Windows10 Home Premium 64bit,SP1,INTEL CORE I5-2450m CPU@ 2.50gHZ,8.0gb Ram,Intel HD Graphics family,1 Terabyte HD. Samsung NP-RF511-A02DX. Sky fibre broadband. Windows firewall and Windows defender.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2016
Ran by home (30-08-2016 23:15:00)
Running from C:\Users\home\Downloads
Windows 10 Home Version 1511 (X64) (2016-06-07 17:28:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4278496641-1085337353-1888280812-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4278496641-1085337353-1888280812-503 - Limited - Disabled)
Guest (S-1-5-21-4278496641-1085337353-1888280812-501 - Limited - Disabled)
home (S-1-5-21-4278496641-1085337353-1888280812-1001 - Administrator - Enabled) => C:\Users\home
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4278496641-1085337353-1888280812-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\home\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {ED72856D-6FFA-4122-B78B-D745A9A1562C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-12 18:45 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 18:45 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-07 18:32 - 2016-06-07 18:32 - 00959168 _____ () C:\Users\home\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-12 18:45 - 2016-07-01 05:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 18:47 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 18:45 - 2016-07-01 04:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 18:45 - 2016-07-01 04:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 18:45 - 2016-07-01 04:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 18:45 - 2016-07-01 04:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-07 16:26 - 2016-06-07 16:26 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-08-16 01:12 - 2016-08-16 01:12 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 01:12 - 2016-08-16 01:12 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-16 01:12 - 2016-08-16 01:12 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-08-16 01:12 - 2016-08-16 01:12 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-30 23:42 - 2015-07-30 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4278496641-1085337353-1888280812-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4278496641-1085337353-1888280812-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4278496641-1085337353-1888280812-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: Intel(R) 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
Description: Intel(R) 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/23/2016 11:29:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OFIN5JO)
Description: Activation of application Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/23/2016 11:28:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OFIN5JO)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/20/2016 08:44:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-OFIN5JO)
Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{a3fd6d52-2999-4094-9530-cc2cea73105a} was terminated because it took too long to suspend.
Error: (08/17/2016 07:17:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdge.exe version 11.0.10586.545 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 8d0
Start Time: 01d1f8b35b535c3c
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Report Id: de84ae91-64a6-11e6-8d77-90a4dea5529a
Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
Error: (08/17/2016 07:17:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-OFIN5JO)
Description: App Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge did not launch within its allotted time.
Error: (08/17/2016 07:15:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-OFIN5JO)
Description: Package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{57f4a19f-9e40-4e68-99d5-ba936588a81d} was terminated because it took too long to suspend.
Error: (06/23/2016 12:34:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OFIN5JO)
Description: Activation of application Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/08/2016 05:58:19 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialised.
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (06/08/2016 05:58:19 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialised.
Context: Windows Application
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (06/08/2016 05:58:19 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialised.
Context: Windows Application, SystemIndex Catalogue
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
System errors:
=============
Error: (08/30/2016 01:52:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_61b10ac service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/29/2016 09:43:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_5cd34c7 service to connect.
Error: (08/29/2016 09:43:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_5cd34c7 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/29/2016 04:30:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_5a2be19 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/28/2016 07:21:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_55f8fed service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/27/2016 09:19:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_5454445 service to connect.
