FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Qassim (administrator) on QAS_PC on 12-06-2015 18:48:43
Running from C:\Users\Qassim\Downloads
Loaded Profiles: Qassim (Available Profiles: Qassim)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-25] (Power Software Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-05-26] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\...\Run: [uTorrent] => C:\Users\Qassim\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-11] (BitTorrent Inc.)
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Qassim\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\...\MountPoints2: E - "E:\setup.exe"
Startup: C:\Users\Qassim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor - Shortcut.lnk [2015-01-20]
ShortcutTarget: Monitor - Shortcut.lnk -> C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE ()
Startup: C:\Users\Qassim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-05-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2302587062-3611041661-3303187194-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-19] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-19] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Qassim\AppData\Roaming\Mozilla\Firefox\Profiles\thxgi95r.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Google Docs) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Google Drive) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Google Search) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (Google Sheets) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-05-26]
CHR Extension: (AdBlock) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-02]
CHR Extension: (Download Master) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2015-01-19]
CHR Extension: (AdFly bypasser) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdlpmihmlgmnnkhfokaolfcfdjpneafh [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]
CHR Extension: (Skipper) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogelglhkekbnacdpabpajccajmdpnpbe [2015-01-19]
CHR Extension: (Gmail) - C:\Users\Qassim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-05-26] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-20] ()
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1744952 2015-05-16] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6507576 2015-05-16] (GOG.com)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-10] ()
S2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2015-05-26] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-20] (Advanced Micro Devices)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2222736 2014-12-08] (MediaTek Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-12] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S5 WinDivert1.1; <===== ATTENTION Locked Service
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 18:35 - 2015-06-12 18:35 - 00001435 _____ C:\Users\Qassim\Desktop\JRT.txt
2015-06-12 18:33 - 2015-06-12 18:33 - 02943090 _____ (Thisisu) C:\Users\Qassim\Downloads\JRT.exe
2015-06-12 18:33 - 2015-06-12 18:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-QAS_PC-Windows-8.1-Pro-(64-bit).dat
2015-06-12 18:33 - 2015-06-12 18:33 - 00000000 ____D C:\RegBackup
2015-06-12 18:26 - 2015-06-12 18:30 - 00000000 ____D C:\AdwCleaner
2015-06-12 18:26 - 2015-06-12 18:26 - 02231296 _____ C:\Users\Qassim\Downloads\adwcleaner_4.206.exe
2015-06-12 18:01 - 2015-06-12 18:08 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-12 18:01 - 2015-06-12 18:01 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-12 18:00 - 2015-06-12 18:00 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Qassim\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-06-12 15:00 - 2015-06-12 18:48 - 00015339 _____ C:\Users\Qassim\Downloads\FRST.txt
2015-06-12 15:00 - 2015-06-12 15:02 - 00000000 ____D C:\Users\Qassim\Desktop\New folder
2015-06-12 15:00 - 2015-06-12 15:00 - 00064483 _____ C:\Users\Qassim\Downloads\Addition.txt
2015-06-12 14:56 - 2015-06-12 14:56 - 02108928 _____ (Farbar) C:\Users\Qassim\Downloads\FRST64 (1).exe
2015-06-12 14:55 - 2015-06-12 18:48 - 00000000 ____D C:\FRST
2015-06-12 14:55 - 2015-06-12 14:55 - 02108928 _____ (Farbar) C:\Users\Qassim\Downloads\FRST64.exe
2015-06-12 14:14 - 2015-06-12 14:50 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-06-12 14:01 - 2015-06-12 14:01 - 00002862 _____ C:\Windows\system32\.crusader
2015-06-12 13:40 - 2015-06-12 18:13 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-12 13:40 - 2015-06-12 13:40 - 00001135 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-12 13:40 - 2015-06-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-12 13:40 - 2015-06-12 13:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-12 13:40 - 2015-06-12 13:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-12 13:40 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-12 13:40 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-12 13:40 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-12 13:39 - 2015-06-12 13:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Qassim\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-12 13:24 - 2015-06-12 13:24 - 00283104 _____ C:\Windows\Minidump\061215-18828-01.dmp
