Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

gooogle home page and omni box search hijacked to yahoo


  • This topic is locked This topic is locked
2 replies to this topic

#1 AKenKen

AKenKen

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 09 November 2015 - 01:02 PM

default search engine when searching from the omnibox is google and default new tab and home pages are google. like the name implies they get hijacked to yahoo first it redirects to "searchinterneat-a.akamaihd.net" and that redirects to yahoo.
 
FRST.txt
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Ken BK (administrator) on BACON_MACHINE (09-11-2015 12:28:01)
Running from C:\Users\Ken BK\Desktop
Loaded Profiles: Ken BK &  (Available Profiles: Ken BK)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\ioloGovernor64.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe [4536120 2015-07-24] (iolo technologies, LLC)
HKLM-x32\...\RunOnce: [4FA12186-8D89-4137-B5DF-B472F6A69F8B] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-10-07] (Microsoft Corporation)
HKU\S-1-5-21-460937243-1366827296-1215836000-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-05] (Valve Corporation)
HKU\S-1-5-21-460937243-1366827296-1215836000-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-05] (Valve Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-10-07] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} -  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-11-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AHK Tools.ahk [2015-10-15] ()
Startup: C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InputMapper.exe [2015-05-25] (DSD Consulting Services)
Startup: C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.ahk [2015-10-14] ()
Startup: C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\theme.cmd [2009-11-28] ()
BootExecute: "autocheck autochk * "autocheck smrgdf C:\Users\KENBK~1\AppData\Roaming\iolo\
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0FFD8D7E-A2A7-45E4-8DFB-A85000B21E9B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B48AE4D0-12DC-4489-A0D5-F5BAC4ACBFDC}: [DhcpNameServer] 192.168.2.4
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.win7extreme.project-os.org
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-460937243-1366827296-1215836000-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-460937243-1366827296-1215836000-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-08] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Ken BK\AppData\Roaming\Mozilla\Firefox\Profiles\b6kt6lu2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-10-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-10-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.41108.0\npctrl.dll [2009-11-07] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-460937243-1366827296-1215836000-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ken BK\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-460937243-1366827296-1215836000-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ken BK\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwheBF1HRRgVcgsOTA1BQFMOIlgAURQQQgRFcA5aWA1JEgMFIk0FA1oDB0VXfV5bFElXTwhwJVx1DksUc1BQNVVMEnEEQw=="
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-06]
CHR Extension: (Google Docs) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-06]
CHR Extension: (Google Drive) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google Search) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (AdBlock) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-06]
CHR Extension: (Gmail) - C:\Users\Ken BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-06]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4682040 2015-07-24] (iolo technologies, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-29] (Microsoft Corporation) [File not signed]
R2 vseamps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [122120 2014-03-25] (CYREN Inc.)
R2 vsedsps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [119560 2014-03-25] (CYREN Inc.)
S3 vseqrts; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [181512 2014-03-25] (CYREN Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AMP; C:\Windows\System32\Drivers\AMP.sys [174856 2014-03-25] (CYREN Inc.)
S2 AMPSE; C:\Windows\system32\Drivers\ampse.sys [1728776 2014-03-25] (CYREN Inc.)
S3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [44032 2009-08-21] (Alcor Micro, Corp.) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hptmv; C:\Windows\system32\DRIVERS\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 IAMTVE; C:\Windows\system32\DRIVERS\IAMTVE.sys [43416 2007-04-11] (Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\DRIVERS\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation)
S3 ioatdma; C:\Windows\System32\Drivers\qd260x64.sys [41096 2008-01-17] (Intel Corporation)
S3 iSSetup; C:\Windows\system32\DRIVERS\iSSetup.sys [175328 2009-09-24] (Intel Corporation)
S3 iteraid; C:\Windows\system32\DRIVERS\iteraid.sys [32768 2007-05-01] (ITE Tech. Inc.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [18784 2008-10-09] (JMicron )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MegaSR1; C:\Windows\system32\DRIVERS\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
S3 nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [28192 2009-07-16] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
S3 O2MDRDR; C:\Windows\system32\DRIVERS\o2mdx64.sys [56664 2009-07-26] (O2Micro )
S3 Pnp680; C:\Windows\system32\DRIVERS\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-07-24] (EldoS Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SI3112r; C:\Windows\system32\DRIVERS\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\DRIVERS\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\DRIVERS\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\DRIVERS\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\DRIVERS\Si3124r5.sys [334640 2006-09-20] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\DRIVERS\Si3531.sys [330544 2007-06-01] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
S3 SISAGP; C:\Windows\system32\DRIVERS\SISAGPX.sys [64888 2007-01-24] (Silicon Integrated Systems Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2015-10-05] () [File not signed]
S3 StarOpen; no ImagePath
S3 viaagp1; C:\Windows\system32\DRIVERS\viaagp1.sys [59392 2005-09-22] (VIA Technologies, Inc.)
S3 viamrx64; C:\Windows\system32\DRIVERS\viamrx64.sys [136192 2008-07-09] (VIA Technologies inc,.ltd)
S3 ViBusX64; C:\Windows\system32\DRIVERS\ViBusX64.sys [25240 2008-04-15] (VIA Technologies, Inc.)
S3 videX64; C:\Windows\system32\DRIVERS\videX64.sys [15000 2009-05-04] (VIA Technologies, Inc.)
S3 ViPrtX64; C:\Windows\system32\DRIVERS\ViPrtX64.sys [67224 2008-04-15] (VIA Technologies, Inc.)
R0 xfiltx64; C:\Windows\System32\DRIVERS\xfiltx64.sys [25752 2009-05-04] (VIA Technologies,Inc)
S3 XPAD; C:\Windows\System32\DRIVERS\xpad.sys [25120 2007-07-16] (Beijing WiseGrup.,Ltd (gamepad.yeah.net))
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VMAUDIO; system32\drivers\vmaudio.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 XBCD; system32\DRIVERS\XBCD.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 21:50 - 2015-11-06 21:50 - 00000000 _____ C:\Windows\system32\smrgdf.txt
2015-11-06 03:51 - 2015-11-06 19:47 - 00000408 _____ C:\Windows\SysWOW64\iolo.ini
2015-11-06 03:51 - 2015-11-06 19:47 - 00000408 _____ C:\Windows\system32\iolo.ini