Error: (08/27/2016 09:19:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OFIN5JO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (08/27/2016 09:19:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_5454445 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/27/2016 03:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_53389ea service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/27/2016 03:42:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_4cc387b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2016-08-25 19:40:50.358
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.342
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.286
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.270
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.220
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.191
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-25 19:40:50.134
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 22%
Total physical RAM: 8103.19 MB
Available physical RAM: 6304.37 MB
Total Virtual: 9383.19 MB
Available Virtual: 7651.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:917.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 14A27CD3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455 MB) - (Type=27)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016
Ran by home (administrator) on DESKTOP-OFIN5JO (30-08-2016 23:13:52)
Running from C:\Users\home\Downloads
Loaded Profiles: home (Available Profiles: home)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242712 2016-06-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2016-06-07] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4278496641-1085337353-1888280812-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2c0bd2ab-4c1e-402b-8d5c-09e0c68729bd}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4278496641-1085337353-1888280812-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKU\S-1-5-21-4278496641-1085337353-1888280812-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4278496641-1085337353-1888280812-1001 -> hxxp://www.google.co.uk/
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [131288 2016-06-07] (ELAN Microelectronics Corp.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32328 2016-06-07] (ELAN Microelectronic Corp.)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2016-06-07] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [39936 2015-10-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-30 23:13 - 2016-08-30 23:14 - 00006512 _____ C:\Users\home\Downloads\FRST.txt
2016-08-30 23:13 - 2016-08-30 23:13 - 00000000 ____D C:\FRST
2016-08-30 23:06 - 2016-08-30 23:12 - 02397696 _____ (Farbar) C:\Users\home\Downloads\FRST64.exe
2016-08-30 19:17 - 2016-08-30 19:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-30 19:16 - 2016-08-30 19:16 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-30 19:16 - 2016-08-30 19:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-30 19:16 - 2016-08-30 19:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-30 19:16 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-30 19:16 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-30 19:16 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-30 19:12 - 2016-08-30 19:15 - 22851472 _____ (Malwarebytes ) C:\Users\home\Downloads\mbam-setup-FileHippo.19901-2.2.1.1043.exe
2016-08-19 23:49 - 2016-08-19 23:49 - 00000000 ___DL C:\Users\home\AppData\LocalLow\PlayReady
2016-08-19 01:40 - 2016-08-19 01:40 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-19 01:40 - 2016-08-19 01:40 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-19 01:40 - 2016-08-19 01:40 - 00000000 ____D C:\Program Files\CCleaner
2016-08-19 01:38 - 2016-08-19 01:40 - 08227032 _____ (Piriform Ltd) C:\Users\home\Downloads\ccsetup521.exe
2016-08-11 19:37 - 2016-08-11 19:37 - 00000000 ____D C:\Users\home\Desktop\Favourites
2016-08-10 19:13 - 2016-08-03 12:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 19:13 - 2016-08-03 12:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 19:13 - 2016-08-03 12:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 19:13 - 2016-08-03 11:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 19:13 - 2016-08-03 11:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 19:13 - 2016-08-03 11:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 19:13 - 2016-08-03 11:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 19:13 - 2016-08-03 11:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 19:13 - 2016-08-03 11:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 19:13 - 2016-08-03 11:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 19:13 - 2016-08-03 11:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 19:13 - 2016-08-03 11:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 19:13 - 2016-08-03 11:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 19:13 - 2016-08-03 11:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 19:13 - 2016-08-03 11:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 19:13 - 2016-08-03 11:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 19:13 - 2016-08-03 11:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 19:13 - 2016-08-03 11:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 19:13 - 2016-08-03 11:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 19:13 - 2016-08-03 11:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 19:13 - 2016-08-03 11:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 19:13 - 2016-08-03 11:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 19:13 - 2016-08-03 11:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 19:13 - 2016-08-03 11:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 19:13 - 2016-08-03 11:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 19:13 - 2016-08-03 11:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 19:13 - 2016-08-03 10:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 19:13 - 2016-08-03 10:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 19:13 - 2016-08-03 10:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 19:13 - 2016-08-03 10:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 19:13 - 2016-08-03 10:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 19:13 - 2016-08-03 10:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 19:13 - 2016-08-03 10:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 19:13 - 2016-08-03 10:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-10 19:13 - 2016-08-03 10:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-10 19:13 - 2016-08-03 10:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 19:13 - 2016-08-03 10:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 19:13 - 2016-08-03 10:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-10 19:13 - 2016-08-03 10:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 19:13 - 2016-08-03 10:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 19:13 - 2016-08-03 10:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 19:13 - 2016-08-03 10:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 19:13 - 2016-08-03 10:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 19:13 - 2016-08-03 10:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 19:13 - 2016-08-03 10:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 19:13 - 2016-08-03 10:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 19:13 - 2016-08-03 10:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 19:13 - 2016-08-03 10:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 19:13 - 2016-08-03 10:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 19:13 - 2016-08-03 10:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 19:13 - 2016-08-03 10:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 19:13 - 2016-08-03 10:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 19:13 - 2016-08-03 10:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 19:13 - 2016-08-03 10:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 19:13 - 2016-08-03 10:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 19:13 - 2016-08-03 10:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 19:13 - 2016-08-03 10:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 19:13 - 2016-08-03 10:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 19:13 - 2016-08-03 10:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 19:13 - 2016-08-03 10:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 19:13 - 2016-08-03 10:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 19:13 - 2016-08-03 10:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 19:13 - 2016-08-03 10:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 19:13 - 2016-08-03 10:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 19:13 - 2016-08-03 10:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 19:13 - 2016-08-03 10:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-10 19:13 - 2016-08-03 10:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 19:13 - 2016-08-03 10:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-10 19:13 - 2016-08-03 10:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 19:13 - 2016-08-03 10:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 19:13 - 2016-08-03 10:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 19:13 - 2016-08-03 10:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 19:13 - 2016-08-03 10:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 19:13 - 2016-08-03 10:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 19:13 - 2016-08-03 10:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 19:13 - 2016-08-03 10:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 19:13 - 2016-08-03 10:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 19:13 - 2016-08-03 10:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 19:13 - 2016-08-03 10:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 19:13 - 2016-08-03 10:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 19:13 - 2016-08-03 10:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 19:13 - 2016-08-03 10:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 19:13 - 2016-08-03 10:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 19:13 - 2016-08-03 10:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 19:13 - 2016-08-03 10:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 19:13 - 2016-08-03 10:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 19:13 - 2016-08-03 10:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 19:13 - 2016-08-03 10:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 19:13 - 2016-08-03 10:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 19:13 - 2016-08-03 10:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 19:13 - 2016-08-03 10:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 19:13 - 2016-08-03 06:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 19:13 - 2016-08-03 06:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 19:13 - 2016-08-03 06:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 19:13 - 2016-08-03 06:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 19:13 - 2016-08-03 06:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 19:13 - 2016-08-03 06:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 19:13 - 2016-08-03 06:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 19:13 - 2016-08-03 06:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 19:13 - 2016-08-03 06:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 19:13 - 2016-08-03 06:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 19:13 - 2016-08-03 05:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 19:13 - 2016-08-03 05:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 19:13 - 2016-08-03 05:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 19:13 - 2016-08-03 05:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 19:13 - 2016-08-03 05:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 19:13 - 2016-08-03 05:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 19:13 - 2016-08-03 05:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 19:13 - 2016-08-03 05:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 19:13 - 2016-08-03 05:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 19:13 - 2016-08-03 05:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 19:13 - 2016-08-03 05:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 19:13 - 2016-08-03 05:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 19:13 - 2016-08-03 05:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 19:13 - 2016-08-03 05:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 19:13 - 2016-08-03 05:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 19:13 - 2016-08-03 05:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 19:13 - 2016-08-03 05:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 19:13 - 2016-08-03 05:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 19:13 - 2016-08-03 05:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 19:13 - 2016-08-03 05:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 19:13 - 2016-08-03 05:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 19:13 - 2016-08-03 05:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 19:13 - 2016-08-03 05:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 19:13 - 2016-08-03 05:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 19:13 - 2016-08-03 05:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 19:13 - 2016-08-03 05:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 19:13 - 2016-08-03 05:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 19:13 - 2016-08-03 05:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 19:13 - 2016-08-03 05:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 19:13 - 2016-08-03 05:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 19:13 - 2016-08-03 05:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 19:13 - 2016-08-03 05:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 19:13 - 2016-08-03 05:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-30 19:22 - 2016-06-07 16:31 - 00003862 _____ C:\Users\home\Desktop\SPECS.txt
2016-08-29 18:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-28 14:26 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-17 22:18 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 22:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 19:53 - 2016-06-07 16:22 - 00834360 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-11 18:34 - 2016-04-27 06:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 18:33 - 2016-04-27 06:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-11 01:45 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-11 01:44 - 2016-04-27 06:22 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-11 01:44 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 01:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-08-11 01:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-11 01:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 22:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 22:37 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 22:36 - 2016-06-07 16:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 22:35 - 2016-06-07 16:41 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-06 14:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2016-06-07 18:17 - 2016-06-07 18:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-23 22:27
==================== End of FRST.txt ============================
The problem is that web pages that have ads take ages to pop up and im unable to do anything till all the ads have popped up and then while scrolling there's a hesitant delay. Can anyone help me with this :( Thanks :)