Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Possible Win32 CTX virus? Or false positive [Solved]

Started by sheck910 , Mar 20 2016 06:51 AM

This topic is locked

#1
sheck910

Posted 20 March 2016 - 06:51 AM

Member

Member
17 posts

Hello,

My AVG has been picking up two seperate possible infections. Win32 CTX and also WIN32 Heur

After running several removal programs in safe mode I'm still receiving said notifications.

I have also read that this could be an AVG issue relating to false positives.

If AVG is the issue I'm willing to switch with expert advice to another program.

Here is my FRST Log - thanks in advance for all your help

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01

Ran by Jamie (administrator) on JAMIE-PC (20-03-2016 08:37:06)

Running from C:\Users\Jamie\Desktop

Loaded Profiles: Jamie & DefaultAppPool (Available Profiles: Jamie & DefaultAppPool)

Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Edge)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe

(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry.exe

() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe

(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe

(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe

(Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtWLan.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchk.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [] => [X]

HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()

HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-07] (Google Inc.)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [EPSON Artisan 50 Series (Copy 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-06] (Glarysoft Ltd)

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\...\RunOnce: [Uninstall C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"

HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)

HKU\S-1-5-18\...\Run: [EPSON Artisan 50 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFA.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION)

HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\B-Link Wireless Utility.lnk [2016-01-10]

ShortcutTarget: B-Link Wireless Utility.lnk -> C:\Program Files (x86)\B-Link\Common\RaUI.exe (B-Link Technology, Corp.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2015-09-23]

ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)

BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{e146362e-446f-4d00-8d29-27b8870b4eec}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:

========

FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\3o3gxhf2.default

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)

Chrome:

=======

CHR HomePage: Default -> hxxp://sharepoint/C1/C2/C4/Performance%20Reports/default.aspx

CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]

CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]

CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]

CHR Extension: (Video AdBlock for Chrome) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-15]

CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]

CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]

CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]

CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]

CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]

CHR HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)

R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)

R2 B-LinkCU; C:\Program Files (x86)\B-Link\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)

R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-25] (SurfRight B.V.)

R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()

R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 RalinkRegistryWriter; C:\Program Files (x86)\B-Link\Common\RaRegistry.exe [383280 2013-03-27] (Ralink Technology, Corp.)

R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe [452912 2013-02-04] (Ralink Technology, Corp.)

S3 RaMediaServer; C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-02-22] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)

R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)

R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-02-28] (Glarysoft Ltd)

U4 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [49584 2016-03-20] ()

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated)

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-02-25] ()

S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 08:37 - 2016-03-20 08:37 - 00020127 _____ C:\Users\Jamie\Desktop\FRST.txt

2016-03-20 08:36 - 2016-03-20 08:37 - 00000000 ____D C:\FRST

2016-03-20 08:33 - 2016-03-20 08:35 - 02374144 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe

2016-03-20 07:54 - 2016-03-20 07:54 - 00049584 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys

2016-03-18 21:46 - 2016-03-18 21:46 - 00001313 _____ C:\Users\Jamie\Desktop\Todoist.lnk

2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist

2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Doist_Ltd

2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\CEF

2016-03-18 21:45 - 2016-03-18 21:46 - 00000000 ____D C:\Users\Jamie\AppData\Local\Todoist

2016-03-16 13:27 - 2016-03-16 13:27 - 00041470 _____ C:\Users\Jamie\Downloads\manfred-klein_irish-unci-alphabet.zip

2016-03-16 13:27 - 2016-03-16 13:27 - 00036801 _____ C:\Users\Jamie\Downloads\astigmatic-one-eye-typographic-institute_uncial-antiqua.zip

2016-03-15 10:37 - 2016-03-15 10:37 - 00347816 _____ C:\Users\Jamie\Downloads\095952238523 (1).pdf

2016-03-14 21:23 - 2016-03-18 21:45 - 27704576 _____ (Doist Ltd. ) C:\Users\Jamie\Downloads\Todoist_for_Windows_Desktop_2_7_6.exe

2016-03-13 12:14 - 2016-03-13 12:51 - 00012003 _____ C:\Users\Jamie\Desktop\avgrep.txt

2016-03-13 12:11 - 2016-03-13 12:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner

2016-03-13 12:08 - 2016-03-13 12:11 - 01524224 _____ C:\Users\Jamie\Downloads\AdwCleaner (1).exe

2016-03-13 12:06 - 2016-03-13 12:06 - 00000344 _____ C:\Users\Jamie\Desktop\Virus Removal.txt

2016-03-12 17:41 - 2016-03-12 17:45 - 04952064 _____ C:\Users\Jamie\Downloads\DesktopGadgetsInstaller.zip

2016-03-11 07:58 - 2016-03-11 07:58 - 00000029 _____ C:\Users\Jamie\Documents\Ebay Pending.txt

2016-03-11 07:09 - 2016-03-11 07:09 - 00005422 _____ C:\Users\Jamie\Documents\cc_20160311_060921.reg

2016-03-11 07:04 - 2016-03-11 07:07 - 15576432 _____ C:\Users\Jamie\Downloads\Glary_Utilities_v5.46.0.66.exe

2016-03-10 21:58 - 2016-03-10 21:58 - 00058292 _____ C:\Users\Jamie\Downloads\ufonts.com_lucidity-ballpoint.ttf

2016-03-10 08:29 - 2016-03-10 08:29 - 00347980 _____ C:\Users\Jamie\Downloads\095952238523.pdf