2015-06-11 19:42 - 2015-06-11 19:45 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-11 19:41 - 2015-06-11 19:42 - 11024496 _____ (SurfRight B.V.) C:\Users\Qassim\Downloads\HitmanPro_x64.exe
2015-06-11 19:35 - 2015-06-11 19:35 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\Process Hacker 2
2015-06-11 19:32 - 2015-06-11 19:32 - 02861361 _____ C:\Users\Qassim\Downloads\processhacker-2.35-bin.zip
2015-06-11 19:21 - 2015-06-12 18:01 - 00000000 ____D C:\Users\Qassim\Downloads\New folder
2015-06-11 18:58 - 2015-06-11 18:58 - 00000000 ____D C:\ProgramData\ATI
2015-06-11 18:56 - 2015-06-11 18:56 - 00058610 _____ C:\Windows\SysWOW64\CCCInstall_201506111856249734.log
2015-06-11 18:56 - 2015-06-11 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-06-11 18:56 - 2015-06-11 18:56 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-06-11 18:55 - 2015-06-11 18:55 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-06-08 19:46 - 2015-06-08 19:46 - 00030857 _____ C:\Users\Qassim\Downloads\test.torrent
2015-06-07 12:25 - 2015-06-07 12:25 - 00001622 _____ C:\Users\Public\Desktop\Fallout.lnk
2015-06-07 12:25 - 2015-06-07 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout [GOG.com]
2015-06-04 14:42 - 2015-06-04 14:42 - 00416521 _____ C:\Users\Qassim\Downloads\fivem.zip
2015-06-01 23:27 - 2015-06-01 23:27 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2015-06-01 23:27 - 2015-06-01 23:27 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2015-06-01 23:10 - 2014-10-30 18:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-06-01 23:10 - 2014-10-30 18:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-31 10:02 - 2015-05-31 10:53 - 00000000 ____D C:\Users\Qassim\Documents\The Escapists
2015-05-31 10:02 - 2015-05-31 10:02 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\MMFApplications
2015-05-30 14:11 - 2015-05-30 14:11 - 00001669 _____ C:\Users\Qassim\Desktop\Europa Universalis IV.lnk
2015-05-26 22:28 - 2015-05-26 22:28 - 00000000 ____D C:\ProgramData\Google
2015-05-26 22:26 - 2015-05-26 22:26 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-26 18:41 - 2015-05-26 18:41 - 00450744 _____ C:\Windows\system32\amdmiracast.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-05-26 18:40 - 2015-05-26 18:40 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-05-26 18:40 - 2015-05-26 18:40 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-05-26 18:40 - 2015-05-26 18:40 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-05-26 18:40 - 2015-05-26 18:40 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-05-26 18:38 - 2015-05-26 18:38 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-05-26 18:35 - 2015-05-26 18:35 - 19339264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-05-26 18:32 - 2015-05-26 18:32 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2015-05-26 18:30 - 2015-05-26 18:30 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-05-26 18:27 - 2015-05-26 18:27 - 40989696 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-05-26 18:26 - 2015-05-26 18:26 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-26 18:25 - 2015-05-26 18:25 - 06375936 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdhsasc.dll
2015-05-26 18:21 - 2015-05-26 18:21 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-05-26 18:21 - 2015-05-26 18:21 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-05-26 18:20 - 2015-05-26 18:20 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-05-26 18:12 - 2015-05-26 18:12 - 00641088 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-05-26 18:12 - 2015-05-26 18:12 - 00641088 _____ C:\Windows\system32\atiapfxx.blb
2015-05-26 18:12 - 2015-05-26 18:12 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-05-26 18:12 - 2015-05-26 18:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-05-26 18:11 - 2015-05-26 18:11 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-05-26 18:11 - 2015-05-26 18:11 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-05-26 18:11 - 2015-05-26 18:11 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-05-26 18:09 - 2015-05-26 18:09 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-05-26 18:09 - 2015-05-26 18:09 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-05-26 18:08 - 2015-05-26 18:08 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-05-26 18:07 - 2015-05-26 18:07 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-05-26 18:07 - 2015-05-26 18:07 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-05-26 18:07 - 2015-05-26 18:07 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-05-26 18:07 - 2015-05-26 18:07 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-05-26 18:07 - 2015-05-26 18:07 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-05-26 18:03 - 2015-05-26 18:03 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-05-26 18:03 - 2015-05-26 18:03 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-05-22 23:20 - 2015-05-22 23:20 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\New Technology Studio
