Jump to content

leftydrummrr

Members
  • Content count

    169
  • Joined

  • Last visited

About leftydrummrr

  • Rank
    Member

Previous Fields

  • System Specifications:
    Dell Dimension 4600
  1. I am using both pay programs on my computer. Getting close to renewal time. Should I continue to pay for both? Get rid of one and keep the other? Is there something better than both of them? Thanks for any info/suggestions.
  2. Mouse freezes on screen,computer crashes...

    Thanks,will do.
  3. Last time this happened several times was last March. Not much trouble until recently. We have an optical mouse,so I turn it off to save the battery. More and more,I come back after 2-3 hours and the mouse is frozen and computer has crashed. Computer will also crash in the middle of browsing,no apparent reason,no warning. Seems a little slow. We have Windows 10, Avast Premium Antivirus, Safe Zone browser,Malwarebytes Premium Protection. Thoughts? Thanks
  4. All Done. Thank you,you are a genius,again.
  5. No more Spybot! Computer is quick. I think all is well.
  6. Cut,instead of copy and paste out of my download folder to the desktop,worked perfectly. Here is the log. Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by Mark Gisi (2016-03-31 13:36:32) Run:3 Running from C:\Users\Mark Gisi\Desktop Loaded Profiles: Mark Gisi (Available Profiles: Mark Gisi & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys EmptyTemp: End ***************** Restore point was successfully created. Processes closed successfully. HKU\S-1-5-21-1182910247-164446080-3144522775-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => value removed successfully SDHookDriver => Unable to stop service. SDHookDriver => service removed successfully C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys" => not found. EmptyTemp: => 457.7 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 13:37:16 ====
  7. It won't work. I'm feeling pretty stupid. I've tried a dozen times with no success. I've got both on my desktop,but it can't find the list. Here's what I've done. start>run>type in Notepad>OK>R Click copy text in quote box>paste in Notepad> select all in notepad>Save As>desktop>the file,fixlist.txt,shows up on my desktop. Download frst64(32 is not compatible)>click show in folder>r click in folder send to desktop,it shows up on desktop r click on frst>Open> ok>cick on fix> can't find list They are right next to each other. No luck.
  8. Not able to scan. Not sure what the problem is. Didn't have any trouble when I ran this same scan before. Keep getting ... fixlist.txt is not in same location or directory. Followed steps exactly as before. Both are on desktop,right next to each other. I must be missing something.
  9. Here they are.... Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by Mark Gisi (2016-03-30 17:09:04) Running from C:\Users\Mark Gisi\Downloads Windows 10 Pro Version 1511 (X64) (2016-02-29 15:31:58) Boot Mode: Normal ========================================================== Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 Ran by Mark Gisi (administrator) on MARKGISI-PC (30-03-2016 17:07:29) Running from C:\Users\Mark Gisi\Downloads Loaded Profiles: Mark Gisi (Available Profiles: Mark Gisi & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\asww10mon.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\RunOnce: [uninstall C:\Users\Mark Gisi\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mark Gisi\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-29] (AVAST Software) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{11a25869-387f-47e7-8f83-c2841231188e}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-1182910247-164446080-3144522775-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-29] (AVAST Software) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-29] (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation) DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-19] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-19] Chrome: ======= CHR Profile: C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2015-06-23] CHR Extension: (Google Docs Offline) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Gmail) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-29] (AVAST Software) R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-29] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-19] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-29] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-29] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-29] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-29] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-29] (AVAST Software) R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider) R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider) R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-30 17:06 - 2016-03-30 17:06 - 02374144 _____ (Farbar) C:\Users\Mark Gisi\Downloads\FRST64.exe 2016-03-30 17:06 - 2016-03-30 17:06 - 00001563 _____ C:\Users\Mark Gisi\Desktop\FRST64.exe - Shortcut.lnk 2016-03-28 14:00 - 2016-03-29 12:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-28 14:00 - 2016-03-28 14:00 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-03-28 14:00 - 2016-03-28 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-03-28 13:59 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-03-28 13:59 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-28 13:59 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-03-28 13:57 - 2016-03-28 13:58 - 22851472 _____ (Malwarebytes ) C:\Users\Mark Gisi\Downloads\mbam-setup-2.2.1.1043.exe 2016-03-28 12:50 - 2016-03-28 12:50 - 00000085 _____ C:\WINDOWS\wininit.ini 2016-03-28 09:12 - 2016-03-28 09:12 - 00558328 _____ (Safer-Networking Ltd. ) C:\Users\Mark Gisi\Downloads\spybot2-license (2).exe 2016-03-27 21:48 - 2016-03-27 21:49 - 02870984 _____ (ESET) C:\Users\Mark Gisi\Downloads\esetsmartinstaller_enu.exe 2016-03-27 21:27 - 2016-03-27 21:27 - 00001922 _____ C:\Users\Mark Gisi\Documents\fixlist.txt 2016-03-27 21:03 - 2016-03-27 21:03 - 00001601 _____ C:\Users\Mark Gisi\Desktop\AdwCleaner.exe - Shortcut.lnk 2016-03-27 21:02 - 2016-03-27 21:04 - 01538560 _____ C:\Users\Mark Gisi\Downloads\AdwCleaner.exe 2016-03-27 09:49 - 2016-03-27 09:52 - 00040527 _____ C:\Users\Mark Gisi\Downloads\Addition.txt 2016-03-27 09:48 - 2016-03-30 17:08 - 00011806 _____ C:\Users\Mark Gisi\Downloads\FRST.txt 2016-03-27 09:47 - 2016-03-30 17:07 - 00000000 ____D C:\FRST 2016-03-27 09:45 - 2016-03-27 09:45 - 01725440 _____ (Farbar) C:\Users\Mark Gisi\Downloads\FRST.exe 2016-03-25 20:54 - 2016-03-30 14:44 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} 2016-03-25 20:52 - 2016-03-25 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-25 20:52 - 2016-03-25 20:51 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-25 20:51 - 2016-03-25 20:51 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-25 20:47 - 2016-03-25 20:48 - 00734784 _____ (Oracle Corporation) C:\Users\Mark Gisi\Downloads\JavaSetup8u77.exe 2016-03-25 17:07 - 2016-03-25 17:08 - 00852798 _____ C:\Users\Mark Gisi\Downloads\SecurityCheck.exe 2016-03-25 11:53 - 2016-03-25 11:53 - 00000000 ____D C:\Users\Mark Gisi\Documents\BRIDGESTONE J 15 CB 3-26-16 2016-03-25 11:01 - 2016-03-25 11:02 - 00987728 _____ (Google Inc.) C:\Users\Mark Gisi\Downloads\ChromeSetup.exe 2016-03-25 10:47 - 2016-03-25 10:47 - 00000000 ____D C:\Users\Mark Gisi\AppData\Local\VS Revo Group 2016-03-25 10:47 - 2016-03-25 10:47 - 00000000 ____D C:\ProgramData\VS Revo Group 2016-03-25 10:45 - 2016-03-25 10:46 - 11199448 _____ (VS Revo Group ) C:\Users\Mark Gisi\Downloads\RevoUninProSetup.exe 2016-03-25 10:44 - 2016-03-25 10:44 - 00136268 _____ C:\Users\Mark Gisi\Documents\Golf bookmarks 3-26-16.html 2016-03-25 10:43 - 2016-03-25 10:43 - 00136268 _____ C:\Users\Mark Gisi\Documents\bookmarks_3_25_16.html (2).html 2016-03-25 10:43 - 2016-03-25 10:43 - 00136268 _____ C:\Users\Mark Gisi\Documents\bookmarks_3_25_16.html 2016-03-24 15:51 - 2016-03-24 15:51 - 00029225 _____ C:\Users\Mark Gisi\Downloads\Random Rooster Froges April 9 2016.pdf 2016-03-24 15:30 - 2016-03-24 15:30 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-03-21 19:57 - 2016-03-21 19:58 - 00280576 ____H C:\Users\Mark Gisi\Downloads\photothumb.db 2016-03-21 11:29 - 2016-03-27 21:06 - 00000000 ____D C:\AdwCleaner 2016-03-21 11:25 - 2016-03-21 11:25 - 01529344 _____ C:\Users\Mark Gisi\Downloads\Unconfirmed 670190.crdownload 2016-03-19 15:00 - 2016-03-19 15:00 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk 2016-03-19 