2016-03-09 06:40 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2016-03-09 06:40 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2016-03-09 06:40 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2016-03-09 06:40 - 2016-02-24 05:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-03-09 06:40 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-03-09 06:40 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-03-09 06:40 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-03-09 06:40 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2016-03-09 06:40 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2016-03-09 06:40 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2016-03-09 06:40 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2016-03-09 06:40 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2016-03-09 06:40 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2016-03-09 06:40 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2016-03-09 06:40 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2016-03-09 06:40 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2016-03-09 06:40 - 2016-02-24 04:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2016-03-09 06:40 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe

2016-03-09 06:40 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2016-03-09 06:40 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2016-03-09 06:40 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2016-03-09 06:40 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2016-03-09 06:40 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2016-03-09 06:40 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2016-03-09 06:40 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2016-03-09 06:40 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll

2016-03-09 06:40 - 2016-02-24 04:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2016-03-09 06:40 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2016-03-09 06:40 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2016-03-09 06:40 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2016-03-09 06:40 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2016-03-09 06:40 - 2016-02-24 03:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2016-03-09 06:40 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll

2016-03-09 06:40 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll

2016-03-09 06:40 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2016-03-09 06:40 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2016-03-09 06:40 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll

2016-03-09 06:40 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll

2016-03-09 06:40 - 2016-02-24 03:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2016-03-09 06:40 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2016-03-09 06:40 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll

2016-03-09 06:40 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2016-03-09 06:40 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2016-03-09 06:40 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll

2016-03-09 06:40 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll

2016-03-09 06:40 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2016-03-09 06:40 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll

2016-03-09 06:40 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

2016-03-09 06:40 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll

2016-03-09 06:40 - 2016-02-24 03:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2016-03-09 06:40 - 2016-02-24 03:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2016-03-09 06:40 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2016-03-09 06:40 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll

2016-03-09 06:40 - 2016-02-24 03:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2016-03-09 06:40 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll

2016-03-09 06:40 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll

2016-03-09 06:40 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll

2016-03-09 06:40 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll

2016-03-09 06:40 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll

2016-03-09 06:40 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll

2016-03-09 06:40 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll

2016-03-09 06:40 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

2016-03-09 06:40 - 2016-02-24 03:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-03-09 06:40 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2016-03-09 06:40 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll

2016-03-09 06:40 - 2016-02-24 03:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-03-09 06:40 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll

2016-03-09 06:40 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll

2016-03-09 06:40 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll

2016-03-09 06:40 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2016-03-09 06:40 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2016-03-09 06:40 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2016-03-09 06:40 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2016-03-09 06:40 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll

2016-03-09 06:40 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2016-03-09 06:40 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2016-03-09 06:40 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2016-03-09 06:40 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll

2016-03-09 06:40 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2016-03-09 06:40 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll

2016-03-09 06:40 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2016-03-09 06:40 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll

2016-03-09 06:40 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll

2016-03-09 06:40 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll

2016-03-09 06:40 - 2016-02-24 02:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2016-03-09 06:40 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll

2016-03-09 06:40 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll

2016-03-09 06:40 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll

2016-03-09 06:40 - 2016-02-24 02:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2016-03-09 06:40 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2016-03-09 06:40 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll

2016-03-09 06:40 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2016-03-09 06:40 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2016-03-09 06:40 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2016-03-09 06:40 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll

2016-03-09 06:40 - 2016-02-24 02:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2016-03-09 06:40 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

2016-03-09 06:40 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll

2016-03-09 06:40 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2016-03-09 06:40 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

2016-03-09 06:40 - 2016-02-24 02:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2016-03-09 06:40 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2016-03-09 06:40 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2016-03-09 06:40 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll

2016-03-09 06:40 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll

2016-03-09 06:40 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2016-03-09 06:40 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2016-03-09 06:40 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll

2016-03-09 06:40 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll

2016-03-09 06:40 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll

2016-03-09 06:40 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll

2016-03-09 06:40 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2016-03-09 06:40 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll

2016-03-09 06:40 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2016-03-09 06:40 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2016-03-09 06:40 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2016-03-09 06:40 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2016-03-09 06:40 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2016-03-09 06:40 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll

2016-03-09 06:40 - 2016-02-24 02:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2016-03-09 06:40 - 2016-02-24 02:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2016-03-09 06:40 - 2016-02-24 02:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2016-03-09 06:40 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll

2016-03-09 06:40 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2016-03-09 06:40 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2016-03-09 06:40 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2016-03-09 06:40 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2016-03-09 06:40 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2016-03-09 06:40 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

2016-03-09 06:40 - 2016-02-24 02:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2016-03-09 06:40 - 2016-02-24 02:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-03-09 06:40 - 2016-02-24 02:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2016-03-09 06:40 - 2016-02-24 01:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2016-03-09 06:40 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2016-03-09 06:40 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll

2016-03-09 06:40 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2016-03-09 06:40 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll

2016-03-09 06:40 - 2016-02-24 01:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-03-09 06:40 - 2016-02-24 01:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-03-09 06:40 - 2016-02-24 01:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2016-03-09 06:40 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2016-03-09 06:40 - 2016-02-24 01:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2016-03-09 06:40 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2016-03-09 06:40 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2016-03-09 06:40 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2016-03-09 06:40 - 2016-02-24 00:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-03-09 06:40 - 2016-02-24 00:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-03-09 06:39 - 2016-02-24 03:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2016-03-09 06:39 - 2016-02-24 03:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2016-03-09 06:39 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2016-03-09 06:39 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll

2016-03-09 06:39 - 2016-02-24 02:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2016-03-09 06:39 - 2016-02-24 02:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2016-03-07 21:11 - 2016-03-07 21:11 - 49028362 _____ C:\Users\Jamie\Downloads\Ash Blank Mock.psd

2016-03-07 21:04 - 2016-03-07 21:04 - 20941601 _____ C:\Users\Jamie\Downloads\wg_free_tee_mockup.zip

2016-03-03 20:28 - 2016-03-03 20:28 - 00001053 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk

2016-03-03 20:12 - 2016-03-03 20:13 - 00051443 _____ C:\Users\Jamie\Downloads\seangc.zip

2016-03-03 20:09 - 2016-03-03 20:09 - 00055425 _____ C:\Users\Jamie\Downloads\seantgc.zip

2016-03-03 15:35 - 2016-03-03 15:35 - 00265376 _____ C:\Users\Jamie\Documents\NCInvolvement logo.pdf

2016-03-03 14:30 - 2016-03-03 14:30 - 00494594 _____ C:\Users\Jamie\Downloads\cat-in-the-hat-354D450E-logoeps.com.zip

2016-03-03 13:43 - 2016-03-03 13:43 - 00210419 _____ C:\Users\Jamie\Downloads\the-fontry_jackport-college-ncv (2).zip

2016-03-02 13:41 - 2016-02-23 07:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2016-03-02 13:41 - 2016-02-23 06:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2016-03-02 13:41 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2016-03-02 13:41 - 2016-02-23 06:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2016-03-02 13:41 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2016-03-02 13:41 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2016-03-02 13:41 - 2016-02-23 05:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2016-03-02 13:41 - 2016-02-23 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll

2016-03-02 13:41 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2016-03-02 13:41 - 2016-02-23 04:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2016-03-02 13:41 - 2016-02-23 04:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll

2016-03-02 13:41 - 2016-02-23 04:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2016-03-02 13:41 - 2016-02-23 04:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2016-03-02 13:41 - 2016-02-23 03:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2016-03-02 13:41 - 2016-02-23 03:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2016-03-02 13:41 - 2016-02-23 03:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2016-03-02 13:41 - 2016-02-23 03:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2016-03-02 13:41 - 2016-02-23 03:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2016-03-02 13:41 - 2016-02-23 02:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2016-03-02 13:41 - 2016-02-23 02:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-03-02 13:41 - 2016-02-23 02:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2016-03-02 13:41 - 2016-02-23 02:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2016-03-02 13:41 - 2016-02-23 02:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2016-03-02 13:41 - 2016-02-23 02:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2016-03-02 13:41 - 2016-02-23 02:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2016-03-02 13:41 - 2016-02-23 02:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-03-02 13:41 - 2016-02-08 23:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-03-02 13:41 - 2016-02-08 23:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2016-03-02 13:41 - 2016-02-08 23:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2016-03-02 13:40 - 2016-02-23 07:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2016-03-02 13:40 - 2016-02-23 07:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2016-03-02 13:40 - 2016-02-23 06:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2016-03-02 13:40 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2016-03-02 13:40 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2016-03-02 13:40 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2016-03-02 13:40 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2016-03-02 13:40 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2016-03-02 13:40 - 2016-02-23 06:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2016-03-02 13:40 - 2016-02-23 06:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2016-03-02 13:40 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2016-03-02 13:40 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2016-03-02 13:40 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2016-03-02 13:40 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2016-03-02 13:40 - 2016-02-23 05:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2016-03-02 13:40 - 2016-02-23 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2016-03-02 13:40 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2016-03-02 13:40 - 2016-02-23 04:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2016-03-02 13:40 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll

2016-03-02 13:40 - 2016-02-23 04:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2016-03-02 13:40 - 2016-02-23 04:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2016-03-02 13:40 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2016-03-02 13:40 - 2016-02-23 03:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2016-03-02 13:40 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2016-03-02 13:40 - 2016-02-23 02:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2016-03-02 13:40 - 2016-02-23 02:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2016-03-02 13:39 - 2016-02-23 07:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-03-02 13:39 - 2016-02-23 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2016-03-02 13:39 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2016-03-02 13:39 - 2016-02-23 06:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2016-03-02 13:39 - 2016-02-23 05:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2016-03-02 13:39 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2016-03-02 13:39 - 2016-02-23 05:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2016-03-02 13:39 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2016-03-02 13:39 - 2016-02-23 05:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2016-03-02 13:39 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll

2016-03-02 13:39 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll

2016-03-02 13:39 - 2016-02-23 05:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2016-03-02 13:39 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll

2016-03-02 13:39 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll

2016-03-02 13:39 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll

2016-03-02 13:39 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2016-03-02 13:39 - 2016-02-23 04:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2016-03-02 13:39 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll

2016-03-02 13:39 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll

2016-03-02 13:39 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe

2016-03-02 13:39 - 2016-02-23 04:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2016-03-02 13:39 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2016-03-02 13:39 - 2016-02-23 04:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2016-03-02 13:39 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2016-03-02 13:39 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2016-03-02 13:39 - 2016-02-23 04:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2016-03-02 13:39 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2016-03-02 13:39 - 2016-02-23 04:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2016-03-02 13:39 - 2016-02-23 04:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2016-03-02 13:39 - 2016-02-23 04:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2016-03-02 13:39 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2016-03-02 13:39 - 2016-02-23 04:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2016-03-02 13:39 - 2016-02-23 03:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2016-03-02 13:39 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll

2016-03-02 13:39 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll

2016-03-02 13:39 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2016-03-02 13:39 - 2016-02-23 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2016-03-02 13:39 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2016-03-02 13:39 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2016-03-02 13:39 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2016-03-02 13:39 - 2016-02-23 03:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2016-03-02 13:39 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2016-03-02 13:39 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2016-03-02 13:39 - 2016-02-23 03:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2016-03-02 13:39 - 2016-02-23 03:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2016-03-02 13:39 - 2016-02-23 03:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2016-03-02 13:39 - 2016-02-23 03:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2016-03-02 13:39 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2016-03-02 13:39 - 2016-02-23 02:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2016-03-02 13:39 - 2016-02-23 02:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-03-02 13:39 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2016-03-02 13:39 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2016-03-02 13:39 - 2016-02-23 02:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-03-02 13:39 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2016-03-02 13:39 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2016-03-02 13:38 - 2016-02-23 07:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2016-03-02 13:38 - 2016-02-23 07:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2016-03-02 13:38 - 2016-02-23 07:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-03-02 13:38 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2016-03-02 13:38 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll

2016-03-02 13:38 - 2016-02-23 07:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2016-03-02 13:38 - 2016-02-23 06:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2016-03-02 13:38 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2016-03-02 13:38 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll

2016-03-02 13:38 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys

2016-03-02 13:38 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2016-03-02 13:38 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2016-03-02 13:38 - 2016-02-23 05:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2016-03-02 13:38 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys

2016-03-02 13:38 - 2016-02-23 05:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys

2016-03-02 13:38 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll

2016-03-02 13:38 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll

2016-03-02 13:38 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe

2016-03-02 13:38 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll

2016-03-02 13:38 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll

2016-03-02 13:38 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys

2016-03-02 13:38 - 2016-02-23 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2016-03-02 13:38 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

2016-03-02 13:38 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll

2016-03-02 13:38 - 2016-02-23 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2016-03-02 13:38 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2016-03-02 13:38 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll

2016-03-02 13:38 - 2016-02-23 04:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2016-03-02 13:38 - 2016-02-23 04:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2016-03-02 13:38 - 2016-02-23 04:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2016-03-02 13:38 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll

2016-03-02 13:38 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2016-03-02 13:38 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll

2016-03-02 13:38 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll

2016-03-02 13:38 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2016-03-02 13:38 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2016-03-02 13:38 - 2016-02-23 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2016-03-02 13:38 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll

2016-03-02 13:38 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll

2016-03-02 13:38 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2016-03-02 13:38 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll

2016-03-02 13:38 - 2016-02-23 04:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2016-03-02 13:38 - 2016-02-23 04:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2016-03-02 13:38 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe

2016-03-02 13:38 - 2016-02-23 04:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2016-03-02 13:38 - 2016-02-23 04:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2016-03-02 13:38 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2016-03-02 13:38 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2016-03-02 13:38 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2016-03-02 13:38 - 2016-02-23 03:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2016-03-02 13:38 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll

2016-03-02 13:38 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2016-03-02 13:38 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2016-03-02 13:38 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2016-03-02 13:38 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2016-03-02 13:38 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll

2016-03-02 13:38 - 2016-02-23 03:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2016-03-02 13:38 - 2016-02-23 03:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2016-03-02 13:38 - 2016-02-23 03:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2016-03-02 13:38 - 2016-02-23 03:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

2016-03-02 13:38 - 2016-02-23 03:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll

2016-03-02 13:38 - 2016-02-23 03:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2016-03-02 13:38 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2016-03-02 13:38 - 2016-02-23 02:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll

2016-03-02 13:38 - 2016-02-23 02:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2016-03-02 13:38 - 2016-02-09 00:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2016-03-02 13:38 - 2016-02-09 00:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2016-03-02 13:38 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2016-03-02 13:38 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2016-03-02 11:21 - 2016-03-02 11:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys

2016-02-29 22:19 - 2016-02-29 22:19 - 00004381 _____ C:\Users\Jamie\Downloads\Hill-House.zip

2016-02-28 14:41 - 2016-02-28 14:41 - 00891392 _____ (Farbar) C:\Users\Jamie\Downloads\MiniToolBox.exe

2016-02-28 14:41 - 2016-02-28 14:41 - 00029512 _____ C:\Users\Jamie\Downloads\MTB.txt

2016-02-28 14:25 - 2016-03-20 07:52 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5

2016-02-28 14:25 - 2016-03-11 07:07 - 00003382 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5

2016-02-28 14:25 - 2016-03-11 07:07 - 00003028 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC

2016-02-28 14:25 - 2016-03-11 07:07 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk

2016-02-28 14:25 - 2016-03-11 07:07 - 00001155 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk

2016-02-28 14:25 - 2016-02-28 14:25 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys

2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\GlarySoft

2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\DiskDefrag

2016-02-28 14:25 - 2016-02-28 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5

2016-02-28 14:24 - 2016-02-28 14:25 - 15575176 _____ C:\Users\Jamie\Downloads\gu5setup.exe

2016-02-28 14:17 - 2016-02-28 14:17 - 00039390 _____ C:\Users\Jamie\Documents\cc_20160228_131743.reg

2016-02-27 14:17 - 2016-02-27 14:17 - 00012884 _____ C:\Users\Jamie\Downloads\glyphobet-font-foundry_ripple.zip

2016-02-27 14:16 - 2016-02-27 14:16 - 00032668 _____ C:\Users\Jamie\Downloads\Eccentric.otf

