03-03 15:35 - 2016-03-03 15:35 - 00265376 _____ C:\Users\Jamie\Documents\NCInvolvement logo.pdf
2016-03-03 14:30 - 2016-03-03 14:30 - 00494594 _____ C:\Users\Jamie\Downloads\cat-in-the-hat-354D450E-logoeps.com.zip
2016-03-03 13:43 - 2016-03-03 13:43 - 00210419 _____ C:\Users\Jamie\Downloads\the-fontry_jackport-college-ncv (2).zip
2016-03-02 13:41 - 2016-02-23 07:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 06:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 13:41 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 13:41 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 13:41 - 2016-02-23 05:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 13:41 - 2016-02-23 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 13:41 - 2016-02-23 04:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 13:41 - 2016-02-23 04:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 13:41 - 2016-02-23 04:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 03:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 13:41 - 2016-02-23 03:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 13:41 - 2016-02-23 03:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 13:41 - 2016-02-23 03:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 13:41 - 2016-02-23 02:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 13:41 - 2016-02-23 02:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 13:41 - 2016-02-23 02:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 13:41 - 2016-02-23 02:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 13:41 - 2016-02-23 02:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 13:41 - 2016-02-08 23:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 13:41 - 2016-02-08 23:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 13:41 - 2016-02-08 23:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 07:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 13:40 - 2016-02-23 06:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 13:40 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 13:40 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 13:40 - 2016-02-23 06:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 13:40 - 2016-02-23 06:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 13:40 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 13:40 - 2016-02-23 05:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 13:40 - 2016-02-23 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 13:40 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 13:40 - 2016-02-23 04:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 13:40 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 13:40 - 2016-02-23 04:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 13:40 - 2016-02-23 04:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 13:40 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 13:40 - 2016-02-23 03:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 13:40 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 13:40 - 2016-02-23 02:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 13:40 - 2016-02-23 02:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 13:39 - 2016-02-23 07:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 13:39 - 2016-02-23 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 06:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 13:39 - 2016-02-23 05:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 13:39 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 13:39 - 2016-02-23 05:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 13:39 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 13:39 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 13:39 - 2016-02-23 05:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 13:39 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 13:39 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 13:39 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 04:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 13:39 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 13:39 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 13:39 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 13:39 - 2016-02-23 04:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 13:39 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 13:39 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 13:39 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 04:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 13:39 - 2016-02-23 04:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 13:39 - 2016-02-23 04:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 04:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 13:39 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 13:39 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 13:39 - 2016-02-23 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 13:39 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 13:39 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 13:39 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 13:39 - 2016-02-23 03:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 13:39 - 2016-02-23 03:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 13:39 - 2016-02-23 03:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 13:39 - 2016-02-23 03:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 13:39 - 2016-02-23 03:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 13:39 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 13:39 - 2016-02-23 02:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 13:39 - 2016-02-23 02:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 13:39 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 13:39 - 2016-02-23 02:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 13:39 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 13:39 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 13:38 - 2016-02-23 07:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 13:38 - 2016-02-23 07:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 13:38 - 2016-02-23 07:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 13:38 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 13:38 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 13:38 - 2016-02-23 07:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 13:38 - 2016-02-23 06:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 