• Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

  • Due to the complexity and risks involved our formally trained malware staff will be the only ones allowed to help with malware removal advice. Thank you.

Computer in SnailMode........

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Hello to my friends at freepchelp!
Just today I've noticed that my computer is running super slow and not sure what could have caused this, unless some nasty virus or malware of course..
I was wondering if you guys could help me with a quick scan of my machine.. Please let me know! Thanks...
S
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Skyclad,

No problem, just run FRST and we'll take a look for you.

Note:
There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

If you are unsure what you're system bit type is..... click Here for help.

For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Double-click the downloaded icon to run the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    YO62v3X.png
  • It will make a log (FRST.txt) in the same directory the tool is run.
  • Please copy and paste it to your reply.
  • It also makes another log (Addition.txt)..... Please copy and paste it to your reply also.
 

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Hi Starbuck....
Thanks for your assistance once again....! Please find the files you requested attached below..
I did want to mention one other thing I noticed yesterday when things were running slow.. When clicking on the icon that displays my WiFi connections at the bottom right of the screen, the one I was running at the time stated "poor" with regard to signal strength.. Today, the speed is a bit better (not optimal) and it reads as "fair".. I know this is a different issue, but if nothing is found in the scans, that might be one of the problems I'm having.. One step at a time I guess....:) Thanks again for your help...!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05.2019
Ran by Mike (administrator) on HOME (Gigabyte Technology Co., Ltd. GA-MA78GM-US2H) (06-05-2019 16:45:24)
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike (Available Profiles: Mike & HP_OWNER)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AOL Inc. -> AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1387389289\ee\aolsoftware.exe
(CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1387389289\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-08] (Luis Cobian, CobianSoft) [File not signed]
HKU\S-1-5-21-4197961188-714576266-808560349-1000\...\Run: [Google Update] => C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-03-28] (Google Inc -> Google LLC)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Cartridge Alerts - HP OfficeJet 3830 series.lnk [2019-05-05]
ShortcutAndArgument: Monitor Cartridge Alerts - HP OfficeJet 3830 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP OfficeJet 3830 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN85H5Q23706VZ;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A0926D-3B93-4542-A293-9D93B3E1751C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000UA => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {166C76E8-C829-4F8D-966A-99994EE32692} - System32\Tasks\HPCustParticipation HP OfficeJet 3830 series => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Task: {2790EBF7-9F22-4842-BCF2-591079FAAB66} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000UA1d1e91a93f23e27 => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {69E64D03-491A-4C52-913B-4056ABB85554} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {97D0ACD3-7B8B-4AA9-B335-660342A4CCF2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core1d1e91a936c6a61 => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {A6F662DE-561D-4DA5-8C9B-AF7EDE21550A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {B0BAD826-55FF-4D0D-BA85-3A7C89BCE42B} - System32\Tasks\{623394EB-E332-4EE6-87FC-185678DA9EE3} => C:\Windows\system32\pcalua.exe -a "C:\ProgramData\AOL Downloads\SUD4624\waol-0.4346.19.1.exe" -d C:\Users\Mike\Desktop
Task: {C25D5070-BB51-4587-B189-2AE097F66BE4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271864 2017-05-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EDA78726-09C7-48C1-AFD2-DAA7F3DFA638} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000UA.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{1E0DDCFC-1E76-4B24-A563-377693E78DF2}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{30240170-2754-43C0-8F1E-C67D1234ECC7}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{BFFEA40B-4E9A-4941-BD74-162078A16799}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKU\S-1-5-21-4197961188-714576266-808560349-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.kadaza.com/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-4197961188-714576266-808560349-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)