2016-02-27 14:15 - 2016-02-27 14:15 - 00014401 _____ C:\Users\Jamie\Downloads\bad_acid.zip

2016-02-24 14:30 - 2016-02-27 20:29 - 00000000 ____D C:\AdwCleaner

2016-02-24 14:30 - 2016-02-24 14:30 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Jamie\Downloads\rkill.exe

2016-02-24 14:30 - 2016-02-24 14:30 - 01511936 _____ C:\Users\Jamie\Downloads\AdwCleaner.exe

2016-02-24 14:28 - 2016-02-24 14:28 - 05200384 _____ (AVAST Software) C:\Users\Jamie\Downloads\aswmbr.exe

2016-02-24 14:21 - 2016-02-24 14:21 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jamie\Downloads\HijackThis.exe

2016-02-23 21:17 - 2016-02-23 21:17 - 00006244 _____ C:\rapport.txt

2016-02-23 21:17 - 2016-02-23 21:17 - 00003480 _____ C:\WINDOWS\SysWOW64\tmp.reg

2016-02-23 21:17 - 2016-02-23 21:17 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp.txt

2016-02-23 21:16 - 2016-02-23 21:17 - 00000000 ____D C:\Users\Jamie\Downloads\SmitfraudFix

2016-02-23 21:16 - 2009-06-02 12:17 - 00075776 _____ C:\WINDOWS\SysWOW64\WS2Fix.exe

2016-02-23 21:16 - 2008-12-12 02:57 - 00078336 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\Agent.OMZ.Fix.exe

2016-02-23 21:16 - 2008-11-29 19:58 - 00082944 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\IEDFix.C.exe

2016-02-23 21:16 - 2008-10-01 16:51 - 00087552 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\VACFix.exe

2016-02-23 21:16 - 2008-09-20 13:45 - 00080384 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\o4Patch.exe

2016-02-23 21:16 - 2008-08-18 13:19 - 00082432 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\404Fix.exe

2016-02-23 21:16 - 2008-05-18 22:40 - 00082944 _____ (S!Ri.URZ) C:\WINDOWS\SysWOW64\IEDFix.exe

2016-02-23 21:16 - 2007-09-06 01:22 - 00289144 _____ (S!Ri) C:\WINDOWS\SysWOW64\VCCLSID.exe

2016-02-23 21:16 - 2006-12-01 07:20 - 00079360 _____ (SteelWerX) C:\WINDOWS\SysWOW64\swxcacls.exe

2016-02-23 21:16 - 2006-08-29 20:43 - 00135168 _____ (SteelWerX) C:\WINDOWS\SysWOW64\swreg.exe

2016-02-23 21:16 - 2006-04-27 18:49 - 00288417 _____ (S!Ri) C:\WINDOWS\SysWOW64\SrchSTS.exe

2016-02-23 21:16 - 2006-01-09 11:36 - 00040960 _____ C:\WINDOWS\SysWOW64\swsc.exe

2016-02-23 21:16 - 2004-07-31 19:50 - 00051200 _____ C:\WINDOWS\SysWOW64\dumphive.exe

2016-02-23 21:16 - 2003-06-05 22:13 - 00053248 _____ (hxxp://www.beyondlogic.org) C:\WINDOWS\SysWOW64\Process.exe

2016-02-23 20:47 - 2016-02-23 21:16 - 01885088 _____ C:\Users\Jamie\Downloads\SmitfraudFix.exe

2016-02-23 20:42 - 2016-03-17 19:44 - 00003956 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1456274510

2016-02-23 20:42 - 2016-02-23 20:42 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Opera Software

2016-02-23 20:42 - 2016-02-23 20:42 - 00000000 ____D C:\Users\Jamie\AppData\Local\Opera Software

2016-02-23 20:41 - 2016-03-17 19:44 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2016-02-23 20:41 - 2016-03-17 19:44 - 00000000 ____D C:\Program Files (x86)\Opera

2016-02-23 20:41 - 2016-02-23 20:41 - 00001210 _____ C:\Users\Public\Desktop\Opera.lnk

2016-02-23 20:38 - 2016-02-23 20:40 - 00725584 _____ (Opera Software) C:\Users\Jamie\Downloads\Opera_NI_stable.exe

2016-02-23 20:20 - 2016-02-23 20:20 - 01270466 _____ C:\Users\Jamie\Downloads\ProcessExplorer.zip

2016-02-22 16:57 - 2016-02-22 16:57 - 05657688 _____ (Swearware) C:\Users\Jamie\Downloads\ComboFix.exe

2016-02-22 16:57 - 2016-02-22 16:57 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Jamie\Downloads\SpyHunter-Installer.exe

2016-02-20 13:44 - 2016-02-20 13:44 - 00471247 _____ C:\Users\Jamie\Downloads\ActionFonts.zip

2016-02-20 13:30 - 2016-02-20 13:30 - 00026328 _____ C:\Users\Jamie\Downloads\comic_james.zip

2016-02-19 13:36 - 2016-02-19 13:36 - 00000000 ___HD C:\OneDriveTemp

2016-02-19 13:23 - 2016-03-13 13:12 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2016-02-19 13:22 - 2016-02-19 13:22 - 00000000 ____D C:\WINDOWS\pss

2016-02-19 13:18 - 2016-02-19 13:18 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 08:30 - 2015-09-21 05:33 - 00000000 ____D C:\Users\Jamie\Documents\Outlook Files

2016-03-20 08:13 - 2015-10-15 15:00 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A918490-054D-4144-A030-7D635FECCB6B}