13:38 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 13:38 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 13:38 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 13:38 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 13:38 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 13:38 - 2016-02-23 05:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 13:38 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 13:38 - 2016-02-23 05:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 13:38 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 13:38 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 13:38 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 13:38 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 13:38 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 13:38 - 2016-02-23 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 13:38 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 13:38 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 13:38 - 2016-02-23 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 13:38 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 13:38 - 2016-02-23 04:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 13:38 - 2016-02-23 04:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 13:38 - 2016-02-23 04:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 13:38 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 13:38 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 13:38 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 13:38 - 2016-02-23 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 13:38 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 13:38 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 13:38 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 13:38 - 2016-02-23 04:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 04:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 13:38 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 13:38 - 2016-02-23 04:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 13:38 - 2016-02-23 04:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 13:38 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 13:38 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 13:38 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 13:38 - 2016-02-23 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 13:38 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 13:38 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 13:38 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 13:38 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 13:38 - 2016-02-23 03:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 13:38 - 2016-02-23 03:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 13:38 - 2016-02-23 03:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 13:38 - 2016-02-23 03:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 13:38 - 2016-02-23 03:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 13:38 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 13:38 - 2016-02-23 02:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 13:38 - 2016-02-23 02:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 13:38 - 2016-02-09 00:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 13:38 - 2016-02-09 00:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 13:38 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 13:38 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 11:21 - 2016-03-02 11:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-02-29 22:19 - 2016-02-29 22:19 - 00004381 _____ C:\Users\Jamie\Downloads\Hill-House.zip
2016-02-28 14:41 - 2016-02-28 14:41 - 00891392 _____ (Farbar) C:\Users\Jamie\Downloads\MiniToolBox.exe
2016-02-28 14:41 - 2016-02-28 14:41 - 00029512 _____ C:\Users\Jamie\Downloads\MTB.txt
2016-02-28 14:25 - 2016-03-20 07:52 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003382 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2016-02-28 14:25 - 2016-03-11 07:07 - 00003028 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2016-02-28 14:25 - 2016-03-11 07:07 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-03-11 07:07 - 00001155 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-02-28 14:25 - 2016-02-28 14:25 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\GlarySoft
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\DiskDefrag
2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-02-28 14:24 - 2016-02-28 14:25 - 15575176 _____ C:\Users\Jamie\Downloads\gu5setup.exe
2016-02-28 14:17 - 2016-02-28 14:17 - 00039390 _____ C:\Users\Jamie\Documents\cc_20160228_131743.reg
2016-02-27 14:17 - 2016-02-27 14:17 - 00012884 _____ C:\Users\Jamie\Downloads\glyphobet-font-foundry_ripple.zip
2016-02-27 14:16 - 2016-02-27 14:16 - 00032668 _____ C:\Users\Jamie\Downloads\Eccentric.otf
2016-02-27 14:15 - 2016-02-27 14:15 - 00014401 _____ C:\Users\Jamie\Downloads\bad_acid.zip
2016-02-24 14:30 - 2016-02-27 20:29 - 00000000 ____D C:\AdwCleaner
2016-02-24 14:30 - 2016-02-24 14:30 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Jamie\Downloads\rkill.exe
2016-02-24 14:30 - 2016-02-24 14:30 - 01511936 _____ C:\Users\Jamie\Downloads\AdwCleaner.exe
2016-02-24 14:28 - 2016-02-24 14:28 - 05200384 _____ (AVAST Software) C:\Users\Jamie\Downloads\aswmbr.exe
2016-02-24 14:21 - 2016-02-24 14:21 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jamie\Downloads\HijackThis.exe
2016-02-23 21:17 - 2016-02-23 21:17 - 00006244 _____ C:\rapport.txt
2016-02-23 21:17 - 2016-02-23 21:17 - 00003480 _____ C:\WINDOWS\SysWOW64\tmp.reg
2016-02-23 21:17 - 2016-02-23 21:17 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp.txt
2016-02-23 21:16 - 2016-02-23 21:17 - 00000000 ____D C:\Users\Jamie\Downloads\SmitfraudFix
2016-02-23 21:16 - 2009-06-02 12:17 - 00075776 _____ C:\WINDOWS\SysWOW64\WS2Fix.exe
2016-02-23 21:16 - 2008-12-12 02:57 - 00078336 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\Agent.OMZ.Fix.exe
2016-02-23 21:16 - 2008-11-29 19:58 - 00082944 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\IEDFix.C.exe
2016-02-23 21:16 - 2008-10-01 16:51 - 00087552 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\VACFix.exe
2016-02-23 21:16 - 2008-09-20 13:45 - 00080384 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\o4Patch.exe
2016-02-23 21:16 - 2008-08-18 13:19 - 00082432 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\404Fix.exe