FireFox:
========
FF DefaultProfile: fcovtdlu.default-1503001169035
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\fcovtdlu.default-1503001169035 [2019-05-05]
FF Homepage: Mozilla\Firefox\Profiles\fcovtdlu.default-1503001169035 -> hxxp://www.kadaza.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] (Adobe Systems Incorporated -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-02-26] (Google) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4197961188-714576266-808560349-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-4197961188-714576266-808560349-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2019-05-06]
CHR Extension: (Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-25]
CHR Extension: (Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-20]
CHR Extension: (Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-25]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.AULL7JPKOAZNRFMN4VMN37U7VU - C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203776 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-08] (CobianSoft, Luis Cobian) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-01-17] (Vishal Gupta -> Puran Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 atikmdag; C:\Windows\system32\drivers\atikmdag.sys [9319936 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE1200w764.sys [1254464 2011-03-29] (Broadcom Corporation -> Broadcom Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-05] (Malwarebytes Corporation -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 16:45 - 2019-05-06 16:47 - 000018537 _____ C:\Users\Mike\Desktop\FRST.txt
2019-05-06 16:37 - 2019-05-06 16:37 - 002430464 _____ (Farbar) C:\Users\Mike\Desktop\FRST64 (1).exe
2019-05-06 16:16 - 2019-05-06 16:16 - 002430464 _____ (Farbar) C:\Users\Mike\Desktop\Unconfirmed 269915.crdownload
2019-05-05 14:49 - 2019-05-05 14:49 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-19 05:59 - 2019-04-19 05:59 - 003773937 _____ C:\Users\Mike\Read the Mueller Report_ Searchable Document and Index - The New York Times.html
2019-04-19 05:59 - 2019-04-19 05:59 - 000000000 ____D C:\Users\Mike\Read the Mueller Report_ Searchable Document and Index - The New York Times_files
2019-04-10 06:19 - 2019-04-01 20:57 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-10 06:19 - 2019-03-28 20:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 06:19 - 2019-03-27 22:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-04-10 06:19 - 2019-03-27 20:55 - 000397120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-10 06:19 - 2019-03-26 19:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 06:19 - 2019-03-26 01:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 06:19 - 2019-03-26 01:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-10 06:19 - 2019-03-26 01:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-10 06:19 - 2019-03-26 00:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 06:19 - 2019-03-26 00:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-10 06:19 - 2019-03-26 00:51 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-10 06:19 - 2019-03-26 00:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 06:19 - 2019-03-26 00:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-10 06:19 - 2019-03-26 00:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-10 06:19 - 2019-03-26 00:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-10 06:19 - 2019-03-26 00:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-10 06:19 - 2019-03-26 00:41 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-10 06:19 - 2019-03-26 00:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 06:19 - 2019-03-26 00:40 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 06:19 - 2019-03-26 00:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 06:19 - 2019-03-26 00:40 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-10 06:19 - 2019-03-26 00:40 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-10 06:19 - 2019-03-26 00:35 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-10 06:19 - 2019-03-26 00:31 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-10 06:19 - 2019-03-26 00:26 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-10 06:19 - 2019-03-26 00:26 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-10 06:19 - 2019-03-26 00:25 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-10 06:19 - 2019-03-26 00:22 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-10 06:19 - 2019-03-26 00:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-10 06:19 - 2019-03-26 00:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-10 06:19 - 2019-03-26 00:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-10 06:19 - 2019-03-26 00:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 06:19 - 2019-03-26 00:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-10 06:19 - 2019-03-26 00:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-10 06:19 - 2019-03-26 00:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-10 06:19 - 2019-03-26 00:07 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-10 06:19 - 2019-03-26 00:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-10 06:19 - 2019-03-26 00:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 06:19 - 2019-03-26 00:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-04-10 06:19 - 2019-03-26 00:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-10 06:19 - 2019-03-25 23:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 06:19 - 2019-03-25 23:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-04-10 06:19 - 2019-03-25 23:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-04-10 06:19 - 2019-03-25 23:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-10 06:19 - 2019-03-25 23:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-10 06:19 - 2019-03-25 23:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 06:19 - 2019-03-25 23:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-10 06:19 - 2019-03-25 23:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-04-10 06:19 - 2019-03-25 23:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-04-10 06:19 - 2019-03-25 23:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-04-10 06:19 - 2019-03-25 23:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 06:19 - 2019-03-25 23:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 06:19 - 2019-03-25 23:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-04-10 06:19 - 2019-03-25 23:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 06:19 - 2019-03-25 23:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-04-10 06:19 - 2019-03-25 23:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-04-10 06:19 - 2019-03-25 23:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-10 06:19 - 2019-03-25 23:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-04-10 06:19 - 2019-03-25 23:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-04-10 06:19 - 2019-03-25 23:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 06:19 - 2019-03-25 23:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-04-10 06:19 - 2019-03-25 23:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-04-10 06:19 - 2019-03-25 23:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-04-10 06:19 - 2019-03-25 23:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 06:19 - 2019-03-25 23:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-04-10 06:19 - 2019-03-25 23:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-04-10 06:19 - 2019-03-25 23:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-04-10 06:19 - 2019-03-25 23:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-10 06:19 - 2019-03-25 23:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-04-10 06:19 - 2019-03-25 23:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-04-10 06:19 - 2019-03-25 23:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 06:19 - 2019-03-20 21:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 06:19 - 2019-03-20 21:13 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 06:19 - 2019-03-20 21:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 06:19 - 2019-03-20 21:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-10 06:19 - 2019-03-20 21:13 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-10 06:19 - 2019-03-20 21:12 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-10 06:19 - 2019-03-20 21:12 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-10 06:19 - 2019-03-20 21:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-04-10 06:19 - 2019-03-20 21:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-04-10 06:19 - 2019-03-20 21:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-04-10 06:19 - 2019-03-20 21:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 21:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 20:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-10 06:19 - 2019-03-20 20:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-10 06:19 - 2019-03-20 20:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-10 06:19 - 2019-03-20 20:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-10 06:19 - 2019-03-20 20:41 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-10 06:19 - 2019-03-20 20:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-10 06:19 - 2019-03-20 20:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-10 06:19 - 2019-03-20 20:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-04-10 06:19 - 2019-03-20 20:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-04-10 06:19 - 2019-03-20 20:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-10 06:19 - 2019-03-20 20:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-10 06:19 - 2019-03-20 20:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-10 06:19 - 2019-03-20 20:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-10 06:19 - 2019-03-20 20:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-10 06:19 - 2019-03-20 20:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-10 06:19 - 2019-03-20 20:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-10 06:19 - 2019-03-20 20:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-10 06:19 - 2019-03-20 20:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-10 06:19 - 2019-03-20 20:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-10 06:19 - 2019-03-20 20:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-10 06:19 - 2019-03-20 20:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-10 06:19 - 2019-03-20 20:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-10 06:19 - 2019-03-20 20:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-04-10 06:19 - 2019-03-20 20:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-04-10 06:19 - 2019-03-20 20:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-04-10 06:19 - 2019-03-20 20:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-04-10 06:19 - 2019-03-20 20:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-04-10 06:19 - 2019-03-20 20:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 20:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 20:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 06:19 - 2019-03-20 20:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-04-10 06:19 - 2019-03-15 23:11 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 06:19 - 2019-03-15 23:09 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-10 06:19 - 2019-03-15 23:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-10 06:19 - 2019-03-15 23:08 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-10 06:19 - 2019-03-15 23:08 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-04-10 06:19 - 2019-03-15 22:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-04-10 06:19 - 2019-03-15 22:42 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-10 06:19 - 2019-03-15 22:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-04-10 06:19 - 2019-03-15 22:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-04-10 06:19 - 2019-03-13 10:09 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-10 06:19 - 2019-03-13 10:02 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-04-10 06:19 - 2019-03-13 09:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 06:19 - 2019-03-13 09:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 06:19 - 2019-03-12 09:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 06:19 - 2019-03-12 09:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 06:19 - 2019-03-12 09:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-10 06:19 - 2019-03-11 16:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-10 06:19 - 2019-03-11 16:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 06:19 - 2019-03-11 16:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 06:19 - 2019-03-11 16:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 06:19 - 2019-03-11 16:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 06:19 - 2019-03-11 16:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-04-10 06:19 - 2019-03-11 16:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-04-10 06:19 - 2019-02-21 10:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-10 06:19 - 2019-02-21 10:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-04-10 06:19 - 2019-02-21 10:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 06:19 - 2019-02-12 11:08 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-10 06:19 - 2019-02-12 11:08 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-10 06:19 - 2019-02-12 10:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-04-10 06:19 - 2019-02-12 10:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-04-10 06:19 - 2019-02-08 11:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-10 06:19 - 2019-02-08 11:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 16:45 - 2017-01-23 16:01 - 000000000 ____D C:\FRST
2019-05-06 08:00 - 2013-12-17 22:34 - 000000000 ____D C:\Users\Mike\Documents\Italy
2019-05-06 03:47 - 2009-07-13 23:45 - 000028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-06 03:47 - 2009-07-13 23:45 - 000028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-05 16:16 - 2013-12-26 13:54 - 000000000 ____D C:\Program Files\Puran Defrag
2019-05-05 14:55 - 2009-07-14 00:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-05 14:55 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-05-05 14:49 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-05 12:17 - 2015-12-28 15:04 - 000000000 ____D C:\Users\Mike\Desktop\FAMILY RECIPES
2019-05-04 20:37 - 2017-01-19 19:07 - 000000000 ____D C:\Users\Mike\Desktop\PicFaves18
2019-05-04 15:05 - 2013-12-17 22:53 - 000000000 ____D C:\Users\Mike\Documents\Wikipedia
2019-05-03 13:12 - 2017-06-08 19:51 - 000000000 ____D C:\Users\Mike\Desktop\WordWaiting
2019-05-02 19:49 - 2016-02-20 12:59 - 000002408 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-30 13:45 - 2016-02-28 15:34 - 000000000 ____D C:\Users\Mike\Desktop\ScanStuff
2019-04-30 06:22 - 2019-03-04 08:35 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-26 15:55 - 2019-03-23 08:50 - 000000000 ____D C:\Users\Mike\Desktop\Spring19
2019-04-26 08:35 - 2018-10-20 10:31 - 000000000 ____D C:\Users\Mike\Desktop\66
2019-04-24 16:51 - 2013-12-17 12:27 - 000000000 ____D C:\Users\Mike
2019-04-24 15:28 - 2018-03-24 12:54 - 000000000 ____D C:\Users\Mike\Desktop\Recipes18
2019-04-15 16:51 - 2017-04-12 15:06 - 000000000 ____D C:\Users\Mike\Desktop\Crumb
2019-04-11 04:07 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2019-04-11 03:27 - 2009-07-13 23:45 - 000300424 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-11 03:05 - 2013-12-17 13:03 - 000000000 ____D C:\Windows\system32\MRT
2019-04-11 03:01 - 2013-12-17 13:03 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 23:13 - 2017-04-23 22:37 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2013-12-24 15:36 - 2013-12-24 15:36 - 000000136 _____ () C:\Users\Mike\AppData\Roaming\mbam.context.scan
2013-12-23 09:43 - 2013-12-23 15:27 - 000004608 _____ () C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-03 00:18
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05.2019
Ran by Mike (06-05-2019 16:48:29)
Running from C:\Users\Mike\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-12-17 17:27:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4197961188-714576266-808560349-500 - Administrator - Disabled)
Guest (S-1-5-21-4197961188-714576266-808560349-501 - Limited - Disabled)
HP_OWNER (S-1-5-21-4197961188-714576266-808560349-1001 - Administrator - Enabled) => C:\Users\HP_OWNER
Mike (S-1-5-21-4197961188-714576266-808560349-1000 - Administrator - Enabled) => C:\Users\Mike