2015-11-06 03:50 - 2015-07-24 23:38 - 00032568 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2015-11-06 03:49 - 2015-11-06 03:49 - 00000000 ____D C:\ProgramData\Commtouch
2015-11-06 03:47 - 2015-11-06 03:47 - 00000000 ____D C:\Program Files\Common Files\Commtouch
2015-11-06 03:47 - 2014-03-25 15:59 - 01728776 ____R (CYREN Inc.) C:\Windows\system32\Drivers\ampse.sys
2015-11-06 03:29 - 2015-11-06 04:19 - 00001447 _____ C:\Users\Public\Desktop\System Mechanic Professional.lnk
2015-11-05 19:22 - 2015-11-09 12:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-05 19:19 - 2015-11-06 04:19 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-05 19:19 - 2015-11-05 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-05 19:18 - 2015-11-05 19:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-05 19:18 - 2015-11-05 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-05 19:18 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-05 19:18 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-05 19:18 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-05 16:53 - 2015-11-09 12:29 - 00017362 _____ C:\Users\Ken BK\Desktop\FRST.txt
2015-11-05 16:49 - 2015-11-09 12:28 - 00000000 ____D C:\FRST
2015-11-05 16:32 - 2015-11-05 16:32 - 02198528 _____ (Farbar) C:\Users\Ken BK\Desktop\FRST64.exe
2015-11-05 16:09 - 2015-11-05 16:19 - 00000000 ____D C:\AdwCleaner
2015-11-05 16:09 - 2015-11-05 16:09 - 01713664 _____ C:\Users\Ken BK\Desktop\AdwCleaner.exe
2015-11-03 05:38 - 2015-11-06 04:19 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-03 05:38 - 2015-11-03 05:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-03 05:33 - 2015-11-09 11:38 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-03 05:33 - 2015-11-09 05:38 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-03 05:33 - 2015-11-03 05:33 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-03 05:33 - 2015-11-03 05:33 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-02 05:07 - 2015-11-02 05:07 - 00000464 __RSH C:\ProgramData\ntuser.pol
2015-10-31 17:52 - 2015-11-05 13:28 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-10-31 17:52 - 2015-10-31 17:52 - 00000000 ____D C:\Windows\LastGood
2015-10-31 17:13 - 2015-10-31 17:13 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Yamicsoft
2015-10-31 15:34 - 2015-10-31 16:08 - 00000000 ____D C:\Users\Ken BK\Documents\My Games
2015-10-31 01:50 - 2015-11-06 04:19 - 00001164 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility.lnk
2015-10-31 01:50 - 2015-10-31 01:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-10-31 01:50 - 2015-10-31 01:50 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2015-10-31 01:44 - 2015-11-06 04:19 - 00002027 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2015-10-31 01:44 - 2015-11-06 04:19 - 00001978 _____ C:\Users\Public\Desktop\Smite.lnk
2015-10-31 01:44 - 2015-10-31 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2015-10-31 01:44 - 2015-10-31 01:44 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-10-31 01:44 - 2015-10-31 01:44 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-10-31 01:39 - 2015-10-31 01:39 - 49781512 _____ (Hi-Rez Studios) C:\Users\Ken BK\Desktop\InstallSmite.exe
2015-10-26 14:18 - 2015-10-26 14:20 - 167839512 _____ (Apple Inc.) C:\Users\Ken BK\Desktop\iTunes6464Setup.exe
2015-10-25 13:58 - 2015-10-25 13:58 - 00000324 _____ C:\Users\Ken BK\Desktop\Controller Hotkeys.ahk
2015-10-24 19:11 - 2015-10-24 19:13 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Sony
2015-10-24 19:11 - 2015-10-24 19:11 - 00000000 ____D C:\Users\Ken BK\Documents\My Podcasts
2015-10-24 19:11 - 2015-10-24 19:11 - 00000000 ____D C:\ProgramData\Sony
2015-10-24 19:09 - 2015-10-24 19:13 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Sony
2015-10-24 18:30 - 2015-11-06 04:19 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-10-24 18:30 - 2015-10-24 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-10-24 18:28 - 2015-10-24 18:31 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-10-24 18:28 - 2015-10-24 18:28 - 00000000 ____D C:\ProgramData\Apple Computer
2015-10-24 18:27 - 2015-11-06 04:20 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-24 18:27 - 2015-10-24 18:27 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Apple
2015-10-24 18:27 - 2015-10-24 18:27 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-24 18:12 - 2015-10-24 18:12 - 00000000 ____D C:\Users\Ken BK\AppData\LocalLow\Apple Computer
2015-10-24 18:08 - 2015-10-24 18:08 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Sony Setup
2015-10-24 18:07 - 2015-10-24 18:07 - 00038400 _____ (NirSoft) C:\Users\Ken BK\Desktop\cleanafterme.exe
2015-10-24 18:07 - 2015-10-24 18:07 - 00000000 ____D C:\Program Files (x86)\Sony Setup
2015-10-22 18:38 - 2015-10-22 18:38 - 00000406 _____ C:\Windows\system32\ioloBootDefrag.cfg
2015-10-22 18:37 - 2015-11-06 19:47 - 00000392 _____ C:\Windows\SysWOW64\iolo.ini.txt
2015-10-22 18:30 - 2015-11-06 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic Professional
2015-10-22 18:30 - 2015-07-24 23:40 - 02142520 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll
2015-10-22 18:30 - 2015-07-24 23:40 - 02084664 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2015-10-22 18:30 - 2014-04-07 13:16 - 00160256 _____ C:\Windows\system32\iavlsp64.dll
2015-10-22 18:30 - 2014-04-07 13:16 - 00118784 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\iavlsp.dll
2015-10-22 18:28 - 2015-11-06 03:29 - 00003144 _____ C:\Windows\System32\Tasks\iolo Process Governor
2015-10-22 18:28 - 2015-11-06 03:29 - 00000000 ____D C:\ProgramData\ioloGovernor
2015-10-22 18:28 - 2015-10-22 18:28 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\ioloGovernor
2015-10-22 18:28 - 2015-10-22 18:28 - 00000000 ____D C:\Program Files (x86)\iolo
2015-10-22 18:28 - 2015-07-25 00:29 - 00057144 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2015-10-22 18:28 - 2015-07-25 00:29 - 00025912 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2015-10-22 18:28 - 2015-07-24 23:35 - 00083224 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2015-10-22 18:28 - 2014-04-07 13:15 - 00069000 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2015-10-22 18:28 - 2014-04-07 13:15 - 00056200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2015-10-22 18:15 - 2015-11-06 03:45 - 00000000 ____D C:\ProgramData\iolo
2015-10-22 18:15 - 2015-11-06 03:29 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\iolo
2015-10-22 18:15 - 2015-10-22 18:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2015-10-19 23:52 - 2015-10-24 16:16 - 00000000 ____D C:\Users\Ken BK\Desktop\BACON
2015-10-18 12:59 - 2015-10-18 12:59 - 06723784 _____ (DSDCS) C:\Users\Ken BK\Desktop\InputMapper 1.5.31.0.exe
2015-10-17 23:32 - 2015-10-17 23:32 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-10-17 23:15 - 2015-10-17 23:15 - 01210691 _____ C:\Users\Ken BK\Desktop\DS4Windows.zip
2015-10-17 23:06 - 2015-11-08 00:01 - 00000000 ____D C:\Users\Ken BK\AppData\Local\CrashDumps
2015-10-17 23:05 - 2015-10-17 23:05 - 00000000 ____D C:\Program Files (x86)\DSDCS
2015-10-17 22:58 - 2015-10-17 22:58 - 00000000 ____D C:\Users\Ken BK\Documents\Bluetooth Exchange Folder
2015-10-17 22:58 - 2015-10-17 22:58 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Broadcom
2015-10-17 22:58 - 2015-10-17 22:52 - 00599288 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2015-10-17 22:56 - 2015-11-06 04:20 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Problem Report.lnk