2016-02-23 21:16 - 2008-05-18 22:40 - 00082944 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\IEDFix.exe
2016-02-23 21:16 - 2007-09-06 01:22 - 00289144 _____ (S!Ri) C:\WINDOWS\SysWOW64\VCCLSID.exe
2016-02-23 21:16 - 2006-12-01 07:20 - 00079360 _____ (SteelWerX) C:\WINDOWS\SysWOW64\swxcacls.exe
2016-02-23 21:16 - 2006-08-29 20:43 - 00135168 _____ (SteelWerX) C:\WINDOWS\SysWOW64\swreg.exe
2016-02-23 21:16 - 2006-04-27 18:49 - 00288417 _____ (S!Ri) C:\WINDOWS\SysWOW64\SrchSTS.exe
2016-02-23 21:16 - 2006-01-09 11:36 - 00040960 _____ C:\WINDOWS\SysWOW64\swsc.exe
2016-02-23 21:16 - 2004-07-31 19:50 - 00051200 _____ C:\WINDOWS\SysWOW64\dumphive.exe
2016-02-23 21:16 - 2003-06-05 22:13 - 00053248 _____ (hxxp://www.beyondlogic.org) C:\WINDOWS\SysWOW64\Process.exe
2016-02-23 20:47 - 2016-02-23 21:16 - 01885088 _____ C:\Users\Jamie\Downloads\SmitfraudFix.exe
2016-02-23 20:42 - 2016-03-17 19:44 - 00003956 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1456274510
2016-02-23 20:42 - 2016-02-23 20:42 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Opera Software
2016-02-23 20:42 - 2016-02-23 20:42 - 00000000 ____D C:\Users\Jamie\AppData\Local\Opera Software
2016-02-23 20:41 - 2016-03-17 19:44 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-23 20:41 - 2016-03-17 19:44 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-23 20:41 - 2016-02-23 20:41 - 00001210 _____ C:\Users\Public\Desktop\Opera.lnk
2016-02-23 20:38 - 2016-02-23 20:40 - 00725584 _____ (Opera Software) C:\Users\Jamie\Downloads\Opera_NI_stable.exe
2016-02-23 20:20 - 2016-02-23 20:20 - 01270466 _____ C:\Users\Jamie\Downloads\ProcessExplorer.zip
2016-02-22 16:57 - 2016-02-22 16:57 - 05657688 _____ (Swearware) C:\Users\Jamie\Downloads\ComboFix.exe
2016-02-22 16:57 - 2016-02-22 16:57 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Jamie\Downloads\SpyHunter-Installer.exe
2016-02-20 13:44 - 2016-02-20 13:44 - 00471247 _____ C:\Users\Jamie\Downloads\ActionFonts.zip
2016-02-20 13:30 - 2016-02-20 13:30 - 00026328 _____ C:\Users\Jamie\Downloads\comic_james.zip
2016-02-19 13:36 - 2016-02-19 13:36 - 00000000 ___HD C:\OneDriveTemp
2016-02-19 13:23 - 2016-03-13 13:12 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-19 13:22 - 2016-02-19 13:22 - 00000000 ____D C:\WINDOWS\pss
2016-02-19 13:18 - 2016-02-19 13:18 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-20 08:30 - 2015-09-21 05:33 - 00000000 ____D C:\Users\Jamie\Documents\Outlook Files
2016-03-20 08:13 - 2015-10-15 15:00 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A918490-054D-4144-A030-7D635FECCB6B}
2016-03-20 08:05 - 2015-09-20 17:36 - 00000000 ____D C:\Users\Jamie\Desktop\T-shirts
2016-03-20 07:56 - 2015-12-18 00:11 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-20 07:56 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-20 07:51 - 2015-09-20 16:35 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-20 07:50 - 2016-02-16 08:31 - 00002411 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-03-20 07:50 - 2015-09-20 16:35 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-20 07:49 - 2015-12-18 00:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-20 07:49 - 2015-12-18 00:06 - 05011288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-20 07:49 - 2015-09-20 18:21 - 00000200 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-03-20 07:48 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-20 07:27 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-03-20 07:06 - 2015-09-20 16:25 - 00000000 ____D C:\ProgramData\MFAData
2016-03-20 06:53 - 2016-02-15 07:53 - 00000366 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie).job
2016-03-19 12:05 - 2015-09-20 18:21 - 00000228 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2016-03-18 19:21 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-18 13:44 - 2015-09-21 12:37 - 00000132 _____ C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-03-17 19:07 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-14 20:53 - 2015-09-20 16:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:53 - 2015-09-20 16:35 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-14 10:09 - 2016-01-28 08:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-13 17:37 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-13 12:52 - 2016-01-10 17:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-13 07:56 - 2015-11-07 11:30 - 00000000 ____D C:\Users\Jamie\AppData\Local\ElevatedDiagnostics
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-03-11 13:11 - 2015-09-20 16:44 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 13:11 - 2015-09-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 08:08 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-11 07:07 - 2016-02-18 09:13 - 00000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2016-03-11 04:36 - 2015-12-18 00:12 - 00000000 ____D C:\Users\Jamie
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 07:39 - 2014-08-04 16:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 07:34 - 2014-08-04 16:15 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:10 - 2015-09-20 17:53 - 00000000 ____D C:\Users\Jamie\Desktop\Ebayready
2016-03-04 08:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 15:46 - 2015-09-20 17:39 - 00000000 ____D C:\Users\Jamie\Documents\T-shirts
2016-03-03 06:44 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 04:32 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 15:34 - 2015-10-20 09:16 - 00000000 ____D C:\Users\Jamie\Desktop\2016 Tee Work
2016-02-25 20:18 - 2015-11-20 15:56 - 00000000 ____D C:\Users\Jamie\Desktop\ZavaJams Setlist Archive
2016-02-25 15:57 - 2015-12-18 00:12 - 00000000 ____D C:\Users\DefaultAppPool
2016-02-25 15:43 - 2016-02-16 13:36 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-25 13:08 - 2016-02-16 13:36 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-24 14:34 - 2015-10-08 19:36 - 00001063 _____ C:\Users\Jamie\Desktop\Internet Explorer.lnk
2016-02-24 14:33 - 2015-09-27 16:48 - 00000000 ___RD C:\Users\Jamie\OneDrive
2016-02-24 06:39 - 2015-12-18 06:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-22 17:20 - 2015-09-29 06:17 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-02-22 17:20 - 2015-09-29 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-22 17:19 - 2015-09-29 06:17 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-02-22 17:19 - 2015-09-29 06:16 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
 