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version: - AOL Inc.)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG3500 series User Registration (HKLM-x32\...\Canon MG3500 series User Registration) (Version: - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Google Chrome (HKU\S-1-5-21-4197961188-714576266-808560349-1000\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Earth (HKLM-x32\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP OfficeJet 3830 series Basic Device Software (HKLM\...\{165CDB14-4CD3-4D4D-A38A-3FF93FAAFD5C}) (Version: 40.11.1119.1786 - HP Inc.)
HP OfficeJet 3830 series Help (HKLM-x32\...\{1FCCD112-2F27-463D-8C36-1D5C29A3BB3E}) (Version: 35.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Product Improvement Study for HP OfficeJet 3830 series (HKLM\...\{F1E13468-92EB-4AB7-8F1C-CC09A286C9B9}) (Version: 40.11.1119.1786 - HP Inc.)
Puran Defrag 7.6 (HKLM\...\Puran Defrag_is1) (Version: - Puran Software)
RogueKiller version 13.0.21.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.21.0 - Adlice Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4197961188-714576266-808560349-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4197961188-714576266-808560349-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4197961188-714576266-808560349-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\Windows\system32\PuranDefrag.dll [2012-12-13] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\Windows\system32\PuranDefrag.dll [2012-12-13] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\Windows\system32\PuranDefrag.dll [2012-12-13] (Vishal Gupta -> Puran Software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-12-18 13:10 - 2013-03-08 00:07 - 000056320 _____ (Alphaleonis) [File not signed] C:\Program Files (x86)\Cobian Backup 11\AlphaVSS.Common.dll
2013-12-18 13:10 - 2013-03-08 00:07 - 000166400 _____ (Alphaleonis) [File not signed] C:\Program Files (x86)\Cobian Backup 11\AlphaVSS.Win2008.x64.dll
2010-03-08 02:27 - 2010-03-08 02:27 - 000578048 _____ (AOL Inc.) [File not signed] C:\Program Files (x86)\Common Files\AOL\1387389289\ee\AOLSvcMgr.dll
2010-01-06 01:19 - 2010-01-06 01:19 - 000176640 _____ (AOL Inc.) [File not signed] C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll
2008-11-04 13:46 - 2008-11-04 13:46 - 000835584 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1387389289\ee\coolcore54.dll
2010-05-02 22:23 - 2010-05-02 22:23 - 000155648 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll
2008-10-17 11:48 - 2008-10-17 11:48 - 000104448 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\connection\ver7_1_2_1\connection.dll
2008-10-03 13:28 - 2008-10-03 13:28 - 000317440 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\localStorage\ver8_1_1_1\clsSvc.dll
2008-10-03 15:29 - 2008-10-03 15:29 - 000256000 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\metrics\ver4_1_11_1\cmls.dll
2008-10-03 14:49 - 2008-10-03 14:49 - 000130560 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\notification\ver7_1_1_1\Notify.dll
2006-09-21 10:18 - 2006-09-21 10:18 - 000005632 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\os\ver5_2_1_1\AOLIdleMon.dll
2006-09-21 10:19 - 2006-09-21 10:19 - 000180736 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\os\ver5_2_1_1\OS.dll
2008-10-03 16:13 - 2008-10-03 16:13 - 000163840 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\osInfo\ver2_1_1_1\OSInfo.dll
2008-10-03 15:16 - 2008-10-03 15:16 - 000094720 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\preferences\ver6_1_1_1\preferences.dll
2007-09-07 10:46 - 2007-09-07 10:46 - 000281600 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1387389289\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll
2007-03-19 21:48 - 2007-03-19 21:48 - 000249856 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1387389289\ee\xprt5.dll
2009-12-11 12:17 - 2009-12-11 12:17 - 000248832 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1387389289\ee\xprt6.dll
2014-12-28 14:33 - 2013-01-24 02:24 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2013-12-18 13:10 - 2013-03-08 00:07 - 000067584 _____ (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
2013-12-18 13:10 - 2013-03-08 00:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2013-12-18 13:10 - 2013-03-08 00:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2013-12-18 13:10 - 2013-03-08 00:27 - 004407808 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
2013-12-18 13:10 - 2013-03-08 00:26 - 000720896 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