2015-10-17 22:56 - 2015-11-06 04:19 - 00001103 _____ C:\Users\Public\Desktop\Bluetooth Problem Report.lnk
2015-10-17 22:54 - 2015-10-17 22:52 - 00210984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2015-10-17 22:54 - 2015-10-17 22:52 - 00184144 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2015-10-17 22:54 - 2015-10-17 22:52 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2015-10-17 22:54 - 2015-10-17 22:52 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2015-10-17 22:53 - 2015-10-17 22:53 - 00000000 ____D C:\Program Files\WIDCOMM
2015-10-17 22:18 - 2015-11-01 04:24 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-17 22:16 - 2015-11-06 04:20 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-17 22:16 - 2015-11-06 04:19 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-17 22:15 - 2015-10-17 22:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-17 22:08 - 2015-10-17 22:14 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\DELL Drivers Update Utility
2015-10-17 22:08 - 2015-10-17 22:10 - 00000000 ____D C:\Users\Ken BK\AppData\Local\DELL Drivers Update Utility For Windows 7 64 bit
2015-10-17 22:07 - 2015-10-17 22:08 - 00000000 ____D C:\ProgramData\Dell
2015-10-17 22:03 - 2015-10-17 22:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-10-17 22:03 - 2015-10-17 22:03 - 00000000 ____D C:\Program Files (x86)\Intel
2015-10-17 22:03 - 2015-10-17 22:03 - 00000000 ____D C:\Intel
2015-10-17 22:03 - 2009-08-18 12:44 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-10-17 22:03 - 2009-02-02 17:27 - 07347200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSUSTORicon.dll
2015-10-17 21:54 - 2015-10-17 21:54 - 00000000 ____D C:\Windows\system32\SRSLabs
2015-10-17 21:54 - 2015-10-17 21:54 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-10-17 21:54 - 2010-02-26 01:03 - 12605952 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2015-10-17 21:54 - 2010-02-26 01:03 - 03345408 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2015-10-17 21:54 - 2010-02-26 01:03 - 00564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe
2015-10-17 21:54 - 2010-01-20 14:55 - 00601088 _____ (Creative Technology Ltd.) C:\Windows\system32\ctapo64.dll
2015-10-17 21:54 - 2010-01-20 14:55 - 00524288 _____ (Creative Technology Ltd.) C:\Windows\system32\ctapo32.dll
2015-10-17 21:54 - 2010-01-12 01:03 - 00162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2015-10-17 21:54 - 2009-10-09 23:45 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2015-10-17 21:54 - 2009-05-13 02:28 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\ctppld64.dll
2015-10-17 21:54 - 2009-03-03 00:58 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2015-10-17 21:54 - 2009-03-03 00:47 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2015-10-17 21:53 - 2015-10-31 01:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-17 21:53 - 2015-10-17 21:55 - 00000000 ____D C:\Program Files\IDT
2015-10-17 21:53 - 2015-10-17 21:53 - 00000000 ____D C:\Dell
2015-10-17 21:53 - 2010-02-26 01:03 - 01472000 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2015-10-17 21:53 - 2010-02-26 01:03 - 00644608 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2015-10-17 21:53 - 2010-02-26 01:03 - 00505856 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2015-10-17 21:53 - 2010-02-26 01:03 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2015-10-17 21:53 - 2010-02-26 01:03 - 00209920 _____ (IDT, Inc.) C:\Windows\system32\st646272.dll
2015-10-17 21:53 - 2010-01-20 14:55 - 00524288 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\ctapo32.dll
2015-10-17 21:44 - 2015-10-17 21:44 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDCOMM Bluetooth DK
2015-10-17 21:44 - 2015-10-17 21:44 - 00000000 ____D C:\Program Files (x86)\Widcomm
2015-10-17 17:22 - 2015-10-17 17:22 - 00000000 ____D C:\ProgramData\DSDCS
2015-10-17 17:18 - 2015-10-18 13:15 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\InputMapper
2015-10-17 17:17 - 2015-10-17 17:17 - 00000000 ____D C:\ProgramData\Caphyon
2015-10-17 17:16 - 2015-10-17 17:16 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\DSDCS
2015-10-17 15:43 - 2013-05-19 01:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-10-17 15:42 - 2015-10-17 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-10-17 15:42 - 2015-10-17 15:42 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-10-16 17:55 - 2015-10-16 17:55 - 00000000 ____D C:\Users\Ken BK\AppData\Local\GWX
2015-10-15 21:25 - 2015-10-15 21:25 - 00000000 ____D C:\Users\Ken BK\Tracing
2015-10-14 17:43 - 2015-10-15 10:14 - 00000040 _____ C:\Users\Ken BK\Desktop\Fun.ahk
2015-10-14 12:18 - 2015-10-14 18:24 - 00000247 _____ C:\Users\Ken BK\Desktop\Test.ahk
2015-10-14 06:17 - 2015-10-14 06:17 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\MacroCreator
2015-10-14 06:17 - 2015-10-14 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator
2015-10-14 06:17 - 2015-10-14 06:17 - 00000000 ____D C:\Program Files\MacroCreator
2015-10-14 04:11 - 2015-07-10 12:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-10-14 04:11 - 2015-07-10 12:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-10-14 03:14 - 2015-10-15 10:05 - 00000000 ____D C:\Users\Ken BK\Desktop\AHK Things
2015-10-14 02:41 - 2015-10-14 02:42 - 00000000 ____D C:\Windows\pss
2015-10-13 21:22 - 2015-10-31 15:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 17:27 - 2015-10-13 17:27 - 00003562 _____ C:\Windows\System32\Tasks\{47410B98-4A87-4475-8BE7-ABFFA7F09616}
2015-10-13 17:15 - 2015-10-13 17:15 - 00000000 ____D C:\ProgramData\Intel
2015-10-13 17:12 - 2015-10-13 17:12 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Intel
2015-10-13 16:55 - 2015-10-13 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-10-13 16:45 - 2015-10-13 16:45 - 00000000 ____D C:\Program Files\AutoHotkey
2015-10-12 19:16 - 2015-10-12 19:16 - 01089320 _____ (Unity Technologies ApS) C:\Users\Ken BK\Downloads\UnityWebPlayer.exe
2015-10-12 19:16 - 2015-10-12 19:16 - 00000000 ____D C:\Users\Ken BK\AppData\LocalLow\Unity
2015-10-12 19:16 - 2015-10-12 19:16 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Unity
2015-10-12 19:16 - 2015-10-12 19:16 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Macromedia
2015-10-12 19:15 - 2015-10-12 19:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-12 19:15 - 2015-10-12 19:15 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-12 19:15 - 2015-10-12 19:15 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-12 19:14 - 2015-10-17 22:21 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Adobe
2015-10-11 12:39 - 2015-08-17 20:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-11 12:39 - 2015-08-17 20:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-11 12:39 - 2015-08-15 01:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-11 12:39 - 2015-08-15 01:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-11 12:39 - 2015-08-15 01:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-11 12:39 - 2015-08-15 01:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-11 12:39 - 2015-08-15 01:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-11 12:39 - 2015-08-15 01:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-11 12:39 - 2015-08-15 01:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-11 12:39 - 2015-08-15 01:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-11 12:39 - 2015-08-15 01:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-11 12:39 - 2015-08-15 01:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-11 12:39 - 2015-08-15 01:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-11 12:39 - 2015-08-15 01:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-11 12:39 - 2015-08-15 01:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-11 12:39 - 2015-08-15 01:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-11 12:39 - 2015-08-15 01:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-11 12:39 - 2015-08-15 01:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-11 12:39 - 2015-08-15 01:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-11 12:39 - 2015-08-15 01:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-11 12:39 - 2015-08-15 00:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-11 12:39 - 2015-08-15 00:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-11 12:39 - 2015-08-15 00:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-11 12:39 - 2015-08-15 00:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-11 12:39 - 2015-08-15 00:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-11 12:39 - 2015-08-15 00:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-11 12:39 - 2015-08-15 00:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-11 12:39 - 2015-08-15 00:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-11 12:39 - 2015-08-15 00:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-11 12:39 - 2015-08-15 00:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-11 12:39 - 2015-08-15 00:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-11 12:39 - 2015-08-15 00:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-11 12:39 - 2015-08-15 00:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-11 12:39 - 2015-08-15 00:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-11 12:39 - 2015-08-15 00:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-11 12:39 - 2015-08-15 00:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-11 12:39 - 2015-08-15 00:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-11 12:39 - 2015-08-15 00:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-11 12:39 - 2015-08-15 00:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-11 12:39 - 2015-08-15 00:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-11 12:39 - 2015-08-15 00:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-11 12:39 - 2015-08-15 00:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-11 12:39 - 2015-08-15 00:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-11 12:39 - 2015-08-15 00:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-11 12:39 - 2015-08-15 00:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-11 12:39 - 2015-08-15 00:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-11 12:39 - 2015-08-15 00:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-11 12:39 - 2015-08-15 00:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-11 12:39 - 2015-08-15 00:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-11 12:39 - 2015-08-15 00:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-11 12:39 - 2015-08-15 00:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-11 12:39 - 2015-08-15 00:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-11 12:39 - 2015-08-15 00:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-11 12:39 - 2015-08-15 00:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-11 12:39 - 2015-08-15 00:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-11 12:39 - 2015-08-14 23:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-11 12:39 - 2015-08-14 23:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-11 12:39 - 2015-08-14 23:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-11 12:39 - 2015-08-14 23:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-11 12:39 - 2015-08-14 23:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-11 12:39 - 2015-07-16 14:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-10-11 12:39 - 2015-07-16 14:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-10-11 12:39 - 2015-07-16 14:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-10-11 12:39 - 2015-07-16 14:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-11 12:39 - 2015-07-16 14:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-10-11 12:39 - 2015-07-16 14:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-11 12:39 - 2015-07-11 08:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-10-11 12:39 - 2015-06-09 13:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-10-11 12:39 - 2015-06-09 13:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-10-11 12:39 - 2015-06-03 15:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-10-11 12:39 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-10-11 12:39 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-10-11 12:39 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-10-11 12:39 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-10-11 12:39 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-10-11 12:39 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-10-11 12:39 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-10-11 12:39 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-10-11 12:39 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-10-11 12:39 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-10-11 12:37 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-10-11 12:37 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-11 12:37 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-11 12:17 - 2015-10-11 12:17 - 00000161 _____ C:\Windows\apktool.bat
2015-10-11 12:13 - 2015-11-06 04:19 - 00001205 _____ C:\Users\Ken BK\Desktop\CMD.lnk
2015-10-11 12:09 - 2015-10-11 12:10 - 06104750 _____ C:\Windows\apktool.jar
2015-10-11 11:57 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-11 11:57 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-10 21:17 - 2015-01-08 18:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-10-10 21:17 - 2015-01-08 18:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-10-10 21:13 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-10 21:13 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-10 21:12 - 2015-10-10 21:12 - 00000000 ____D C:\Windows\SysWOW64\x64
2015-10-10 21:12 - 2011-02-11 21:25 - 00948760 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe
2015-10-10 21:07 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-10-10 21:07 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-10-10 21:07 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-10-10 21:07 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-10-10 21:07 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-10-10 21:07 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-10-10 21:07 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-10-10 21:07 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-10-10 21:07 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-10-10 21:07 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-10-10 20:56 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-10-10 20:56 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-10-10 20:56 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-10 20:52 - 2015-09-25 13:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-10 20:52 - 2015-09-25 13:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-10 20:52 - 2015-09-25 13:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-10 20:52 - 2015-09-25 13:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-10 20:52 - 2015-09-25 13:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-10 20:52 - 2015-09-25 12:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-10 20:52 - 2015-09-25 12:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-10 20:52 - 2015-09-25 12:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-10 20:52 - 2015-09-25 12:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-10 20:52 - 2015-09-25 12:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-10 20:52 - 2015-09-18 14:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-10 20:52 - 2015-09-18 14:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-10 20:52 - 2015-09-18 14:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-10 20:52 - 2015-09-18 14:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-10 20:52 - 2015-09-18 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-10 20:52 - 2015-09-18 14:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-10 20:52 - 2015-09-18 14:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-10 20:52 - 2015-08-05 13:02 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-10 20:52 - 2015-08-05 13:02 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-10 20:52 - 2015-08-05 12:56 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-10-10 20:52 - 2015-08-05 12:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-10 20:52 - 2015-08-05 12:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-10 20:52 - 2015-08-05 12:55 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-10 20:52 - 2015-08-05 12:50 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-10 20:52 - 2015-08-05 12:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-10 20:52 - 2015-08-05 12:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-10 20:52 - 2015-08-05 12:41 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-10 20:52 - 2015-08-05 12:41 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-10 20:52 - 2015-08-05 12:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-10 20:52 - 2015-08-05 12:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-10 20:52 - 2015-08-05 12:40 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-10 20:52 - 2015-08-05 12:40 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-10 20:52 - 2015-08-05 12:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-10 20:52 - 2015-08-05 12:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-10 20:52 - 2015-08-05 12:40 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-10 20:52 - 2015-08-05 12:39 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-10 20:52 - 2015-08-05 12:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-10 20:52 - 2015-08-05 12:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-10 20:52 - 2015-08-05 12:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-10 20:52 - 2015-08-05 12:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-10 20:52 - 2015-08-05 12:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-10 20:52 - 2015-08-05 12:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-10 20:52 - 2015-08-05 11:38 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-10 20:52 - 2015-08-05 11:37 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-10 20:52 - 2015-08-05 11:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-10 20:47 - 2015-07-18 08:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-10 20:47 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-10 19:21 - 2015-10-10 19:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-10-10 16:28 - 2015-07-30 13:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-10 16:28 - 2015-07-30 13:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-10 16:28 - 2015-07-30 13:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-10 16:28 - 2015-07-30 12:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-10-10 16:28 - 2015-07-30 12:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-10-10 16:28 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-10 16:28 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-10-10 16:27 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-10 16:27 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-10-10 13:53 - 2015-11-06 04:20 - 00001389 _____ C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-10 13:12 - 2013-10-14 20:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-10-10 13:05 - 2015-10-10 13:05 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-10-10 13:05 - 2015-10-10 13:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-10-10 13:05 - 2015-10-10 13:05 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-10-10 13:05 - 2015-10-10 13:05 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-10-10 13:05 - 2015-10-10 13:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-10-10 13:05 - 2015-10-10 13:05 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-10 13:05 - 2015-10-10 13:05 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-10-10 13:01 - 2015-10-10 13:01 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-10-10 13:01 - 2015-10-10 13:01 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-10-10 09:36 - 2015-10-10 09:47 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-10 09:36 - 2015-10-10 09:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-10 06:39 - 2012-07-25 22:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-10-10 06:39 - 2012-07-25 22:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-10-10 06:39 - 2012-07-25 22:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-10-10 06:39 - 2012-07-25 22:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-10-10 06:39 - 2012-07-25 22:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-10-10 06:39 - 2012-07-25 21:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-10-10 06:39 - 2012-07-25 21:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-10-10 06:39 - 2012-06-02 09:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-10-10 05:04 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-10 05:04 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-10-10 05:04 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-10 05:04 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-10 05:04 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-10-10 05:04 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-10-10 05:03 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-10-10 05:03 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-10 04:56 - 2012-07-06 15:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-10-10 04:56 - 2011-04-27 22:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-10-10 04:56 - 2011-02-25 01:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-10-10 04:56 - 2011-02-25 00:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-10-10 04:55 - 2011-06-16 00:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-10-10 04:55 - 2011-06-15 23:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-10-10 04:55 - 2011-03-11 01:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-10-10 04:55 - 2011-03-11 01:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-10-10 04:55 - 2011-03-11 01:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-10-10 04:55 - 2011-03-11 01:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-10-10 04:55 - 2011-03-11 01:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-10-10 04:55 - 2011-03-11 01:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-10-10 04:55 - 2011-03-11 01:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-10-10 04:55 - 2011-03-11 00:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-10-10 04:55 - 2011-03-11 00:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-10-10 04:55 - 2011-03-10 23:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-10-10 04:52 - 2012-02-11 01:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-10-10 04:52 - 2012-02-11 01:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-10-10 00:21 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-10-10 00:21 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-10-10 00:21 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-10-10 00:21 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-09 12:23 - 2015-10-05 23:59 - 00000000 ____D C:\Users\Ken BK\Desktop\important things
2015-11-09 12:00 - 2009-07-13 23:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-09 12:00 - 2009-07-13 23:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-09 11:44 - 2015-10-06 01:57 - 00796323 ____N C:\Windows\WindowsUpdate.log
2015-11-08 13:20 - 2009-07-14 00:13 - 00006472 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-07 20:42 - 2015-10-06 00:44 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Skype
2015-11-06 19:47 - 2015-10-05 23:34 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-06 19:45 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-06 04:20 - 2009-11-30 02:20 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-11-06 04:20 - 2009-11-30 02:20 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-11-06 04:20 - 2009-07-13 23:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-06 04:20 - 2009-07-13 23:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-06 04:20 - 2009-07-13 23:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-06 04:20 - 2009-07-13 23:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-06 04:19 - 2015-10-06 10:06 - 00002031 _____ C:\Users\Ken BK\Desktop\Starbound.lnk
2015-11-06 04:19 - 2015-10-06 03:29 - 00002640 _____ C:\Users\Ken BK\Desktop\Morrowind.lnk
2015-11-06 04:19 - 2015-10-06 00:43 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-06 04:19 - 2015-10-06 00:34 - 00001607 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-11-06 04:19 - 2015-10-06 00:34 - 00000957 _____ C:\Users\Public\Desktop\Steam.lnk
2015-11-06 04:19 - 2015-10-05 23:59 - 00001048 _____ C:\Users\Ken BK\Desktop\Minecraft.lnk
2015-11-06 04:19 - 2015-10-05 23:22 - 00002254 _____ C:\Users\Ken BK\Desktop\1-Click Cleaner.lnk
2015-11-06 04:19 - 2015-10-05 23:22 - 00001039 _____ C:\Users\Public\Desktop\Notepad++.lnk
2015-11-06 04:19 - 2009-12-11 07:22 - 00001875 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-06 04:19 - 2009-11-29 13:47 - 00001875 _____ C:\Users\Public\Desktop\UltraISO.lnk
2015-11-06 04:19 - 2009-07-14 00:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-06 04:19 - 2009-07-13 23:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-06 03:29 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2015-11-05 20:03 - 2015-10-06 03:28 - 00000000 ____D C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-05 16:00 - 2015-10-06 00:24 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Google
2015-11-05 13:24 - 2009-07-13 22:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-03 05:38 - 2015-10-06 00:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-03 05:20 - 2009-07-13 21:34 - 00000505 _____ C:\Windows\win.ini
2015-11-02 19:46 - 2015-10-05 23:22 - 00000000 ___RD C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-02 19:46 - 2015-10-05 23:22 - 00000000 ___RD C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 19:46 - 2009-11-25 01:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2015-11-02 19:46 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-02 19:46 - 2009-07-13 22:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-02 19:26 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-02 19:25 - 2015-10-08 01:32 - 00000000 ___RD C:\Users\Ken BK\Virtual Machines
2015-11-02 04:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-10-31 17:55 - 2015-10-06 00:36 - 00000000 ____D C:\ProgramData\Skype
2015-10-31 17:10 - 2009-07-14 00:08 - 00027322 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-22 21:20 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-10-18 12:41 - 2009-11-29 13:42 - 00000000 ____D C:\ProgramData\Adobe
2015-10-15 21:25 - 2015-10-05 23:22 - 00000000 ____D C:\Users\Ken BK
2015-10-14 10:27 - 2009-07-14 02:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-14 00:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-13 23:53 - 2015-10-08 03:27 - 00000000 ____D C:\Program Files\Bonjour
2015-10-13 23:53 - 2015-10-08 03:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-13 22:50 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-13 21:29 - 2015-10-09 22:50 - 00000000 ____D C:\Windows\Minidump
2015-10-13 20:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Registration
2015-10-13 16:45 - 2009-07-14 02:46 - 00000000 ____D C:\Windows\ShellNew
2015-10-13 16:14 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-10-12 21:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-10-12 19:17 - 2015-10-05 23:40 - 00000000 ____D C:\Users\Ken BK\AppData\Local\Mozilla
2015-10-12 11:24 - 2015-10-09 23:09 - 00000000 ____D C:\Program Files (x86)\TigerGame Superjoy Box Series
2015-10-11 11:12 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Cursors
2015-10-11 11:03 - 2009-07-13 23:45 - 00267672 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-11 11:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-10 23:53 - 2009-07-13 21:34 - 68419584 _____ C:\Windows\system32\config\SOFTWARE.rcbak
2015-10-10 23:53 - 2009-07-13 21:34 - 56885248 _____ C:\Windows\system32\config\COMPONENTS.rcbak
2015-10-10 23:53 - 2009-07-13 21:34 - 20709376 _____ C:\Windows\system32\config\SYSTEM.rcbak
2015-10-10 23:53 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.rcbak
2015-10-10 23:53 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\SAM.rcbak
2015-10-10 23:53 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.rcbak
2015-10-10 23:32 - 2009-07-14 02:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-10 23:31 - 2015-10-06 10:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-10 23:31 - 2015-10-06 10:50 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-10 23:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-10 23:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2015-10-10 13:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-10-10 13:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-10-10 13:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-10-10 13:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-10-10 10:37 - 2015-10-05 23:27 - 00058016 _____ C:\Users\Ken BK\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-10 09:37 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-10-10 09:37 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-10-10 09:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2015-10-10 09:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-10 04:01 - 2009-11-29 15:30 - 00786602 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <===== ATTENTION
 
 
LastRegBack: 2015-10-30 23:52
 
==================== End of FRST.txt ============================
 
Addition.txt
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Ken BK (2015-11-09 12:29:57)
Running from C:\Users\Ken BK\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-10-06 04:22:14)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-460937243-1366827296-1215836000-500 - Administrator - Disabled)
ASPNET (S-1-5-21-460937243-1366827296-1215836000-1004 - Limited - Enabled)
Guest (S-1-5-21-460937243-1366827296-1215836000-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-460937243-1366827296-1215836000-1002 - Limited - Enabled)
Ken BK (S-1-5-21-460937243-1366827296-1215836000-1005 - Administrator - Enabled) => C:\Users\Ken BK
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: System Shield (Disabled - Up to date) {3030810C-E2AC-B12D-8BB1-B1B8C0193798}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: System Shield (Disabled - Up to date) {8B5160E8-C496-BEA3-B101-8ACABB9E7D25}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.08 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0908-000001000000}) (Version: 9.08.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AutoHotkey 1.1.22.07 (HKLM\...\AutoHotkey) (Version: 1.1.22.07 - Lexikos)
AVSDK5 (Version: 5.4.11 - CYREN Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM-x32\...\CCleaner) (Version:  - Piriform)
CPU-Z (HKLM\...\CPU-Z) (Version: 1.52.2 - 2001 - 2009 CPUID)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPU-Z (HKLM\...\Gpuz) (Version: 0.3.5 - 2004 - 2009 TechPowerUp)
HDTune (HKLM\...\HDTune) (Version: 2.5.5.0 - 2003 - 2009 by EFD Software)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HWMonitor (HKLM\...\HWMonitor) (Version: 1.1.4.0 - 2001 - 2009 CPUID)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6272.0 - IDT)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel® Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.6.0 - iolo technologies, LLC)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LockHunter version 1.0 beta 3, 64 bit edition (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich, Ltd)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.41108.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.5 - )
PC Wizard (HKLM\...\PC Wizard) (Version: 2009.1.9.0 - 2001 - 2009 CPUID)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pulover's Macro Creator version 4.1.3 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 4.1.3 - Rodolfo U. Batista)
QuickTime (HKLM-x32\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.16.3039.0 - Hi-Rez Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Mechanic 12 Professional (x32 Version: 14.6.0 - ) Hidden
TigerGame Superjoy Box Series (HKLM-x32\...\TigerGame Superjoy Box Series_is1) (Version:  - )
UltraISO Premium V9.35 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-460937243-1366827296-1215836000-1005\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-460937243-1366827296-1215836000-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Universal Extractor 1.6 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6 - Jared Breland)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
WIDCOMM BTW Development Kit (HKLM-x32\...\{0B75A75A-3D2C-479B-ACA0-A17A0B4B7628}) (Version: 6.1.0.1506 - Broadcom Corporation)
Windows 7 Manager (HKLM\...\{D86B6C32-49BD-4A02-9C43-14E497018498}) (Version: 1.1.6 - Yamicsoft)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
24-10-2015 18:11:00 Installed Microsoft Visual C++ 2005 Redistributable
24-10-2015 18:28:05 Installed QuickTime
24-10-2015 19:02:32 Installed Media Manager for WALKMAN 1.2
24-10-2015 19:13:20 Removed Media Manager for WALKMAN 1.2
26-10-2015 05:57:33 Windows Update
30-10-2015 02:24:45 Windows Update
31-10-2015 01:43:28 Installed Hi-Rez Studios Games
31-10-2015 01:49:49 Intel Driver Update Utility
31-10-2015 15:29:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
31-10-2015 15:30:39 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
31-10-2015 15:31:34 Installed DirectX
31-10-2015 17:14:23 Installed Windows 7 Manager
03-11-2015 07:26:47 Windows Update
05-11-2015 15:59:45 Chrome Cleanup Tool
09-11-2015 05:56:15 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0DEBD404-E2A8-4B68-ADA4-88FD24C92A89} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2015-07-25] (iolo technologies, LLC)
Task: {1322D51F-3E18-4F26-8724-29DE0301E863} - System32\Tasks\{D0DD9A09-8174-4219-8F69-1E3168F11701} => pcalua.exe -a "C:\Users\Ken BK\Desktop\important things\LeagueofLegends_NA_Installer_9_15_2014.exe" -d C:\Windows\SysWOW64 -c /groupsextract:100;101; /out:"C:\Users\Ken BK\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:4948
Task: {23969807-3145-4EDF-98A4-89101A59632D} - System32\Tasks\{30ABC763-ABA6-4B27-8D4A-BE4937A10252} => pcalua.exe -a "C:\Program Files\XBCD\Driver\XBCD_DrvReInt.exe"
Task: {54C08987-D83C-4283-BA3F-48C102A50AE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {6CAC0E8F-53ED-43D6-A716-8DD55F5405F3} - System32\Tasks\{47410B98-4A87-4475-8BE7-ABFFA7F09616} => pcalua.exe -a "C:\Users\Ken BK\Downloads\DuOS 1.0.15.6798 Cracked AllfreePerks.in\DuOS 1.0.15.6798 Setup\Duos x64 1.0.15.6798 AllFreePerks.in\DuOSInstaller.exe" -d "C:\Users\Ken BK\Downloads\DuOS 1.0.15.6798 Cracked AllfreePerks.in\DuOS 1.0.15.6798 Setup\Duos x64 1.0.15.6798 AllFreePerks.in"
Task: {96847D4D-0B98-446F-99DA-A8978008B970} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {AA95DB42-D47A-4B57-A084-C8DC6F33ACCD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {CC7059D7-BDF3-4E50-88B6-4F3F397092D6} - System32\Tasks\{458455B1-0413-4BF5-8CBB-40DDF2F0E750} => pcalua.exe -a "C:\Users\Ken BK\Desktop\important things\JavaSetup8u60.exe" -d "C:\Users\Ken BK\Desktop\important things"
Task: {D72BAE2A-43AE-49A5-8B44-3EAE231E2417} - System32\Tasks\Games\UpdateCheck_S-1-5-21-460937243-1366827296-1215836000-1005
Task: {D9834153-386F-4067-AFE4-F4EC0374F600} - System32\Tasks\{CA02788B-ED3E-493A-AD78-7D4A4CF9FCF6} => Chrome.exe hxxp://ui.skype.com/ui/0/7.11.0.102/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2009-11-29 13:50 - 2009-08-16 06:36 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-10-13 16:45 - 2015-09-27 04:26 - 01144320 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2015-11-03 05:38 - 2015-10-20 09:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-11-03 05:38 - 2015-10-20 09:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-10-05 23:34 - 2015-10-05 11:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-05 23:34 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-05 23:34 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-05 23:34 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-05 23:34 - 2015-11-05 11:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-05 23:34 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-05 23:34 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-05 23:34 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-05 23:34 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-05 23:34 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-05 23:34 - 2015-11-05 11:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-10-05 23:34 - 2015-11-03 17:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-05 23:34 - 2015-10-08 17:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-10-05 23:34 - 2015-09-24 18:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-11-03 05:38 - 2015-10-20 09:08 - 16493384 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseqrts => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-460937243-1366827296-1215836000-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-460937243-1366827296-1215836000-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Ken BK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk => C:\Windows\pss\HandyAndy.lnk.CommonStartup
MSCONFIG\startupreg: CleanSetup => cmd /C rmdir /S /Q "C:\Users\Ken BK\AppData\Local\Temp\nro.tmp\"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{93394182-E0B7-4E45-AE88-15366A3D9759}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{A7C9A2EF-F97E-4CBD-923F-0D83963E9493}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{8DCDD99C-0E7B-4689-B838-C6348E625DB9}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{E222A56B-6EA4-47F4-81D7-9EEA7BFCDBD6}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{DDF558F9-3534-4690-8AE9-2A3531DD28F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{98B61D01-D034-45E6-A67B-AE7A24A7A377}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6203606A-01B0-4D2C-AF4A-43FA29B3FD04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A7401644-4578-4C5B-B411-890E2EC2DF91}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B94022CA-FC3D-4E14-BFEF-3251BB971DBD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5ACDB37B-CA98-4810-B0A2-CAC3EC366A66}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{16C299E7-81E9-4945-AAB4-B24788449797}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46DC9266-0714-45FC-A8E3-EC99E6EB6A90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8BB17A8-D07B-4178-8C8A-FEB82F19048D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D5A15D99-EF1A-4AB1-8673-0EDF6B1D733E}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{6B79E4A8-9DCD-4E12-BDEA-DF710A19A016}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{FCCBB18F-5B30-4C1F-9997-73CBBBBE9E2F}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{64B8872B-F50B-4DD5-A85A-92BF0BD36776}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{5DE3B501-EB98-48E8-A582-88905B618656}] => (Allow) C:\Users\Ken BK\AppData\Roaming\Andy\Setup.exe
FirewallRules: [{0AEB5400-AE57-4AEB-98CD-523C428010FD}] => (Allow) C:\Users\Ken BK\AppData\Roaming\Andy\Setup.exe
FirewallRules: [{48A0C2FC-EA18-443D-AB1B-A16DAFDA07B4}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe
FirewallRules: [{5C1FBCFD-F415-4AEC-A250-409720BE5805}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe
FirewallRules: [TCP Query User{E2CAA0E4-7E89-4333-8721-15BE8E81B23E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{F5862D4F-C19C-4929-A380-168C7CF4D330}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{EC59838E-3E82-4B0F-8EED-58E3EF73EC05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 68%
Total physical RAM: 3546.36 MB
Available physical RAM: 1130.26 MB
Total Virtual: 7090.93 MB
Available Virtual: 3586.29 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:172.52 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D4A918E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
i have iolo system mechanic for security i was in the swing of downloading a few things for my laptop and this is one of the only times ive gotten spam 
 

 
i have two posts about the same thing both said that they timed out i did not know if it went through or not so i made a new post       Mod Edit:  Taken care of - Hamluis.
 

Edited by hamluis, 09 November 2015 - 01:16 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:05 PM

Posted 12 November 2015 - 09:54 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\RunOnce: [4FA12186-8D89-4137-B5DF-B472F6A69F8B] => [X]
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} -  No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwheBF1HRRgVcgsOTA1BQFMOIlgAURQQQgRFcA5aWA1JEgMFIk0FA1oDB0VXfV5bFElXTwhwJVx1DksUc1BQNVVMEnEEQw=="
S3 StarOpen; no ImagePath
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VMAUDIO; system32\drivers\vmaudio.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 XBCD; system32\DRIVERS\XBCD.sys [X]
Task: {D9834153-386F-4067-AFE4-F4EC0374F600} - System32\Tasks\{CA02788B-ED3E-493A-AD78-7D4A4CF9FCF6} => Chrome.exe hxxp://ui.skype.com/ui/0/7.11.0.102/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

If the problem persists reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en
Select "From the beginning of time"

Restart Chrome.

====

How is the computer running now?

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:05 PM

Posted 18 November 2015 - 09:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users