2016-03-20 08:05 - 2015-09-20 17:36 - 00000000 ____D C:\Users\Jamie\Desktop\T-shirts

2016-03-20 07:56 - 2015-12-18 00:11 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-03-20 07:56 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF

2016-03-20 07:51 - 2015-09-20 16:35 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-03-20 07:50 - 2016-02-16 08:31 - 00002411 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk

2016-03-20 07:50 - 2015-09-20 16:35 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2016-03-20 07:49 - 2015-12-18 00:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-03-20 07:49 - 2015-12-18 00:06 - 05011288 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2016-03-20 07:49 - 2015-09-20 18:21 - 00000200 _____ C:\WINDOWS\Tasks\AutoKMS.job

2016-03-20 07:48 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-03-20 07:27 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2016-03-20 07:06 - 2015-09-20 16:25 - 00000000 ____D C:\ProgramData\MFAData

2016-03-20 06:53 - 2016-02-15 07:53 - 00000366 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Jamie).job

2016-03-19 12:05 - 2015-09-20 18:21 - 00000228 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job

2016-03-18 19:21 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-03-18 13:44 - 2015-09-21 12:37 - 00000132 _____ C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs

2016-03-17 19:07 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-03-14 20:53 - 2015-09-20 16:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-03-14 20:53 - 2015-09-20 16:35 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-03-14 10:09 - 2016-01-28 08:20 - 00000000 ____D C:\ProgramData\boost_interprocess

2016-03-13 17:37 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2016-03-13 12:52 - 2016-01-10 17:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-03-13 07:56 - 2015-11-07 11:30 - 00000000 ____D C:\Users\Jamie\AppData\Local\ElevatedDiagnostics

2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Sidebar

2016-03-12 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

2016-03-11 13:11 - 2015-09-20 16:44 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk

2016-03-11 13:11 - 2015-09-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2016-03-11 08:08 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-03-11 07:07 - 2016-02-18 09:13 - 00000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps

2016-03-11 04:36 - 2015-12-18 00:12 - 00000000 ____D C:\Users\Jamie

2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices

2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform

2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2016-03-11 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform

2016-03-09 07:39 - 2014-08-04 16:15 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-03-09 07:34 - 2014-08-04 16:15 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2016-03-07 21:10 - 2015-09-20 17:53 - 00000000 ____D C:\Users\Jamie\Desktop\Ebayready

2016-03-04 08:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache

2016-03-03 15:46 - 2015-09-20 17:39 - 00000000 ____D C:\Users\Jamie\Documents\T-shirts

2016-03-03 06:44 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures

2016-03-03 04:32 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal

2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media

2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-03-03 04:32 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr

2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2016-03-03 04:32 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism

2016-03-01 15:34 - 2015-10-20 09:16 - 00000000 ____D C:\Users\Jamie\Desktop\2016 Tee Work

2016-02-25 20:18 - 2015-11-20 15:56 - 00000000 ____D C:\Users\Jamie\Desktop\ZavaJams Setlist Archive

2016-02-25 15:57 - 2015-12-18 00:12 - 00000000 ____D C:\Users\DefaultAppPool

2016-02-25 15:43 - 2016-02-16 13:36 - 00000000 ____D C:\ProgramData\RogueKiller

2016-02-25 13:08 - 2016-02-16 13:36 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys

2016-02-24 14:34 - 2015-10-08 19:36 - 00001063 _____ C:\Users\Jamie\Desktop\Internet Explorer.lnk

2016-02-24 14:33 - 2015-09-27 16:48 - 00000000 ___RD C:\Users\Jamie\OneDrive

2016-02-24 06:39 - 2015-12-18 06:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2016-02-22 17:20 - 2015-09-29 06:17 - 00000000 ____D C:\ProgramData\AVG Web TuneUp

2016-02-22 17:20 - 2015-09-29 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-02-22 17:19 - 2015-09-29 06:17 - 00000000 ____D C:\Program Files\AVG Web TuneUp

2016-02-22 17:19 - 2015-09-29 06:16 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp

==================== Files in the root of some directories =======

2015-09-21 12:37 - 2016-03-18 13:44 - 0000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS5 Prefs

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-20 08:15

==================== End of FRST.txt ============================

#2
Essexboy

Posted 20 March 2016 - 08:52 AM

GeekU Moderator

Retired Staff
69,964 posts

Nothing readily apparent, which file is it reporting as infected ?

#3
sheck910

Posted 20 March 2016 - 10:33 AM

Member

Topic Starter
Member
17 posts

Let me check to see if I can find the AVG log

thank you for your time reading over the post

#4
Essexboy

Posted 20 March 2016 - 10:48 AM

GeekU Moderator

Retired Staff
69,964 posts

I believe it may be a false positive as it is a heuristic detection

#5
sheck910

Posted 21 March 2016 - 10:11 AM

Member

Topic Starter
Member
17 posts

thanks again - here is the info as AVG just flagged it once more with a New Zperm added into the mix

"";"Virus found Win32/Zperm, c:\Windows\Temp\927b2233-8dd4-4e49-93eb-02208aa1e0c1\tmp00007183\tmp00009367";"Unresolved"

"";"Virus found Win32/Heur, c:\Windows\Temp\927b2233-8dd4-4e49-93eb-02208aa1e0c1\tmp00007183\tmp000089f0";"Secured"

#6
Essexboy

Posted 21 March 2016 - 11:15 AM

GeekU Moderator

Retired Staff
69,964 posts

OK they are in the temp folders so lets clear them... Are you experiencing any problems

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG

On completion of the scan click save log, save it to your desktop and post in your next reply

#7
sheck910

Posted 21 March 2016 - 01:29 PM

Member

Topic Starter
Member
17 posts

thanks again for your time and efforts, I more than appreciate the assistance.