2013-12-17 21:14 - 2013-12-17 21:14 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2019-01-10 14:20 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4197961188-714576266-808560349-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C3E8EF01-3391-440D-8E60-7DFA4FFB6252}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{99BF0AA0-61CC-4402-91DD-688187EF1C2C}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{507D92DA-D18F-456B-8580-CF4D7D3D4C34}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{6F25575C-4239-41E2-AF88-A8E4837B1FE8}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{9ECD1C4E-7353-4D91-AE28-3F5E0B6F6894}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1387389289\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{4E7E02DE-3224-4EEB-B741-CD4BCE906F97}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1387389289\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{934581BF-C000-4943-A1A9-8D708C0DAC5D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{3617D4CB-7140-499B-8EF7-6114519D869E}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{F500CF40-7A91-41A3-AF7B-C3C6A51D14AC}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{43A258A9-3E67-4B57-971F-C5F555144649}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{80476B99-EE1F-4C04-A3EF-3BD08D4FB9DF}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{489929A1-B33D-450F-9710-BBC963D0F529}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{06DFBD27-BEA0-49DF-9B1C-DB89A93EB606}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{8B5C5F96-14EA-4F12-9D95-8B28902D0B10}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{54A0577E-3E4F-4E17-A785-666F27081CBF}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{D10B1CEC-C576-4E4A-A262-C61C93C61591}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{48B5CAF3-443C-435D-B13D-92C41E118353}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{02E4057D-CA37-4B4A-AFDA-1209DE386279}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{8AF77200-EAEE-46C8-886A-9584425FB642}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{88D1214E-2B23-4A42-AD05-5F9BB4E4824C}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{D080DA85-6382-47D7-AB8E-BD03A8676BA5}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1387389289\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{84AB735B-D1AA-41CF-A172-F1CDF3B02D67}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1387389289\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{EABF4886-EBCB-439E-BCC4-51D532737B94}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{8A159DB4-5EB9-4714-AF31-A1E0E954D74F}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{79A1C0C6-DEA7-45B5-831B-B01DB292203D}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{47F41458-5C50-4009-BC73-121478D3BF8D}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{DC881B37-D9F3-4E8B-B374-E8F09B6F17D4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{3CCB0AFC-552C-47BF-921C-21E84C782125}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{13C79176-45D2-49E0-A01A-047B42F2A1CD}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{0DD3A617-96B7-481D-AE9B-C4120FC44844}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{883D8B11-2CDA-4848-8E6A-FDA27359ACD5}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{A6A724BC-3293-4F09-BAC8-1980D2D9FEAA}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{3F4722D1-3B44-4D4A-897A-4399C7F87769}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.0\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{E9658CBE-25EC-4ECD-A959-F1498392F780}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.0\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{8E051556-1681-4B46-BF41-11651985A308}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.1\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{686645B1-A3D8-4D97-8E46-64585B91A100}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.1\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{887AFAF5-9173-4281-BFE1-92FE5FAF4090}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{DECA53EA-D174-47CE-9CAB-A82A113B469D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{673BBE0F-0A84-41B4-A041-830CF5F49039}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8DAE8A70-66CD-4796-A7B1-719AE81870E9}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3E12EF65-E10A-40BD-95EB-73CCD50ED46B}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{296C7251-8195-41E1-A4F9-217BE632EEF3}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7A98E836-0958-4CD5-B880-D2A811CB97D1}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{60295DE4-8E2F-442E-A566-EBD61A8A00D9}] => (Allow) LPort=5357
FirewallRules: [{5C206BAE-2864-42B0-B225-EC66D7180A14}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{1A801913-446A-4E62-B980-44B9A13700A9}C:\users\mike\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\mike\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{4305BD67-FCAD-435E-ADC5-A0C4972B7473}C:\users\mike\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\mike\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{49E188DD-8E4D-4D6A-9D5F-0A4891A91205}] => (Block) C:\users\mike\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{EE3D6B0A-5F25-405A-BA1C-CAAB50E82E98}] => (Block) C:\users\mike\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{DC411334-6703-4C7F-92A0-E5DA113DE9B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{23E86C27-043A-4FE8-9904-B754FD3E5BB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

05-05-2019 16:54:39 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (ATW) #2
Description: WAN Miniport (ATW)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: America Online, Inc.
Service: wanatw
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2019 11:00:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).

Error: (05/06/2019 01:11:07 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d7deee7c-5f88-45f1-9c34-348a3f852328}

Error: (05/05/2019 04:00:01 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).

Error: (05/05/2019 03:00:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).

Error: (05/04/2019 09:00:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).

Error: (05/04/2019 02:00:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).

Error: (05/03/2019 07:00:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).

Error: (05/02/2019 12:00:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being consolidated into files that can be sent to Microsoft, (Error 80004005).


System errors:
=============
Error: (05/06/2019 03:42:18 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (05/06/2019 12:05:42 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (05/05/2019 04:06:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/05/2019 02:47:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (05/01/2019 04:31:12 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (05/01/2019 12:06:21 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (04/30/2019 03:39:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:37:19 PM on ‎4/‎30/‎2019 was unexpected.

Error: (04/28/2019 04:44:45 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve


Windows Defender:
===================================
Date: 2017-08-09 03:21:10.763
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{74F44B93-3ABC-47E0-A787-F9B7D736E8E1}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-10-01 23:16:15.220
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-10-01 23:16:15.217
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:
Previous Engine Version:
Error code:0x80070002
Error description:The system cannot find the file specified.

CodeIntegrity:
===================================

Date: 2014-10-15 00:27:41.501
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.501
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.501
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.438
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-15 00:27:41.438
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F8 10/08/2009
Motherboard: Gigabyte Technology Co., Ltd. GA-MA78GM-US2H
Processor: AMD Phenom(tm) 8650 Triple-Core Processor
Percentage of memory in use: 79%
Total physical RAM: 5630.49 MB
Available physical RAM: 1177.97 MB
Total Virtual: 11259.13 MB
Available Virtual: 6600.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:361.17 GB) NTFS

\\?\Volume{7782d33a-6747-11e3-95c9-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 94549454)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 

Attachments

Last edited by a moderator:

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Skyclad,

There's nothing malicious showing in the reports.
When you say:
Just today I've noticed that my computer is running super slow and not sure what could have caused this,
are you talking about the system in general or the speed of the internet pages opening?

When clicking on the icon that displays my WiFi connections at the bottom right of the screen, the one I was running at the time stated "poor" with regard to signal strength.. Today, the speed is a bit better (not optimal) and it reads as "fair"..
Have you checked to see what speed you are getting?
An easy way to check this is to follow the link below and click on Go when the page opens.

Speed Test

There are a couple of orphan entries in the report that we can remove .... we can run a general cleanup at the same time.
Although I doubt this will actually speed up your system.

Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

HbL7sAI.png

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.
 

Attachments

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Good to hear that nothing malicious showed up.. I just ran a speed test and the results were the following (I have no idea what is normal, so hoping you can translate this for me...)........
Ping/80; Download/ 1.02; Upload/1.76
If this is a WiFi signal strength issue (and I have a feeling it is), how should I proceed on this? We have a bundled set up through Cox Communications...... Maybe should give them a call...?? Before running the general cleanup, I was wanting to get your take on the speeds shown above and if they are subPar.. Please advise when convenient.. Again, thanks for your help!
 

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Oh, I forgot to answer your initial question regarding the overall system speed or the speed with which the pages are opening.. That would be the latter.. There was one point in which all sorts of things were "buffering" at once, and none were opening quickly as they usually do.. Right now, it's much better than it was, but the signal strength still shows "fair".... Will be very interested in what you think of the speeds that showed up on the test...
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Skyclad,

Ping/80; Download/ 1.02; Upload/1.76
There's definitely a problem there.
Those speeds are way too low.
I just took a look at the 'Cox Internet Starter 10' package ....... that offers speeds of upto 10mbps. ( and that's not great in this day and age.)
Just ran a test on mine ( and i consider my connection to be average)
ping ... 16ms ( the lower the number, the better )
download ... 35.65mbps ( the higher the number, the better )
upload ... 9.5mbps ( the higher number, the better )

Most television services that rely on the internet ( Amazon fire stick, Netflix etc ) require a minimum of 2mbps connection.
You are only getting 1.02 .... no wonder everything is buffering.
Obviously if you have more than one item connecting to the internet ( PC's, Phones, Tablets etc ) that connection will be shared..... making it even slower.
First thing to do would be to call Cox Communications and ask what speed you are paying for.
Then tell them the speeds that the 'Speed Test' has given you ..... and say it needs to be sorted.
They should have tools at their disposal that can identify problems with your line/connection.
Sometimes turning a router off for a few minutes and then restarting it can help.
Just like rebooting a computer sometimes helps with problems.
 

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Thanks for getting back Starbuck.. Yes, I had a feeling that my speeds were very low, and keep in mind the numbers I sent you were when the connection was "fair" (as is currently the case).. The other day the signal strength was "poor", and that is when things were really bad.... I will contact Cox and visit with them per your instructions.. Hopefully they can fix this asap.....
Thanks again for your help!!
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Skyclad,

It might be an idea to check the speed again when your signal strength is showing as 'poor'.
That way you'll have 2 readings to give Cox.
Let us know how things go.
 

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Hi Starbuck..
The Cox TechDude came by awhile ago and re-located where the WiFi router was located.. It was on the floor in another room about 25 feet away, and he put it up much higher so it could get a better shot at the WiFi Stick on the back of my computer.. He also said it would help to raise my computer higher too, as part of the signal is being blocked by the corner of my metal desk.. Also, suggested I get a 5 Gig WiFi Stick to help things even further.. Ultimately the readings are not "excellent" but are solidly in the "good" range, according to the readout on my computer anyway.. Just ran a speed test awhile ago and the numbers are now as follows........Ping/30; Download 4.95; Upload 7.57 Still not super fast, but so much better than it was... I welcome any ideas/comments you might have..
Thanks again!
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Just ran a speed test awhile ago and the numbers are now as follows........Ping/30; Download 4.95; Upload 7.57 Still not super fast, but so much better than it was
So what speed are you paying for, compared to what you are getting .... that's the big question.
 

Skyclad

FPCH Member
Joined
Aug 30, 2016
PC Experience
Some Experience
Yes it is and I completely forgot to ask him that question earlier.. Will definitely be looking into that to see what the discrepancy might be......
 
Top Bottom