15:00 - 2016-03-19 15:00 - 00001974 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk 2016-03-19 14:59 - 2016-03-26 12:51 - 00003170 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458417590 2016-03-19 14:59 - 2016-03-26 12:51 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-03-19 14:59 - 2016-03-19 14:59 - 00001089 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-03-19 14:58 - 2016-03-19 14:58 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-03-19 14:58 - 2016-02-29 22:52 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-03-17 10:53 - 2016-03-19 14:59 - 00003040 _____ C:\WINDOWS\System32\Tasks\avast! Windows 10 Start Menu helper 2016-03-15 16:18 - 2016-03-15 21:38 - 00000000 ____D C:\Users\Mark Gisi\Documents\Matt Fraternity banquet 2015 2016-03-15 16:18 - 2016-03-15 16:18 - 00000000 ____D C:\Users\Mark Gisi\Documents\S3 Pro iron faces 3-14-16 2016-03-15 16:18 - 2016-03-15 16:18 - 00000000 ____D C:\Users\Mark Gisi\Documents\2015-05-04 Mark 1972 2016-03-15 16:18 - 2015-06-07 20:45 - 07640213 _____ C:\Users\Mark Gisi\Documents\Short solo Quest Bash.mp4 2016-03-14 13:04 - 2016-03-14 13:04 - 00000010 _____ C:\Users\Mark Gisi\Downloads\dynamic_ytrack_track 2016-03-12 22:12 - 2016-03-12 22:12 - 07860941 _____ C:\Users\Mark Gisi\Downloads\wild nights.m4a 2016-03-11 10:57 - 2016-03-11 10:57 - 02834616 _____ C:\Users\Mark Gisi\Downloads\Attachments_2016311.zip 2016-03-10 16:22 - 2016-03-13 14:06 - 00000000 ____D C:\Users\Mark Gisi\Documents\Cobra S3 Pro 4-PW 3-10-16 2016-03-08 17:06 - 2016-03-18 20:53 - 00000000 ____D C:\Program Files (x86)\AdwCleaner 2016-03-08 13:58 - 2016-03-01 00:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-03-08 13:58 - 2016-03-01 00:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-08 13:58 - 2016-02-24 04:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-03-08 13:58 - 2016-02-24 04:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-03-08 13:58 - 2016-02-24 04:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-08 13:58 - 2016-02-24 04:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-08 13:58 - 2016-02-24 04:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-08 13:58 - 2016-02-24 04:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-03-08 13:58 - 2016-02-24 04:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-03-08 13:58 - 2016-02-24 04:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-03-08 13:58 - 2016-02-24 03:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-03-08 13:58 - 2016-02-24 03:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-03-08 13:58 - 2016-02-24 03:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-03-08 13:58 - 2016-02-24 03:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-03-08 13:58 - 2016-02-24 03:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-03-08 13:58 - 2016-02-24 03:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-03-08 13:58 - 2016-02-24 03:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-03-08 13:58 - 2016-02-24 03:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-03-08 13:58 - 2016-02-24 03:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-03-08 13:58 - 2016-02-24 03:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-03-08 13:58 - 2016-02-24 03:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-03-08 13:58 - 2016-02-24 03:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-03-08 13:58 - 2016-02-24 03:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-03-08 13:58 - 2016-02-24 03:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-03-08 13:58 - 2016-02-24 03:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-03-08 13:58 - 2016-02-24 03:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-03-08 13:58 - 2016-02-24 03:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-03-08 13:58 - 2016-02-24 03:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-03-08 13:58 - 2016-02-24 03:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-03-08 13:58 - 2016-02-24 03:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-03-08 13:58 - 2016-02-24 03:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-08 13:58 - 2016-02-24 02:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-03-08 13:58 - 2016-02-24 02:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-03-08 13:58 - 2016-02-24 02:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-03-08 13:58 - 2016-02-24 02:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-08 13:58 - 2016-02-24 02:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-03-08 13:58 - 2016-02-24 02:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-03-08 13:58 - 2016-02-24 02:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-03-08 13:58 - 2016-02-24 02:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-03-08 13:58 - 2016-02-24 02:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-03-08 13:58 - 2016-02-24 02:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-08 13:58 - 2016-02-24 02:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-03-08 13:58 - 2016-02-24 02:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-03-08 13:58 - 2016-02-24 02:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-08 13:58 - 2016-02-24 02:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-03-08 13:58 - 2016-02-24 02:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-03-08 13:58 - 2016-02-24 02:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-03-08 13:58 - 2016-02-24 02:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-03-08 13:58 - 2016-02-24 02:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-03-08 13:58 - 2016-02-24 02:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-03-08 13:58 - 2016-02-24 02:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-03-08 13:58 - 2016-02-24 02:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-03-08 13:58 - 2016-02-24 02:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-03-08 13:58 - 2016-02-24 02:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-03-08 13:58 - 2016-02-24 02:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-03-08 13:58 - 2016-02-24 02:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-03-08 13:58 - 2016-02-24 02:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-03-08 13:58 - 2016-02-24 02:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-03-08 13:58 - 2016-02-24 02:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-03-08 13:58 - 2016-02-24 02:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-03-08 13:58 - 2016-02-24 02:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-03-08 13:58 - 2016-02-24 02:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-03-08 13:58 - 2016-02-24 02:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-03-08 13:58 - 2016-02-24 02:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-03-08 13:58 - 2016-02-24 02:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-03-08 13:58 - 2016-02-24 02:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-08 13:58 - 2016-02-24 02:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-03-08 13:58 - 2016-02-24 02:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-03-08 13:58 - 2016-02-24 02:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-03-08 13:58 - 2016-02-24 02:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-03-08 13:58 - 2016-02-24 02:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-03-08 13:58 - 2016-02-24 01:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-03-08 13:58 - 2016-02-24 01:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-03-08 13:58 - 2016-02-24 01:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-03-08 13:58 - 2016-02-24 01:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-03-08 13:58 - 2016-02-24 01:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-03-08 13:58 - 2016-02-24 01:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-03-08 13:58 - 2016-02-24 01:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-03-08 13:58 - 2016-02-24 01:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-03-08 13:58 - 2016-02-24 01:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-03-08 13:58 - 2016-02-24 01:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-03-08 13:58 - 2016-02-24 01:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-08 13:58 - 2016-02-24 01:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-03-08 13:58 - 2016-02-24 01:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-03-08 13:58 - 2016-02-24 01:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-03-08 13:58 - 2016-02-24 01:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-08 