Here are the two requested logs. I do not think I have any serious problems.

I have noticed slow browser performance right after they started popping up.

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

Ran by Jamie (2016-03-21 14:57:48) Run:1

Running from C:\Users\Jamie\Desktop

Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

RemoveProxy:

EmptyTemp:

CMD: bitsadmin /reset /allusers

*****************

Restore point was successfully created.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.8.10586 ]

BITS administration utility.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {2BA9B2FB-8595-4F58-A406-250F013DDB91}.

Unable to cancel {6EB2E3F0-684D-44B1-98C3-114F17231121}.

Unable to cancel {54A307C6-6DDF-4D3F-85C2-E8D7DDA10BCA}.

Unable to cancel {DC371580-A6E9-473A-A83E-5556704E5658}.

Unable to cancel {ACF5F127-7C6D-4B48-B776-2FE554F77C4C}.

Unable to cancel {089B847D-F643-4B75-9587-494F8C203B72}.

0 out of 6 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 802.2 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 14:59:08 ====

Run date: 2016-03-21 15:02:21

-----------------------------

15:02:21.523 OS Version: Windows x64 6.2.9200

15:02:21.523 Number of processors: 2 586 0x170A

15:02:21.523 ComputerName: JAMIE-PC UserName: Jamie

15:02:27.757 Initialize success

15:02:27.914 VM: initialized successfully

15:02:27.914 VM: Intel CPU BiosDisabled

15:03:57.766 AVAST engine defs: 16032100

15:05:28.876 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4

15:05:28.891 Disk 0 Vendor: HITACHI_HUA722010ALA330 JP4ONS01 Size: 953869MB BusType: 3

15:05:29.079 Disk 0 MBR read successfully

15:05:29.094 Disk 0 MBR scan

15:05:29.094 Disk 0 unknown MBR code

15:05:29.110 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 500 MB offset 2048

15:05:29.126 Disk 0 Partition 2 00 27 Hidden NTFS WinRE NTFS 9000 MB offset 1026048

15:05:29.141 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 944365 MB offset 19458048

15:05:29.204 Disk 0 scanning C:\WINDOWS\system32\drivers

15:05:44.673 Service scanning

15:06:16.626 Modules scanning

15:06:16.626 Disk 0 trace - called modules:

15:06:16.641 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys hal.dll

15:06:16.641 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001e64f3060]

15:06:16.641 3 CLASSPNP.SYS[fffff800fd0b7d95] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xffffe001e602c060]

15:06:18.876 AVAST engine scan C:\WINDOWS

15:06:23.141 AVAST engine scan C:\WINDOWS\system32

15:08:58.131 AVAST engine scan C:\WINDOWS\system32\drivers

15:09:09.928 File: C:\WINDOWS\system32\drivers\hitmanpro37.sys **HIDDEN**

15:09:11.537 AVAST engine scan C:\Users\Jamie

15:18:28.712 AVAST engine scan C:\ProgramData

15:20:21.213 Disk 0 statistics 3794250/0/0 @ 2.69 MB/s

15:20:21.213 Scan finished successfully

15:25:01.135 Disk 0 MBR has been saved successfully to "C:\Users\Jamie\Desktop\MBR.dat"

15:25:01.135 The log file has been saved successfully to "C:\Users\Jamie\Desktop\aswMBR.txt"

#8
Essexboy

Posted 21 March 2016 - 02:02 PM

GeekU Moderator

Retired Staff
69,964 posts

All looks clean, has the browsing speed improved any ?

#9
sheck910

Posted 21 March 2016 - 02:56 PM

Member

Topic Starter
Member
17 posts

Awesome! Appears to have sped up some

Many, Many thanks!!!

#10
Essexboy

Posted 21 March 2016 - 03:01 PM

GeekU Moderator

Retired Staff
69,964 posts

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

#11
sheck910

Posted 21 March 2016 - 06:43 PM

Member

Topic Starter
Member
17 posts

done and done! I will let you know if anything pops up in the next day or so

I will also be making a PP donation tomorrow

The ability to gain knowledge, repair issues and prevent further ones is a more than worthy cause

#12
Essexboy

Posted 23 March 2016 - 09:10 AM

GeekU Moderator

Retired Staff
69,964 posts

#13
sheck910

Posted 23 March 2016 - 07:02 PM

Member

Topic Starter
Member
17 posts

starting to get the same popup's in AVG - I will rerun above temp cleaner and update tomorrow

#14
sheck910

Posted 24 March 2016 - 03:39 AM

Member

Topic Starter
Member
17 posts

here are the latest scan logs

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

Ran by Jamie (2016-03-23 21:05:50) Run:1

Running from C:\Users\Jamie\Desktop

Loaded Profiles: Jamie (Available Profiles: Jamie & DefaultAppPool)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

RemoveProxy:

EmptyTemp:

CMD: bitsadmin /reset /allusers

*****************

Restore point was successfully created.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-21-2820763626-3360222607-3046939984-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.8.10586 ]

BITS administration utility.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 758.6 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 21:06:55 ====

Run date: 2016-03-23 21:12:08

-----------------------------

21:12:08.764 OS Version: Windows x64 6.2.9200

21:12:08.764 Number of processors: 2 586 0x170A

21:12:08.764 ComputerName: JAMIE-PC UserName: Jamie

21:12:13.337 Initialize success

21:12:13.405 VM: initialized successfully

21:12:13.406 VM: Intel CPU BiosDisabled

21:15:02.763 AVAST engine defs: 16032300

21:17:14.514 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4

21:17:14.514 Disk 0 Vendor: HITACHI_HUA722010ALA330 JP4ONS01 Size: 953869MB BusType: 3

21:17:14.622 Disk 0 MBR read successfully

21:17:14.622 Disk 0 MBR scan

21:17:14.638 Disk 0 unknown MBR code

21:17:14.654 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 500 MB offset 2048

21:17:14.654 Disk 0 Partition 2 00 27 Hidden NTFS WinRE NTFS 9000 MB offset 1026048

21:17:14.677 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 944365 MB offset 19458048

21:17:14.707 Disk 0 scanning C:\WINDOWS\system32\drivers

21:17:22.864 Service scanning

21:17:47.532 Modules scanning

21:17:47.539 Disk 0 trace - called modules:

21:17:47.551 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys

21:17:47.555 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00056568060]

21:17:47.559 3 CLASSPNP.SYS[fffff8013c457d95] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xffffe00056030060]

21:17:49.424 AVAST engine scan C:\WINDOWS

21:17:51.833 AVAST engine scan C:\WINDOWS\system32

21:20:33.391 AVAST engine scan C:\WINDOWS\system32\drivers

21:20:55.123 AVAST engine scan C:\Users\Jamie

21:27:58.664 AVAST engine scan C:\ProgramData

21:29:04.112 Disk 0 statistics 3794117/0/0 @ 3.62 MB/s

21:29:04.112 Scan finished successfully

21:36:47.259 Disk 0 MBR has been saved successfully to "C:\Users\Jamie\Desktop\MBR.dat"

21:36:47.259 The log file has been saved successfully to "C:\Users\Jamie\Desktop\aswMBR.txt"

#15
Essexboy

Posted 24 March 2016 - 08:36 AM

GeekU Moderator

Retired Staff
69,964 posts

I think that you will find that this appears after you run spybot. Could you temporarily uninstall that and scan again

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

As Featured On:

Geeks to Go Forum 343,325 topics
Quick Links FAQ Malware Cleaning Guide How it Works
Downloads 2+ million

View New Content

Possible Win32 CTX virus? Or false positive [Solved]

#1
sheck910

Posted 20 March 2016 - 06:51 AM

Advertisements

#2
Essexboy

Posted 20 March 2016 - 08:52 AM

#3
sheck910

Posted 20 March 2016 - 10:33 AM

#4
Essexboy

Posted 20 March 2016 - 10:48 AM

#5
sheck910

Posted 21 March 2016 - 10:11 AM

#6
Essexboy

Posted 21 March 2016 - 11:15 AM

#7
sheck910

Posted 21 March 2016 - 01:29 PM

#8
Essexboy

Posted 21 March 2016 - 02:02 PM

#9
sheck910

Posted 21 March 2016 - 02:56 PM

#10
Essexboy

Posted 21 March 2016 - 03:01 PM

Advertisements

#11
sheck910

Posted 21 March 2016 - 06:43 PM

#12
Essexboy

Posted 23 March 2016 - 09:10 AM

#13
sheck910

Posted 23 March 2016 - 07:02 PM

#14
sheck910

Posted 24 March 2016 - 03:39 AM

#15
Essexboy

Posted 24 March 2016 - 08:36 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Possible Win32 CTX virus? Or false positive [Solved]

#1 sheck910 Posted 20 March 2016 - 06:51 AM

Advertisements

#2 Essexboy Posted 20 March 2016 - 08:52 AM

#3 sheck910 Posted 20 March 2016 - 10:33 AM

#4 Essexboy Posted 20 March 2016 - 10:48 AM

#5 sheck910 Posted 21 March 2016 - 10:11 AM

#6 Essexboy Posted 21 March 2016 - 11:15 AM

#7 sheck910 Posted 21 March 2016 - 01:29 PM

#8 Essexboy Posted 21 March 2016 - 02:02 PM

#9 sheck910 Posted 21 March 2016 - 02:56 PM

#10 Essexboy Posted 21 March 2016 - 03:01 PM

Advertisements

#11 sheck910 Posted 21 March 2016 - 06:43 PM

#12 Essexboy Posted 23 March 2016 - 09:10 AM

#13 sheck910 Posted 23 March 2016 - 07:02 PM

#14 sheck910 Posted 24 March 2016 - 03:39 AM

#15 Essexboy Posted 24 March 2016 - 08:36 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
sheck910

Posted 20 March 2016 - 06:51 AM

#2
Essexboy

Posted 20 March 2016 - 08:52 AM

#3
sheck910

Posted 20 March 2016 - 10:33 AM

#4
Essexboy

Posted 20 March 2016 - 10:48 AM

#5
sheck910

Posted 21 March 2016 - 10:11 AM

#6
Essexboy

Posted 21 March 2016 - 11:15 AM

#7
sheck910

Posted 21 March 2016 - 01:29 PM

#8
Essexboy

Posted 21 March 2016 - 02:02 PM

#9
sheck910

Posted 21 March 2016 - 02:56 PM

#10
Essexboy

Posted 21 March 2016 - 03:01 PM

#11
sheck910

Posted 21 March 2016 - 06:43 PM

#12
Essexboy

Posted 23 March 2016 - 09:10 AM

#13
sheck910

Posted 23 March 2016 - 07:02 PM

#14
sheck910

Posted 24 March 2016 - 03:39 AM

#15
Essexboy

Posted 24 March 2016 - 08:36 AM