==================== Files in the root of some directories =======
 
2015-09-21 12:37 - 2016-03-18 13:44 - 0000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-20 08:15
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nothing readily apparent, which file is it reporting as infected ?
  • 0

#3
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Let me check to see if I can find the AVG log

 

thank you for your time reading over the post 


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I believe it may be a false positive as it is a heuristic detection
  • 0

#5
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

thanks again - here is the info as AVG just flagged it once more with a New Zperm added into the mix

 

"";"Virus found Win32/Zperm, c:\Windows\Temp\927b2233-8dd4-4e49-93eb-02208aa1e0c1\tmp00007183\tmp00009367";"Unresolved"
"";"Virus found Win32/Heur, c:\Windows\Temp\927b2233-8dd4-4e49-93eb-02208aa1e0c1\tmp00007183\tmp000089f0";"Secured"

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK they are in the temp folders so lets clear them...  Are you experiencing any problems

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#7
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

thanks again for your time and efforts, I more than appreciate the assistance.

 

Here are the two requested logs.  I do not think I have any serious problems.  

 

I have noticed slow browser performance right after they started popping up. 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Jamie (2016-03-21 14:57:48) Run:1
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {2BA9B2FB-8595-4F58-A406-250F013DDB91}.
Unable to cancel {6EB2E3F0-684D-44B1-98C3-114F17231121}.
Unable to cancel {54A307C6-6DDF-4D3F-85C2-E8D7DDA10BCA}.
Unable to cancel {DC371580-A6E9-473A-A83E-5556704E5658}.
Unable to cancel {ACF5F127-7C6D-4B48-B776-2FE554F77C4C}.
Unable to cancel {089B847D-F643-4B75-9587-494F8C203B72}.
0 out of 6 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 802.2 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 14:59:08 ====
 