2015-05-22 23:20 - 2015-05-22 23:20 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2015-05-22 23:20 - 2015-05-22 23:20 - 00000000 ____D C:\Users\Qassim\AppData\Local\New Technology Studio
2015-05-22 23:19 - 2015-05-22 23:19 - 03984384 _____ (New Technology Studio) C:\Users\Qassim\Downloads\ovisetup.exe
2015-05-22 08:52 - 2015-06-12 18:32 - 00000000 ____D C:\Users\Qassim\AppData\Local\LogMeIn Hamachi
2015-05-22 08:52 - 2015-05-22 08:52 - 00000000 ____D C:\Users\Qassim\AppData\Local\LogMeIn
2015-05-22 08:52 - 2015-05-22 08:52 - 00000000 ____D C:\ProgramData\LogMeIn
2015-05-22 08:51 - 2015-05-22 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-05-22 08:51 - 2015-05-22 08:51 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-05-22 08:50 - 2015-05-22 08:51 - 08552448 _____ C:\Users\Qassim\Downloads\hamachi.msi
2015-05-20 22:56 - 2015-05-20 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game of Thrones A Telltale Games Series
2015-05-18 19:14 - 2015-05-10 11:32 - 00000792 _____ C:\Users\Qassim\Desktop\..lnk
2015-05-16 09:48 - 2015-05-16 09:54 - 00000000 ____D C:\Users\Qassim\Documents\Witcher 2
2015-05-16 09:48 - 2015-05-16 09:48 - 00000000 ____D C:\Users\Qassim\AppData\Local\The Witcher 2
2015-05-14 22:05 - 2015-05-14 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 [GOG.com]
2015-05-14 17:12 - 2015-06-07 12:24 - 00000000 ____D C:\GOG Games
2015-05-14 17:09 - 2015-05-14 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-14 17:09 - 2015-05-14 17:09 - 00000000 ____D C:\ProgramData\GOG.com
2015-05-14 17:09 - 2015-05-14 17:09 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2015-05-13 21:29 - 2015-05-13 21:29 - 00000000 ____D C:\Users\Qassim\Documents\Visual Studio 2008
2015-05-13 21:28 - 2015-05-13 21:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-05-13 21:28 - 2015-05-13 21:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-05-13 21:27 - 2015-05-13 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XVL Player (Ver. 9 or later) 64-bit Edition
2015-05-13 21:25 - 2015-05-13 21:27 - 00000000 ____D C:\Program Files\Lattice
2015-05-13 21:25 - 2015-05-13 21:27 - 00000000 ____D C:\Program Files (x86)\Lattice
2015-05-13 21:23 - 2015-05-13 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Technical Suite X6 (64-Bit)
2015-05-13 20:18 - 2015-05-13 20:18 - 00000000 ____D C:\Users\Qassim\Documents\My Palettes
2015-05-13 20:16 - 2015-05-13 21:29 - 00000000 ____D C:\Users\Qassim\Documents\Corel
2015-05-13 20:16 - 2015-05-13 21:29 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\Corel
2015-05-13 20:14 - 2015-05-13 20:14 - 00000000 ____D C:\Program Files\Common Files\Corel
2015-05-13 20:13 - 2015-05-13 21:23 - 00000000 ____D C:\Users\Public\Documents\Corel
2015-05-13 20:13 - 2015-05-13 20:13 - 00000000 ____D C:\Program Files\Common Files\Protexis
2015-05-13 20:12 - 2015-05-13 21:29 - 00000000 ____D C:\ProgramData\Corel
2015-05-13 20:12 - 2015-05-13 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2015-05-13 20:12 - 2015-05-13 20:12 - 00000000 ____D C:\Program Files\Corel
2015-05-13 19:17 - 2015-05-13 19:17 - 00000000 ____D C:\Users\Qassim\AppData\Local\Akamai
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 18:45 - 2015-01-19 07:10 - 01236894 _____ C:\Windows\WindowsUpdate.log
2015-06-12 18:38 - 2013-08-22 07:36 - 00006656 _____ C:\Windows\system32\lpcio.dll
2015-06-12 18:36 - 2015-01-19 07:13 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 18:36 - 2015-01-19 06:56 - 00005388 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 18:32 - 2015-01-19 07:13 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-12 18:31 - 2015-04-07 16:15 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-12 18:31 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-12 18:02 - 2015-01-19 07:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-12 18:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-12 15:11 - 2015-01-19 06:56 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2302587062-3611041661-3303187194-1001
2015-06-12 14:38 - 2015-01-19 06:41 - 00011770 _____ C:\Windows\PFRO.log
2015-06-12 13:24 - 2015-01-19 08:09 - 00000000 ____D C:\Windows\Minidump
2015-06-12 13:24 - 2015-01-19 08:08 - 238539223 _____ C:\Windows\MEMORY.DMP
2015-06-12 01:39 - 2015-02-15 20:15 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\Skype
2015-06-11 19:48 - 2015-04-13 19:27 - 00000080 _____ C:\Users\Qassim\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-06-11 18:57 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-11 18:56 - 2015-01-19 07:39 - 00000000 ____D C:\ProgramData\AMD
2015-06-11 18:56 - 2015-01-19 07:38 - 00000000 ____D C:\Program Files\AMD
2015-06-11 18:55 - 2013-08-22 10:46 - 00016247 _____ C:\Windows\setupact.log
2015-06-11 18:52 - 2015-01-19 07:37 - 00000000 ____D C:\AMD
2015-06-11 18:18 - 2015-04-13 19:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-11 18:17 - 2015-04-13 19:27 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-10 18:04 - 2015-01-19 13:21 - 00000600 _____ C:\Users\Qassim\PUTTY.RND
2015-06-10 18:04 - 2015-01-19 13:21 - 00000000 ____D C:\Users\Qassim\Documents\utmp
2015-06-10 16:06 - 2015-01-19 13:29 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\uTorrent
2015-06-09 22:19 - 2015-01-19 08:40 - 00000000 ____D C:\Users\Qassim\Documents\My Games
2015-06-08 14:54 - 2015-01-19 13:22 - 00000228 _____ C:\Users\Qassim\Documents\u.ini
2015-06-07 16:33 - 2015-03-18 20:50 - 00000000 ____D C:\Users\Qassim\AppData\Roaming\vlc
2015-06-02 22:05 - 2015-01-19 06:51 - 00000000 ____D C:\Users\Qassim\AppData\Local\Packages
2015-06-02 14:33 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-02 06:28 - 2015-01-19 07:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-02 06:28 - 2015-01-19 07:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-01 23:27 - 2015-02-05 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-01 23:27 - 2015-02-05 20:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-01 23:24 - 2015-02-05 21:03 - 00000000 ____D C:\Windows\system32\MRT
2015-06-01 23:20 - 2013-08-22 09:25 - 00000167 _____ C:\Windows\win.ini
2015-06-01 23:18 - 2015-01-19 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-30 14:11 - 2015-02-16 18:48 - 00000000 ____D C:\Users\Qassim\Documents\Paradox Interactive
2015-05-30 14:09 - 2015-01-31 19:37 - 00000000 ____D C:\Games
2015-05-28 00:00 - 2015-01-19 06:51 - 00000000 ____D C:\Users\Qassim
2015-05-26 22:28 - 2015-01-19 07:13 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-26 18:41 - 2015-03-31 16:46 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 01359752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-05-26 18:40 - 2015-03-31 16:46 - 09411256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-05-26 18:40 - 2015-03-31 16:46 - 01136736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 11089120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-05-26 18:28 - 2015-03-31 16:33 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-05-26 18:26 - 2015-03-31 16:32 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-26 18:25 - 2015-03-31 16:30 - 07915520 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhsasc64.dll
2015-05-26 18:15 - 2015-03-31 16:20 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-05-26 18:05 - 2014-11-20 22:10 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-05-26 18:04 - 2015-03-31 16:09 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-05-26 18:04 - 2015-03-31 16:09 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-05-26 18:04 - 2015-03-31 16:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-05-26 18:03 - 2015-03-31 16:09 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-05-25 14:17 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-05-23 13:01 - 2015-01-22 07:05 - 00000000 ____D C:\Users\Qassim\Documents\Rockstar Games
2015-05-22 08:46 - 2015-01-19 08:40 - 00572122 _____ C:\Windows\DirectX.log
2015-05-20 22:59 - 2015-01-19 06:57 - 00000000 ____D C:\Users\Qassim\Documents\Telltale Games
2015-05-19 14:31 - 2015-01-19 07:13 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 14:31 - 2015-01-19 07:13 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 13:42 - 2015-04-19 21:27 - 00000000 ____D C:\Users\Qassim\Documents\My Cheat Tables
2015-05-14 14:16 - 2013-08-22 10:44 - 05112632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 21:27 - 2015-01-19 08:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-13 21:25 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-05-13 20:14 - 2015-01-19 07:39 - 00000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2015-04-27 16:36 - 2015-04-27 16:36 - 0000000 ___SH () C:\Users\Qassim\AppData\Local\LumaEmu
Some files in TEMP:
====================
C:\Users\Qassim\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Qassim\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Qassim\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Qassim\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Qassim\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Qassim\AppData\Local\Temp\ose00000.exe
C:\Users\Qassim\AppData\Local\Temp\Quarantine.exe
C:\Users\Qassim\AppData\Local\Temp\raptrpatch.exe
C:\Users\Qassim\AppData\Local\Temp\raptr_stub.exe
C:\Users\Qassim\AppData\Local\Temp\sqlite3.dll
C:\Users\Qassim\AppData\Local\Temp\SRLDetectionLibrary2803185078105024996.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 12:20
==================== End of log ============================