13:58 - 2016-02-24 01:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-08 13:58 - 2016-02-24 01:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-03-08 13:58 - 2016-02-24 01:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-03-08 13:58 - 2016-02-24 01:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-03-08 13:58 - 2016-02-24 01:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-03-08 13:58 - 2016-02-24 01:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-03-08 13:58 - 2016-02-24 01:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-03-08 13:58 - 2016-02-24 01:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-03-08 13:58 - 2016-02-24 01:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-03-08 13:58 - 2016-02-24 01:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-03-08 13:58 - 2016-02-24 01:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-03-08 13:58 - 2016-02-24 01:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-03-08 13:58 - 2016-02-24 01:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-03-08 13:58 - 2016-02-24 01:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-08 13:58 - 2016-02-24 01:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-08 13:58 - 2016-02-24 01:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-03-08 13:58 - 2016-02-24 01:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-03-08 13:58 - 2016-02-24 01:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-03-08 13:58 - 2016-02-24 01:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-03-08 13:58 - 2016-02-24 01:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-03-08 13:58 - 2016-02-24 01:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-08 13:58 - 2016-02-24 01:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-03-08 13:58 - 2016-02-24 01:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-03-08 13:58 - 2016-02-24 01:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-03-08 13:58 - 2016-02-24 01:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-03-08 13:58 - 2016-02-24 01:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-03-08 13:58 - 2016-02-24 01:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-03-08 13:58 - 2016-02-24 01:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-03-08 13:58 - 2016-02-24 01:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-03-08 13:58 - 2016-02-24 01:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-03-08 13:58 - 2016-02-24 01:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-03-08 13:58 - 2016-02-24 01:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-08 13:58 - 2016-02-24 01:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-03-08 13:58 - 2016-02-24 01:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-03-08 13:58 - 2016-02-24 01:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-03-08 13:58 - 2016-02-24 01:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-03-08 13:58 - 2016-02-24 01:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-03-08 13:58 - 2016-02-24 01:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-03-08 13:58 - 2016-02-24 01:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-03-08 13:58 - 2016-02-24 01:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-03-08 13:58 - 2016-02-24 01:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-03-08 13:58 - 2016-02-24 01:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-03-08 13:58 - 2016-02-24 01:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-03-08 13:58 - 2016-02-24 01:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-08 13:58 - 2016-02-24 01:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-08 13:58 - 2016-02-24 01:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-03-08 13:58 - 2016-02-24 01:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-03-08 13:58 - 2016-02-24 01:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-08 13:58 - 2016-02-24 01:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-03-08 13:58 - 2016-02-24 01:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-03-08 13:58 - 2016-02-24 01:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-08 13:58 - 2016-02-24 01:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-03-08 13:58 - 2016-02-24 00:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-03-08 13:58 - 2016-02-24 00:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-03-08 13:58 - 2016-02-24 00:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-03-08 13:58 - 2016-02-24 00:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-08 13:58 - 2016-02-24 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-03-08 13:58 - 2016-02-24 00:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-03-08 13:58 - 2016-02-24 00:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-08 13:58 - 2016-02-24 00:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-08 13:58 - 2016-02-24 00:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-08 13:58 - 2016-02-24 00:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-08 13:58 - 2016-02-24 00:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-03-08 13:58 - 2016-02-24 00:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-08 13:58 - 2016-02-24 00:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-08 13:58 - 2016-02-23 23:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-03-08 13:58 - 2016-02-23 23:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-03-07 14:52 - 2016-03-07 22:21 - 00000000 ____D C:\Users\Mark Gisi\Documents\BEGGAR DEMOS 2016-03-07 14:30 - 2016-03-10 17:27 - 00000000 ____D C:\WINDOWS\Minidump 2016-03-04 23:27 - 2016-03-07 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-04 23:27 - 2016-03-07 15:01 - 00000000 ____D C:\Program Files\CCleaner 2016-03-04 23:27 - 2016-03-04 23:27 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-03-01 22:12 - 2016-02-23 06:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-01 22:12 - 2016-02-23 05:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-03-01 22:12 - 2016-02-23 05:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-03-01 22:12 - 2016-02-23 05:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-03-01 22:12 - 2016-02-23 05:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-03-01 22:12 - 2016-02-23 04:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-03-01 22:12 - 2016-02-23 04:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-01 22:12 - 2016-02-23 04:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-03-01 22:12 - 2016-02-23 04:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-03-01 22:12 - 2016-02-23 03:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-03-01 22:12 - 2016-02-23 02:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-03-01 22:12 - 2016-02-23 02:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-03-01 22:12 - 2016-02-23 01:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-03-01 22:12 - 2016-02-23 01:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-03-01 22:12 - 2016-02-23 01:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-03-01 22:12 - 2016-02-23 01:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-03-01 22:12 - 2016-02-23 01:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-03-01 22:12 - 2016-02-23 01:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-03-01 22:12 - 2016-02-23 01:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-03-01 22:12 - 2016-02-23 01:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-03-01 22:12 - 2016-02-08 22:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-03-01 22:12 - 2016-02-08 22:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-03-01 22:11 - 2016-02-23 06:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-03-01 22:11 - 2016-02-23 06:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-03-01 22:11 - 2016-02-23 06:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-03-01 22:11 - 2016-02-23 06:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-03-01 22:11 - 2016-02-23 06:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-03-01 22:11 - 2016-02-23 06:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-03-01 22:11 - 2016-02-23 06:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-03-01 22:11 - 2016-02-23 06:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-03-01 22:11 - 2016-02-23 06:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-03-01 22:11 - 2016-02-23 05:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-03-01 22:11 - 2016-02-23 05:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-03-01 22:11 - 2016-02-23 05:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-03-01 22:11 - 2016-02-23 05:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-03-01 22:11 - 2016-02-23 05:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-03-01 22:11 - 2016-02-23 05:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-03-01 22:11 - 2016-02-23 05:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-03-01 22:11 - 2016-02-23 05:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-03-01 22:11 - 2016-02-23 05:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-03-01 22:11 - 2016-02-23 05:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-03-01 22:11 - 2016-02-23 05:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-03-01 22:11 - 2016-02-23 05:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-03-01 22:11 - 2016-02-23 05:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-03-01 22:11 - 2016-02-23 05:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-03-01 22:11 - 2016-02-23 05:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-03-01 22:11 - 2016-02-23 04:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-03-01 22:11 - 2016-02-23 04:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-03-01 22:11 - 2016-02-23 04:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-03-01 22:11 - 2016-02-23 04:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-03-01 22:11 - 2016-02-23 04:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-03-01 22:11 - 2016-02-23 04:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-03-01 22:11 - 2016-02-23 04:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-03-01 22:11 - 2016-02-23 04:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-03-01 22:11 - 2016-02-23 04:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-03-01 22:11 - 2016-02-23 04:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-03-01 22:11 - 2016-02-23 04:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-03-01 22:11 - 2016-02-23 04:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-03-01 22:11 - 2016-02-23 04:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-03-01 22:11 - 2016-02-23 04:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-03-01 22:11 - 2016-02-23 04:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-03-01 22:11 - 2016-02-23 04:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-03-01 22:11 - 2016-02-23 04:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-03-01 22:11 - 2016-02-23 04:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-03-01 22:11 - 2016-02-23 04:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-03-01 22:11 - 2016-02-23 04:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-03-01 22:11 - 2016-02-23 04:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-03-01 22:11 - 2016-02-23 04:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-03-01 22:11 - 2016-02-23 04:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-03-01 22:11 - 2016-02-23 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-03-01 22:11 - 2016-02-23 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-03-01 22:11 - 2016-02-23 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-03-01 22:11 - 2016-02-23 03:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-03-01 22:11 - 2016-02-23 03:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-03-01 22:11 - 2016-02-23 03:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-03-01 22:11 - 2016-02-23 03:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-03-01 22:11 - 2016-02-23 03:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-03-01 22:11 - 2016-02-23 03:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-03-01 22:11 - 2016-02-23 03:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-03-01 22:11 - 2016-02-23 03:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-03-01 22:11 - 2016-02-23 03:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-03-01 22:11 - 2016-02-23 03:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-03-01 22:11 - 2016-02-23 03:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-03-01 22:11 - 2016-02-23 03:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-03-01 22:11 - 2016-02-23 03:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-03-01 22:11 - 2016-02-23 03:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-03-01 22:11 - 2016-02-23 03:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-03-01 22:11 - 2016-02-23 03:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-03-01 22:11 - 2016-02-23 03:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-03-01 22:11 - 2016-02-23 03:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-03-01 22:11 - 2016-02-23 03:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-03-01 22:11 - 2016-02-23 03:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-03-01 22:11 - 2016-02-23 03:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-03-01 22:11 - 2016-02-23 03:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-03-01 22:11 - 2016-02-23 03:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-03-01 22:11 - 2016-02-23 03:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-03-01 22:11 - 2016-02-23 03:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-03-01 22:11 - 2016-02-23 03:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-03-01 22:11 - 2016-02-23 03:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-03-01 22:11 - 2016-02-23 03:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-03-01 22:11 - 2016-02-23 03:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-03-01 22:11 - 2016-02-23 03:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-03-01 22:11 - 2016-02-23 03:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-03-01 22:11 - 2016-02-23 03:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-03-01 22:11 - 2016-02-23 03:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 22:11 - 2016-02-23 03:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-03-01 22:11 - 2016-02-23 03:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-03-01 22:11 - 2016-02-23 03:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-03-01 22:11 - 2016-02-23 03:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-03-01 22:11 - 2016-02-23 03:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-03-01 22:11 - 2016-02-23 03:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-03-01 22:11 - 2016-02-23 03:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-03-01 22:11 - 2016-02-23 03:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-03-01 22:11 - 2016-02-23 03:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-03-01 22:11 - 2016-02-23 03:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-03-01 22:11 - 2016-02-23 03:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-03-01 22:11 - 2016-02-23 03:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-03-01 22:11 - 2016-02-23 03:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-03-01 22:11 - 2016-02-23 03:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-03-01 22:11 - 2016-02-23 03:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-03-01 22:11 - 2016-02-23 03:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-03-01 22:11 - 2016-02-23 03:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-03-01 22:11 - 2016-02-23 03:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-03-01 22:11 - 2016-02-23 03:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-03-01 22:11 - 2016-02-23 03:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-03-01 22:11 - 2016-02-23 03:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-03-01 22:11 - 2016-02-23 03:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-03-01 22:11 - 2016-02-23 02:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-03-01 22:11 - 2016-02-23 02:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-03-01 22:11 - 2016-02-23 02:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-03-01 22:11 - 2016-02-23 02:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-03-01 22:11 - 2016-02-23 02:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-03-01 22:11 - 2016-02-23 02:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-03-01 22:11 - 2016-02-23 02:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-03-01 22:11 - 2016-02-23 02:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-03-01 22:11 - 2016-02-23 02:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-03-01 22:11 - 2016-02-23 02:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-03-01 22:11 - 2016-02-23 02:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-03-01 22:11 - 2016-02-23 02:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-03-01 22:11 - 2016-02-23 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-03-01 22:11 - 2016-02-23 02:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-03-01 22:11 - 2016-02-23 02:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-03-01 22:11 - 2016-02-23 02:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 22:11 - 2016-02-23 02:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-03-01 22:11 - 2016-02-23 02:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-03-01 22:11 - 2016-02-23 02:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-03-01 22:11 - 2016-02-23 02:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-01 22:11 - 2016-02-23 02:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-03-01 22:11 - 2016-02-23 02:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-03-01 22:11 - 2016-02-23 02:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-03-01 22:11 - 2016-02-23 02:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-03-01 22:11 - 2016-02-23 02:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-03-01 22:11 - 2016-02-23 02:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-03-01 22:11 - 2016-02-23 02:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-03-01 22:11 - 2016-02-23 02:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-03-01 22:11 - 2016-02-23 02:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-01 22:11 - 2016-02-23 02:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-03-01 22:11 - 2016-02-23 02:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-03-01 22:11 - 2016-02-23 02:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-03-01 22:11 - 2016-02-23 02:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-03-01 22:11 - 2016-02-23 02:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-03-01 22:11 - 2016-02-23 01:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-03-01 22:11 - 2016-02-23 01:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-03-01 22:11 - 2016-02-23 01:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-03-01 22:11 - 2016-02-23 01:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-03-01 22:11 - 2016-02-23 01:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-03-01 22:11 - 2016-02-23 01:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-03-01 22:11 - 2016-02-23 01:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-03-01 22:11 - 2016-02-23 01:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-03-01 22:11 - 2016-02-23 01:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-03-01 22:11 - 2016-02-23 01:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-03-01 22:11 - 2016-02-23 01:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-03-01 22:11 - 2016-02-23 01:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-03-01 22:11 - 2016-02-08 23:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-03-01 22:11 - 2016-02-08 23:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-03-01 22:11 - 2016-02-08 22:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-03-01 22:11 - 2016-02-08 22:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-03-01 22:11 - 2016-02-08 22:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-03-01 22:11 - 2016-02-08 22:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-03-01 10:44 - 2016-03-01 10:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-03-01 07:01 - 2016-03-01 07:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-03-01 07:01 - 2016-03-01 07:01 - 00000000 ____D C:\Program Files (x86)\QuickTime 2016-02-29 23:25 - 2016-02-29 23:24 - 00450113 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160229-222504.backup 2016-02-29 23:24 - 2015-02-09 10:23 - 00000035 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160229-222437.backup 2016-02-29 22:52 - 2016-02-29 22:52 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-02-29 13:58 - 2016-01-29 01:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-29 13:58 - 2016-01-29 01:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-29 13:58 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-29 13:58 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-29 13:58 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-29 13:58 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-29 13:58 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-29 13:58 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-29 13:58 - 2016-01-27 00:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-29 13:58 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-29 13:58 - 2016-01-27 00:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-29 13:58 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-29 13:58 - 2016-01-27 00:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-29 13:58 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-29 13:58 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-29 13:58 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-29 13:58 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-29 13:58 - 2016-01-27 00:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-29 13:58 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
  10. Its much better. I've been using both Chrome and Safezone browsers with no problems. Speed is quick. One problem is on startup I get a screen that asks if I want to reinstall Spybot. I don't,and won't reinstall. I will probably got to Malwarebytes pay version. How do I get the Spybot screen to go away? Spybot is no longer listed in my program roster.
  11. Right now its quick. I have not reintsalled Spybot,wondering if that is a problem. I have Windows 10,not sure you knew. Would consider Malwarebytes instead of Spybot if that would help me keep the speed I have now.
  12. Here is the scan. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 3/28/2016 Scan Time: 2:05 PM Logfile: Malwarebytes scan log.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.03.28.07 Rootkit Database: v2016.03.12.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Mark Gisi Scan Type: Threat Scan Result: Completed Objects Scanned: 427603 Time Elapsed: 15 min, 16 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  13. Found my license for Spybot. Uninstalled Spybot and ran scan. Here is the log. Computer is quick as new,but for how long? That seems to be the pattern. Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by Mark Gisi (2016-03-28 12:58:36) Run:2 Running from C:\Users\Mark Gisi\Desktop Loaded Profiles: Mark Gisi (Available Profiles: Mark Gisi & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: C:\Users\Mark Gisi\Downloads\AdvancedFileFixer_Setup_for_ASHBAK.exe C:\Users\Mark Gisi\Downloads\ccsetup501.exe C:\Users\Mark Gisi\Downloads\ccsetup515.exe C:\Users\Mark Gisi\Downloads\ccsetup516 (1).exe C:\Users\Mark Gisi\Downloads\ccsetup516.exe C:\Users\Mark Gisi\Downloads\ImproveSpeedPC (1).exe C:\Users\Mark Gisi\Downloads\ImproveSpeedPC.exe EmptyTemp: End ***************** Restore point was successfully created. Processes closed successfully. C:\Users\Mark Gisi\Downloads\AdvancedFileFixer_Setup_for_ASHBAK.exe => moved successfully C:\Users\Mark Gisi\Downloads\ccsetup501.exe => moved successfully C:\Users\Mark Gisi\Downloads\ccsetup515.exe => moved successfully C:\Users\Mark Gisi\Downloads\ccsetup516 (1).exe => moved successfully C:\Users\Mark Gisi\Downloads\ccsetup516.exe => moved successfully C:\Users\Mark Gisi\Downloads\ImproveSpeedPC (1).exe => moved successfully C:\Users\Mark Gisi\Downloads\ImproveSpeedPC.exe => moved successfully EmptyTemp: => 128.9 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 12:58:44 ====
  14. I'm not sure if Spybot is the pay version. I think it is ,but I can't find the email with the license. I forgot to uninstall Spybot before scanning. If you want me to uninstall Spybot and scan again ,I will. I'm not tied to using Spybot if you have a suggestion of something better,free,or pay version. I'm concerned with the errors you see with Spybot. Didn't see this when I pressed the back button. Place a checkmark next to and click .Checked uninstall components and hit finish. Here are the two logs. Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by Mark Gisi (2016-03-27 21:37:32) Run:1 Running from C:\Users\Mark Gisi\Desktop Loaded Profiles: Mark Gisi (Available Profiles: Mark Gisi & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: Task: {1AB3E49D-3B11-4D0C-8359-F624FFDBD3DB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {2A349058-B5AD-423C-AD67-0961E0B39951} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {2D44D0A3-2088-446F-A387-31324737E7ED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {2DF7319C-3CD8-401D-9A90-DF1AB9F9DACD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {2FEEAD3D-4275-47E3-85D0-1260A345E8B2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {356DFAB7-A2A2-4546-9B71-F97F995122D3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {3BA83518-5A52-4EBA-BB61-980E45F9E694} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {68300869-B09B-488A-9632-6BB1EF4D0A10} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {719311F7-0A9D-4744-B6AA-947CEADABE2A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {90168D5B-9F1C-42DB-8A2C-BABC0FCDCE15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {958B672A-858E-48EF-8DB7-44AF0344F2C2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C78242B8-2321-4D5F-801A-9DE6B25793C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134] GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION U3 idsvc; no ImagePath EmptyTemp: CMD: ipconfig /flushdns CMD: netsh winsock reset all CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset CMD: bitsadmin /reset /allusers End ***************** Restore point was successfully created. Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AB3E49D-3B11-4D0C-8359-F624FFDBD3DB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AB3E49D-3B11-4D0C-8359-F624FFDBD3DB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A349058-B5AD-423C-AD67-0961E0B39951}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A349058-B5AD-423C-AD67-0961E0B39951}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D44D0A3-2088-446F-A387-31324737E7ED}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D44D0A3-2088-446F-A387-31324737E7ED}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DF7319C-3CD8-401D-9A90-DF1AB9F9DACD}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF7319C-3CD8-401D-9A90-DF1AB9F9DACD}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FEEAD3D-4275-47E3-85D0-1260A345E8B2}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FEEAD3D-4275-47E3-85D0-1260A345E8B2}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{356DFAB7-A2A2-4546-9B71-F97F995122D3}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356DFAB7-A2A2-4546-9B71-F97F995122D3}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BA83518-5A52-4EBA-BB61-980E45F9E694}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BA83518-5A52-4EBA-BB61-980E45F9E694}" => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68300869-B09B-488A-9632-6BB1EF4D0A10}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68300869-B09B-488A-9632-6BB1EF4D0A10}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{719311F7-0A9D-4744-B6AA-947CEADABE2A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{719311F7-0A9D-4744-B6AA-947CEADABE2A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90168D5B-9F1C-42DB-8A2C-BABC0FCDCE15}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90168D5B-9F1C-42DB-8A2C-BABC0FCDCE15}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{958B672A-858E-48EF-8DB7-44AF0344F2C2}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958B672A-858E-48EF-8DB7-44AF0344F2C2}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C78242B8-2321-4D5F-801A-9DE6B25793C0}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C78242B8-2321-4D5F-801A-9DE6B25793C0}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully. C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully "HKLM\SOFTWARE\Policies\Google" => key removed successfully idsvc => service removed successfully ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= netsh winsock reset all ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Resetting Global, OK! Resetting Interface, OK! Resetting Unicast Address, OK! Resetting Neighbor, OK! Resetting Path, OK! Resetting , failed. Access is denied. Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Resetting Interface, OK! Resetting Neighbor, OK! Resetting Path, OK! Resetting , failed. Access is denied. Resetting , OK! Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.8.10586 ] BITS administration utility. © Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {06A86C21-26D0-48F8-A55C-57B2F4762314}. Unable to cancel {69482769-ED59-43BB-A967-8AB453A191C4}. Unable to cancel {231699CC-F6FE-4765-B579-12AB699E3BCA}. Unable to cancel {9DDA50A6-6CD3-4A7B-B60F-08C284B0FEF0}. Unable to cancel {FB6FD687-FF0E-48E5-9D55-51DBDACC4BEA}. Unable to cancel {A28BBA5B-ABA2-4428-902F-F673B6312D48}. Unable to cancel {8840574F-59F5-45DF-B38C-4FC2BD1D2442}. Unable to cancel {70656AB9-B448-42E1-87F5-770C950ECE31}. 0 out of 8 jobs canceled. ========= End of CMD: ========= EmptyTemp: => 1.2 GB temporary data Removed. The system needed a reboot. ==== End of Fixlog 21:39:44 ==== Next C:\Users\Mark Gisi\Downloads\AdvancedFileFixer_Setup_for_ASHBAK.exe a variant of Win32/AdvancedFileFixer.A potentially unwanted application C:\Users\Mark Gisi\Downloads\ccsetup501.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Mark Gisi\Downloads\ccsetup515.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Mark Gisi\Downloads\ccsetup516 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Mark Gisi\Downloads\ccsetup516.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Mark Gisi\Downloads\ImproveSpeedPC (1).exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application C:\Users\Mark Gisi\Downloads\ImproveSpeedPC.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application Hope this is what you are looking for.
  15. Mouse batteries are good. The mouse didn't respond slowly,I should have said the computer was very slow. Here are the scan results. Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by Mark Gisi (2016-03-27 09:49:55) Running from C:\Users\Mark Gisi\Downloads Windows 10 Pro Version 1511 (X64) (2016-02-29 15:31:58) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1182910247-164446080-3144522775-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1182910247-164446080-3144522775-503 - Limited - Disabled) Guest (S-1-5-21-1182910247-164446080-3144522775-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1182910247-164446080-3144522775-1002 - Limited - Enabled) Mark Gisi (S-1-5-21-1182910247-164446080-3144522775-1000 - Administrator - Enabled) => C:\Users\Mark Gisi ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Spybot - Search and Destroy (Enabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.108 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 19.3 - Intel) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) LibreOffice 4.3.7.2 (HKLM-x32\...\{8ED4A1FC-56CF-414C-A9AB-A37714AA9EA7}) (Version: 4.3.7.2 - The Document Foundation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) SafeZone Stable 1.48.2066.95 (x32 Version: 1.48.2066.95 - Avast Software) Hidden Seagate Dashboard (HKLM-x32\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1801.0 - Seagate) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.) SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1182910247-164446080-3144522775-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mark Gisi\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {064C341A-1DFB-4381-B759-0D2C3DCB7B98} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-29] (AVAST Software) Task: {1274B7AD-DF68-4C1D-8207-6D790ACA474B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {1AB3E49D-3B11-4D0C-8359-F624FFDBD3DB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {1AFA39E8-DC93-48E6-888F-216CF4F1685A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {22089CD5-20DA-4DC7-A274-9D0126F7B27E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {2A349058-B5AD-423C-AD67-0961E0B39951} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {2D44D0A3-2088-446F-A387-31324737E7ED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {2DF7319C-3CD8-401D-9A90-DF1AB9F9DACD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {2FEEAD3D-4275-47E3-85D0-1260A345E8B2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {356DFAB7-A2A2-4546-9B71-F97F995122D3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {3BA83518-5A52-4EBA-BB61-980E45F9E694} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {4502296B-85C6-433C-9BB1-8E2E4D635FA2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {4C01BE56-EE15-49B9-9095-7BA57FDB1C7F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {51EA4B9B-F894-43A8-8965-F117A0339C30} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5DA4DEFC-D070-491C-8F22-3ADB82DF3487} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {6220F016-D1FE-4C8B-B2F0-8870FDF6F107} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {67E0ABA5-73BE-48CA-B0DD-1B704298E41B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {68300869-B09B-488A-9632-6BB1EF4D0A10} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {68B0F593-6D84-403A-AFFE-0296E9C6EAB3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {6F149680-DB7F-43C4-B44E-712B59F10B39} - System32\Tasks\SafeZone scheduled Autoupdate 1458417590 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-08] (Avast Software) Task: {719311F7-0A9D-4744-B6AA-947CEADABE2A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {77C382EF-209A-413F-A1D5-A4AFE159F707} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.) Task: {785799EC-C4EC-4025-94F5-DAE6213AD991} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {7BD26D19-96DA-4CF1-AF28-BCB73B3E5CAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated) Task: {85114174-D44E-4C3C-A8BF-6E73B46AC063} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {86EDC23A-7DF2-4C5B-A0FF-3697D59BC654} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {8F1A9A05-B748-44F2-B8BF-73D0A136AF9B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-09-17] (Seagate Technology LLC) Task: {90168D5B-9F1C-42DB-8A2C-BABC0FCDCE15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {958B672A-858E-48EF-8DB7-44AF0344F2C2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {9DF4C82C-0DE2-4C71-8C99-BFADC8F6A6D9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.) Task: {A1B0732E-C0EE-46C7-A404-439DE7D969B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {AC9862A1-02B8-49B6-8BD7-BBE84F32FDAB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {B0ACA11B-AC12-46A4-A9E1-B417C85AF344} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {B6C99E21-E860-43F8-9062-3FC1A82A9A36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {BB40C76B-1FCB-43FD-BED8-093C03CDE815} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {BD0A72F9-4FAB-499A-8E48-B2F7C38AFF42} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {C53D7A98-2D84-41DD-A405-C54834ECADB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {C6576F86-CFB1-4FA2-9BF5-5467D0400D2A} - System32\Tasks\BackItUp_Launch => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe Task: {C78242B8-2321-4D5F-801A-9DE6B25793C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {D0886A3E-8039-4F22-B049-329590E7E167} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {D0C43DEF-27BB-4FDC-A9D7-BDEC16F6E97E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D0F5F122-70FC-496F-A088-6CF5D020C7DC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {DEE41358-4D5E-4AB8-8667-2DFFECB46483} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe [2016-03-19] (AVAST Software) Task: {E3454C7F-C03F-4CCB-893C-6E468AC6E47D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {E370FEAC-3F2B-4F25-BDE2-5DB6D34F80F7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {F196DAD7-893B-4B06-B688-178E77F87590} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {F582C01A-B5B4-412F-82A1-98701F4D9655} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {FDBA44FB-02AD-4805-98C6-DA76EC42A992} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-01 22:12 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-01 22:12 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-02-29 11:59 - 2016-02-29 11:59 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-01 22:11 - 2016-02-23 03:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-02-29 11:59 - 2016-02-29 11:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-02-29 11:59 - 2016-02-29 11:59 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-02-29 11:59 - 2016-02-29 11:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-02-29 11:59 - 2016-02-29 11:59 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-02-29 12:23 - 2016-02-29 12:24 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-03-04 10:40 - 2016-03-04 10:40 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-03-04 10:40 - 2016-03-04 10:40 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-03-04 10:40 - 2016-03-04 10:41 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-02-29 22:52 - 2016-02-29 22:52 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-02-29 22:52 - 2016-02-29 22:52 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-03-25 15:08 - 2016-03-25 15:08 - 02857472 _____ () C:\Program Files\AVAST Software\Avast\defs\16032501\algo.dll 2016-02-29 22:52 - 2016-02-29 22:52 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-03-27 09:09 - 2016-03-27 09:09 - 02846208 _____ () C:\Program Files\AVAST Software\Avast\defs\16032701\algo.dll 2016-02-29 11:51 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-02-29 11:51 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-03-10 23:02 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-02-29 11:51 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-01-05 17:22 - 2016-01-05 17:22 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-02-29 12:23 - 2016-02-29 12:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-02-29 12:23 - 2016-02-29 12:24 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-26 12:51 - 2016-03-08 06:15 - 62327288 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.dll 2016-03-26 12:51 - 2016-03-08 06:15 - 02074104 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\libglesv2.dll 2016-03-26 12:51 - 2016-03-08 06:15 - 00081400 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7870 more sites. IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\1-2005-search.com -> www.1-2005-search.com There are 12687 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2016-02-29 23:25 - 00450113 ____R C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15468 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1182910247-164446080-3144522775-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mark Gisi\Documents\St.-Louis-Cardinals-2014-Logo-Wallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart MSCONFIG\startupreg: GoogleChromeAutoLaunch_8369577A1CADAF50E77A33B9AA9A6D6A => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe" MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{EBB6DF7D-56CC-45A0-8926-44D27F88568D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{37E29958-9C2D-4728-A77F-EEF831EF38A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{64AAEAEF-42D0-47AA-829F-C0FB5E23AE37}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E36BDFDF-09A8-4120-A117-99F7683F57B9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{85D41797-5D6D-426C-8DC7-DDD7EFED066C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{FD8CEE37-17CE-4DBB-82EB-C20A594F304F}E:\sdi_r137.exe] => (Allow) E:\sdi_r137.exe FirewallRules: [uDP Query User{0B5C0B99-C9BC-456B-9816-D79EF4FD50B3}E:\sdi_r137.exe] => (Allow) E:\sdi_r137.exe FirewallRules: [{FB33FE09-A11D-46BA-9E68-A058D78DBE47}] => (Allow) LPort=8888 FirewallRules: [TCP Query User{E87F9EDE-17CB-4735-8AA2-B89AECD0D2DF}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [uDP Query User{17F747CD-08D5-4D50-A8AE-53BA82BD7915}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [TCP Query User{3D9AF247-13D8-4FEC-862A-D4347B5C22A1}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin FirewallRules: [uDP Query User{EDBD059D-C89D-4620-AFCB-E3AFD3D7B3F5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin FirewallRules: [{3AF10703-5A79-4E8A-8B20-6E7453390384}] => (Allow) LPort=8888 FirewallRules: [{F674BAE6-A51F-4B00-B394-1CBA380A92E8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{8E02E259-984F-4FCD-836B-C2C35EFE8675}] => (Allow) LPort=2869 FirewallRules: [{4CD93155-9B13-42C6-B279-6246C5619C29}] => (Allow) LPort=1900 FirewallRules: [{CA24A80D-4522-4E13-B3A1-D15F9EC8ACF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C5D7ED3C-2BB4-45C8-9B2A-6E283EFC1A85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 08-03-2016 20:14:01 JRT Pre-Junkware Removal 19-03-2016 11:34:06 Scheduled Checkpoint 23-03-2016 14:14:57 Windows Update 25-03-2016 10:48:30 Revo Uninstaller Pro's restore point - Google Chrome ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/26/2016 11:31:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MarkGisi-PC) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/26/2016 12:38:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123 Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab Exception code: 0x0eedfade Fault offset: 0x000bdad8 Faulting process id: 0xaae9c Faulting application start time: 0xSDOnAccess.exe0 Faulting application path: SDOnAccess.exe1 Faulting module path: SDOnAccess.exe2 Report Id: SDOnAccess.exe3 Faulting package full name: SDOnAccess.exe4 Faulting package-relative application ID: SDOnAccess.exe5 Error: (03/26/2016 09:44:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123 Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab Exception code: 0x0eedfade Fault offset: 0x000bdad8 Faulting process id: 0x97c1c Faulting application start time: 0xSDOnAccess.exe0 Faulting application path: SDOnAccess.exe1 Faulting module path: SDOnAccess.exe2 Report Id: SDOnAccess.exe3 Faulting package full name: SDOnAccess.exe4 Faulting package-relative application ID: SDOnAccess.exe5 Error: (03/26/2016 09:26:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123 Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab Exception code: 0x0eedfade Fault offset: 0x000bdad8 Faulting process id: 0x9586c Faulting application start time: 0xSDOnAccess.exe0 Faulting application path: SDOnAccess.exe1 Faulting module path: SDOnAccess.exe2 Report Id: SDOnAccess.exe3 Faulting package full name: SDOnAccess.exe4 Faulting package-relative application ID: SDOnAccess.exe5 Error: (03/26/2016 09:24:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123 Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab Exception code: 0x0eedfade Fault offset: 0x000bdad8 Faulting process id: 0x958f0 Faulting application start time: 0xSDOnAccess.exe0 Faulting application path: SDOnAccess.exe1 Faulting module path: SDOnAccess.exe2 Report Id: SDOnAccess.exe3 Faulting package full name: SDOnAccess.exe4 Faulting package-relative application ID: SDOnAccess.exe5 Error: (03/26/2016 09:24:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123 Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab Exception code: 0x0eedfade Fault offset: 0x000bdad8 Faulting process id: 0x87894 Faulting application start time: 0xSDOnAccess.exe0 Faulting application path: SDOnAccess.exe1 Faulting module path: SDOnAccess.exe2 Report Id: SDOnAccess.exe3 Faulting package full name: SDOnAccess.exe4 Faulting package-relative application ID: SDOnAccess.exe5 Error: (03/26/2016 09:23:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123 Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab Exception code: 0x0eedfade Fault offset: 0x000bdad8 Faulting process id: 0x872a0 Faulting application start time: 0xSDOnAccess.exe0 Faulting application path: SDOnAccess.exe1 Faulting module path: SDOnAccess.exe2 Report Id: SDOnAccess.exe3 Faulting package full name: SDOnAccess.exe4 Faulting package-relative application ID: SDOnAccess.exe5 Error: (03/25/2016 11:03:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 31312 Error: (03/25/2016 11:03:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 31312 Error: (03/25/2016 11:03:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (03/27/2016 09:09:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Software Protection service failed to start due to the following error: %%1053 Error: (03/27/2016 09:09:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect. Error: (03/27/2016 08:56:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error: %%1053 Error: (03/27/2016 08:56:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect. Error: (03/26/2016 11:31:30 PM) (Source: DCOM) (EventID: 10010) (User: MarkGisi-PC) Description: App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca Error: (03/26/2016 11:31:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_c5321 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/26/2016 01:47:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Software Protection service failed to start due to the following error: %%1053 Error: (03/26/2016 01:47:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect. Error: (03/26/2016 01:21:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Client License Service (ClipSVC) service failed to start due to the following error: %%1053 Error: (03/26/2016 01:21:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect. CodeIntegrity: =================================== Date: 2016-03-27 09:47:42.991 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-27 09:10:25.686 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-27 08:56:41.443 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2016-03-27 08:56:41.095 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2016-03-26 22:40:36.084 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-26 18:24:59.501 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-26 13:47:18.586 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-26 13:21:44.341 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2016-03-26 13:21:44.334 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2016-03-26 13:16:40.668 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i5-2400 CPU @ 3.10GHz Percentage of memory in use: 83% Total physical RAM: 3920.31 MB Available physical RAM: 642.18 MB Total Virtual: 7888.31 MB Available Virtual: 3617.3 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:225.47 GB) (Free:122.34 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E53711BC) Partition 1: (Not Active) - (Size=7 GB) - (Type=27) Partition 2: (Active) - (Size=225.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 Ran by Mark Gisi (administrator) on MARKGISI-PC (27-03-2016 09:48:11) Running from C:\Users\Mark Gisi\Downloads Loaded Profiles: Mark Gisi (Available Profiles: Mark Gisi & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\asww10mon.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser_crashreporter.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe (Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.95\SZBrowser.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-1182910247-164446080-3144522775-1000\...\RunOnce: [uninstall C:\Users\Mark Gisi\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mark Gisi\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-29] (AVAST Software) BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{11a25869-387f-47e7-8f83-c2841231188e}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-1182910247-164446080-3144522775-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-29] (AVAST Software) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-29] (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation) DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-19] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-19] Chrome: ======= CHR Profile: C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2015-06-23] CHR Extension: (Google Docs Offline) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Gmail) - C:\Users\Mark Gisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-29] (AVAST Software) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-29] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-19] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-29] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-29] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-29] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-29] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-29] (AVAST Software) R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider) R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider) R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-27 09:48 - 2016-03-27 09:48 - 00013772 _____ C:\Users\Mark Gisi\Downloads\FRST.txt 2016-03-27 09:47 - 2016-03-27 09:48 - 00000000 ____D C:\FRST 2016-03-27 09:46 - 2016-03-27 09:47 - 02374144 _____ (Farbar) C:\Users\Mark Gisi\Downloads\FRST64.exe 2016-03-27 09:46 - 2016-03-27 09:47 - 00001563 _____ C:\Users\Mark Gisi\Desktop\FRST64.exe - Shortcut.lnk 2016-03-27 09:46 - 2016-03-27 09:46 - 00001543 _____ C:\Users\Mark Gisi\Desktop\FRST.exe - Shortcut.lnk 2016-03-27 09:45 - 2016-03-27 09:45 - 01725440 _____ (Farbar) C:\Users\Mark Gisi\Downloads\FRST.exe 2016-03-25 20:54 - 2016-03-27 08:56 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} 2016-03-25 20:52 - 2016-03-25 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-25 20:52 - 2016-03-25 20:51 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-25 20:51 - 2016-03-25 20:51 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-25 20:47 - 2016-03-25 20:48 - 00734784 _____ (Oracle Corporation) C:\Users\Mark Gisi\Downloads\JavaSetup8u77.exe 2016-03-25 17:07 - 2016-03-25 17:08 - 00852798 _____ C:\Users\Mark Gisi\Downloads\SecurityCheck.exe 2016-03-25 11:53 - 2016-03-25 11:53 - 00000000 ____D C:\Users\Mark Gisi\Documents\BRIDGESTONE J 15 CB 3-26-16 2016-03-25 11:01 - 2016-03-25 11:02 - 00987728 _____ (Google Inc.) C:\Users\Mark Gisi\Downloads\ChromeSetup.exe 2016-03-25 10:47 - 2016-03-25 10:47
×