 
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-03-21 15:02:21
-----------------------------
15:02:21.523    OS Version: Windows x64 6.2.9200 
15:02:21.523    Number of processors: 2 586 0x170A
15:02:21.523    ComputerName: JAMIE-PC  UserName: Jamie
15:02:27.757    Initialize success
15:02:27.914    VM: initialized successfully
15:02:27.914    VM: Intel CPU BiosDisabled 
15:03:57.766    AVAST engine defs: 16032100
15:05:28.876    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
15:05:28.891    Disk 0 Vendor: HITACHI_HUA722010ALA330 JP4ONS01 Size: 953869MB BusType: 3
15:05:29.079    Disk 0 MBR read successfully
15:05:29.094    Disk 0 MBR scan
15:05:29.094    Disk 0 unknown MBR code
15:05:29.110    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          500 MB offset 2048
15:05:29.126    Disk 0 Partition 2 00     27 Hidden NTFS WinRE NTFS         9000 MB offset 1026048
15:05:29.141    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS       944365 MB offset 19458048
15:05:29.204    Disk 0 scanning C:\WINDOWS\system32\drivers
15:05:44.673    Service scanning
15:06:16.626    Modules scanning
15:06:16.626    Disk 0 trace - called modules:
15:06:16.641    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys hal.dll 
15:06:16.641    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001e64f3060]
15:06:16.641    3 CLASSPNP.SYS[fffff800fd0b7d95] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xffffe001e602c060]
15:06:18.876    AVAST engine scan C:\WINDOWS
15:06:23.141    AVAST engine scan C:\WINDOWS\system32
15:08:58.131    AVAST engine scan C:\WINDOWS\system32\drivers
15:09:09.928    File: C:\WINDOWS\system32\drivers\hitmanpro37.sys **HIDDEN**
15:09:11.537    AVAST engine scan C:\Users\Jamie
15:18:28.712    AVAST engine scan C:\ProgramData
15:20:21.213    Disk 0 statistics 3794250/0/0 @ 2.69 MB/s
15:20:21.213    Scan finished successfully
15:25:01.135    Disk 0 MBR has been saved successfully to "C:\Users\Jamie\Desktop\MBR.dat"
15:25:01.135    The log file has been saved successfully to "C:\Users\Jamie\Desktop\aswMBR.txt"
 
 

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
All looks clean, has the browsing speed improved any ?
  • 0

#9
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Awesome! Appears to have sped up some  

 

Many, Many thanks!!! 


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

Advertisements


#11
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

done and done!  I will let you know if anything pops up in the next day or so 

 

I will also be making a PP donation tomorrow 

 

The ability to gain knowledge, repair issues and prevent further ones is a more than worthy cause 


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
:)
  • 0

#13
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

starting to get the same popup's in AVG - I will rerun above temp cleaner and update tomorrow 


  • 0

#14
sheck910

sheck910

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

here are the latest scan logs

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Jamie (2016-03-23 21:05:50) Run:1
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 758.6 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 21:06:55 ====
 
 
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-03-23 21:12:08
-----------------------------
21:12:08.764    OS Version: Windows x64 6.2.9200 
21:12:08.764    Number of processors: 2 586 0x170A
21:12:08.764    ComputerName: JAMIE-PC  UserName: Jamie
21:12:13.337    Initialize success
21:12:13.405    VM: initialized successfully
21:12:13.406    VM: Intel CPU BiosDisabled 
21:15:02.763    AVAST engine defs: 16032300
21:17:14.514    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
21:17:14.514    Disk 0 Vendor: HITACHI_HUA722010ALA330 JP4ONS01 Size: 953869MB BusType: 3
21:17:14.622    Disk 0 MBR read successfully
21:17:14.622    Disk 0 MBR scan
21:17:14.638    Disk 0 unknown MBR code
21:17:14.654    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          500 MB offset 2048
21:17:14.654    Disk 0 Partition 2 00     27 Hidden NTFS WinRE NTFS         9000 MB offset 1026048
21:17:14.677    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS       944365 MB offset 19458048
21:17:14.707    Disk 0 scanning C:\WINDOWS\system32\drivers
21:17:22.864    Service scanning
21:17:47.532    Modules scanning
21:17:47.539    Disk 0 trace - called modules:
21:17:47.551    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys 
21:17:47.555    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00056568060]
21:17:47.559    3 CLASSPNP.SYS[fffff8013c457d95] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xffffe00056030060]
21:17:49.424    AVAST engine scan C:\WINDOWS
21:17:51.833    AVAST engine scan C:\WINDOWS\system32
21:20:33.391    AVAST engine scan C:\WINDOWS\system32\drivers
21:20:55.123    AVAST engine scan C:\Users\Jamie
21:27:58.664    AVAST engine scan C:\ProgramData
21:29:04.112    Disk 0 statistics 3794117/0/0 @ 3.62 MB/s
21:29:04.112    Scan finished successfully
21:36:47.259    Disk 0 MBR has been saved successfully to "C:\Users\Jamie\Desktop\MBR.dat"
21:36:47.259    The log file has been saved successfully to "C:\Users\Jamie\Desktop\aswMBR.txt"
 
 

  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I think that you will find that this appears after you run spybot. Could you temporarily uninstall that and scan again
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP