Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Programs '"lsass.exe" and "svchost.exe" in C:\Windows\Temp hogging CPU


  • Please log in to reply
9 replies to this topic

#1 MersennePrime

MersennePrime

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 14 June 2015 - 10:54 AM

I think I'm having the same exact problem as this user who also posted in these forums: http://www.bleepingcomputer.com/forums/t/578630/lsassexe-and-svchostexe-taking-up-100-cpu-and-cant-get-rid-of-them/.

These two programs use up all of my CPU constantly making it say my CPU is at 100% in the task manager. Some antivirus programs I have tried before have detected them and get rid of them, but they reappear upon a restart of my PC. I did the following scan after I have already deleted the programs from the Temp folder, if that is important. Thank you very much for your assistance.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Colin (administrator) on COLIN2-PC on 14-06-2015 11:39:55
Running from C:\Users\Colin\Downloads
Loaded Profiles: Colin (Available Profiles: Colin)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,"C:\Windows\system32\userinit.exe", [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2015-01-27] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-01-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-06-09]
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A204CECF-05BD-47FE-8874-8CA5429D41AE}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\1p8v7xvo.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4107431069-931421496-4038032020-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Colin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Extension: Reddit Enhancement Suite - C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\1p8v7xvo.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-01-26]
FF Extension: Adblock Plus - C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\1p8v7xvo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF HKU\S-1-5-21-4107431069-931421496-4038032020-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2015-06-13]
CHR Extension: (Google Slides) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (BetterTTV) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-12-26]
CHR Extension: (Google Docs) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Sad Panda) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-12-26]
CHR Extension: (uBlock Origin) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-03-18]
CHR Extension: (Google Search) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (Pandora Listener) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\danjmbbdjabpapehlajpomcignjnoidp [2014-12-29]
CHR Extension: (Tampermonkey) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-25]
CHR Extension: (TastyPlug) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\faccgibalfdoihmenknhpfhldkmgaang [2015-03-18]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-27]
CHR Extension: (Google Sheets) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (ReChat for Twitch™) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2014-12-26]
CHR Extension: (Kappa Everywhere - Global Twitch Emotes) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafkphjeboadjffjfcigcdfdilpcacod [2015-04-08]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-09]
CHR Extension: (Grooveshark Enhancement Suite) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbglmejghppifhhbdhbaijiagbaedeec [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
CHR Extension: (Gmail) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-05] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-06-09] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2015-05-26] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-20] (Advanced Micro Devices)
R3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
S3 CorsairCAHS1; C:\Windows\system32\drivers\CAHS164.sys [1308160 2011-06-17] (C-Media Electronics Inc)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-26] (Disc Soft Ltd)
U0 hlyk; C:\Windows\System32\drivers\cqwxu.sys [79064 2015-06-14] (Malwarebytes Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-31] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-14 11:39 - 2015-06-14 11:39 - 00056303 _____ C:\Users\Colin\Downloads\Addition.txt
2015-06-14 11:38 - 2015-06-14 11:39 - 00017952 _____ C:\Users\Colin\Downloads\FRST.txt
2015-06-14 11:38 - 2015-06-14 11:39 - 00000000 ____D C:\FRST
2015-06-14 11:35 - 2015-06-14 11:35 - 02109952 _____ (Farbar) C:\Users\Colin\Downloads\FRST64.exe
2015-06-14 04:03 - 2015-06-14 04:03 - 01483336 _____ (Microsoft Corporation) C:\Users\Colin\Downloads\mediacreationtool.exe
2015-06-14 03:15 - 2015-06-14 03:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-14 03:15 - 2015-06-14 03:19 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-14 03:15 - 2015-06-14 03:15 - 00001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-06-14 03:15 - 2015-06-14 03:15 - 00001391 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-06-14 03:15 - 2015-06-14 03:15 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-14 03:15 - 2015-06-14 03:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-06-14 03:15 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-06-14 03:14 - 2015-06-14 03:15 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Colin\Downloads\spybot-2.4.exe
2015-06-14 03:14 - 2015-06-14 03:14 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\cqwxu.sys
2015-06-14 03:14 - 2015-06-14 03:14 - 00000260 _____ C:\Windows\SysWOW64\yndqi
2015-06-14 03:09 - 2015-06-14 03:09 - 02073320 _____ C:\Users\Colin\Downloads\TempFileCleaner_4.4.0_Setup.exe
2015-06-14 02:47 - 2015-06-14 02:50 - 00002510 _____ C:\Users\Colin\Desktop\Rkill.txt
2015-06-14 01:51 - 2015-06-14 02:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 01:51 - 2015-06-14 01:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Colin\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-14 01:51 - 2015-06-14 01:51 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-14 01:51 - 2015-06-14 01:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-14 01:51 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-14 01:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-14 01:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-14 00:59 - 2015-06-14 00:59 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Colin\Downloads\tdsskiller.exe
2015-06-14 00:54 - 2015-06-14 00:54 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Colin\Downloads\rkill.exe
2015-06-13 01:58 - 2015-06-13 01:58 - 00000000 ____D C:\Users\Colin\AppData\Roaming\RenPy
2015-06-13 01:56 - 2015-06-13 01:57 - 70835336 _____ (GOG.com ) C:\Users\Colin\Downloads\setup_long_live_the_queen_2.2.0.6.exe
2015-06-13 01:56 - 2015-06-13 01:56 - 00011317 _____ C:\Users\Colin\Downloads\[kat.cr]long.live.the.queen.1.3.gog.torrent
2015-06-12 18:54 - 2015-06-12 18:56 - 568786998 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 11 [1080p].mkv
2015-06-12 16:42 - 2015-06-12 16:42 - 00000000 ____D C:\Users\Colin\Downloads\steamSummerMinigame-master
2015-06-12 16:41 - 2015-06-12 16:41 - 00005312 _____ C:\Users\Colin\Downloads\steamSummerMinigame-master.zip
2015-06-10 18:24 - 2015-06-10 18:24 - 00019535 _____ C:\Users\Colin\Downloads\[kat.cr]titan.souls.digital.special.edition.gog.torrent
2015-06-10 18:24 - 2015-06-10 18:24 - 00000000 ____D C:\Users\Colin\Downloads\Titan Souls
2015-06-09 23:56 - 2015-06-10 00:03 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Curse Client
2015-06-09 23:56 - 2015-06-09 23:56 - 42473080 _____ (Curse) C:\Users\Colin\Downloads\CurseClientSetup.exe
2015-06-09 23:56 - 2015-06-09 23:56 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Curse
2015-06-09 20:46 - 2015-06-09 20:46 - 00000000 ____D C:\Users\Colin\AppData\Local\Corsair
2015-06-09 18:12 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-09 18:12 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-09 18:12 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-09 18:12 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-09 18:11 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 18:11 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 18:11 - 2015-05-25 09:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 18:11 - 2015-05-25 09:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 18:11 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 18:11 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 18:11 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 18:11 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 18:11 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 18:11 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 18:11 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 18:11 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 18:11 - 2015-05-22 22:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 18:11 - 2015-05-22 22:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 18:11 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 18:11 - 2015-05-22 22:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 18:11 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 18:11 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 18:11 - 2015-05-22 22:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 18:11 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 18:11 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 18:11 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 18:11 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 18:11 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 18:11 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 18:11 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 18:11 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 18:11 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 18:11 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 18:11 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 18:11 - 2015-05-22 14:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 18:11 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 18:11 - 2015-05-22 14:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 18:11 - 2015-05-22 14:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 18:11 - 2015-05-22 14:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 18:11 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 18:11 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 18:11 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 18:11 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 18:11 - 2015-05-22 13:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 18:11 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 18:11 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 18:11 - 2015-05-22 09:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 18:11 - 2015-05-21 12:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 18:11 - 2015-05-21 09:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 18:11 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 18:11 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 18:11 - 2015-04-16 18:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 18:11 - 2015-04-16 02:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-09 18:11 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-09 18:11 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-09 18:11 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-09 18:11 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-09 18:11 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-09 18:11 - 2015-04-08 18:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-09 18:11 - 2015-04-01 18:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-09 18:11 - 2015-04-01 18:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-09 18:11 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-09 18:11 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-09 18:11 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-09 18:11 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-09 18:11 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-09 18:11 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-09 18:11 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-09 18:11 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-09 18:11 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-09 18:11 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-09 18:11 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-09 18:11 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-09 18:11 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-09 18:11 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-09 18:11 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-09 14:35 - 2015-06-12 15:04 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-09 14:35 - 2015-06-09 14:35 - 00682280 _____ C:\Windows\SysWOW64\pbsvc.exe
2015-06-09 14:35 - 2015-06-09 14:35 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-09 14:35 - 2015-06-09 14:35 - 00000000 ____D C:\Users\Colin\AppData\Local\Activision
2015-06-09 11:19 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Colin\Downloads\Spec Ops. The Line_[R.G. Catalyst]
2015-06-09 11:19 - 2015-06-09 11:19 - 00022442 _____ C:\Users\Colin\Downloads\[kat.cr]spec.ops.the.line.repack.by.r.g.catalyst.naswari.zohaib.torrent
2015-06-06 23:02 - 2015-06-06 23:05 - 1029253695 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 72 [1080p].mkv
2015-06-06 15:21 - 2015-06-06 15:21 - 296320648 _____ ( ) C:\Users\Colin\AppData\Roaming\patch_witcher3_1.01-1.05_2.0.0.32.exe
2015-06-06 15:21 - 2015-06-06 15:21 - 00000006 __RSH C:\ProgramData\f502ed9c1b20c948fb71ed15d0d1b492bc90cc67
2015-06-06 15:21 - 2015-06-06 15:21 - 00000000 __SHD C:\ProgramData\538925
2015-06-06 15:21 - 2015-06-06 15:21 - 00000000 __SHD C:\ProgramData\441743
2015-06-06 15:21 - 2015-06-06 15:21 - 00000000 __SHD C:\ProgramData\216000
2015-06-06 15:21 - 2015-06-06 14:36 - 296496640 _____ (GOG.com ) C:\Windows\SysWOW64\clientsvr.exe
2015-06-06 14:33 - 2015-06-06 14:56 - 00000000 ____D C:\Users\Colin\Desktop\The Witcher 3 Wild Hunt
2015-06-06 14:32 - 2015-06-06 14:35 - 569563947 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 10 [1080p].mkv
2015-06-06 14:32 - 2015-06-06 14:33 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.Update.4.(v1.05).&.6DLC-GOG
2015-06-06 14:32 - 2015-06-06 14:32 - 00018014 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.gog.update.1.05.and.6.dlcs.torrent
2015-05-31 23:08 - 2015-05-31 23:08 - 00000000 ____D C:\Users\Colin\AppData\Local\GWX
2015-05-31 23:07 - 2015-05-31 23:07 - 00000000 ____D C:\ProgramData\ATI
2015-05-31 23:04 - 2015-05-31 23:04 - 00053564 _____ C:\Windows\SysWOW64\CCCInstall_201505312304550610.log
2015-05-31 23:04 - 2015-05-31 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-05-31 23:04 - 2015-05-31 23:04 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-05-31 22:58 - 2015-05-31 22:59 - 305009736 _____ (AMD Inc.) C:\Users\Colin\Downloads\amd-catalyst-15.5beta-64bit-win8.1-may27.exe
2015-05-31 02:28 - 2015-05-31 02:31 - 1036641095 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 71 [1080p].mkv
2015-05-31 00:51 - 2015-05-31 00:51 - 00000000 ____D C:\Users\Colin\Downloads\thomaswasalone-pc-1369347074
2015-05-31 00:50 - 2015-05-31 00:50 - 113657133 _____ C:\Users\Colin\Downloads\thomaswasalone-pc-1369347074.zip
2015-05-30 23:23 - 2015-06-06 20:57 - 00000000 ____D C:\Users\Colin\Downloads\3DMGAME-Middle.Earth.Shadow.of.Mordor.Game.of.The.Year.Edition-PROPHET
2015-05-30 23:23 - 2015-05-30 23:23 - 00279912 _____ C:\Users\Colin\Downloads\[kat.cr]middle.earth.shadow.of.mordor.game.of.the.year.edition.prophet.cpul.torrent
2015-05-29 22:42 - 2015-05-29 22:43 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.DLC.Pack-GOG
2015-05-29 22:42 - 2015-05-29 22:42 - 00032118 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.4.dlc.pack.gog.torrent
2015-05-29 15:28 - 2015-05-29 15:29 - 568788863 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 09 [1080p].mkv
2015-05-26 18:41 - 2015-05-26 18:41 - 00450744 _____ C:\Windows\system32\amdmiracast.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-05-26 18:40 - 2015-05-26 18:40 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-05-26 18:38 - 2015-05-26 18:38 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-05-26 18:35 - 2015-05-26 18:35 - 19339264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-05-26 18:32 - 2015-05-26 18:32 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2015-05-26 18:30 - 2015-05-26 18:30 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-05-26 18:26 - 2015-05-26 18:26 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-26 18:26 - 2015-05-26 18:26 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-26 18:25 - 2015-05-26 18:25 - 07915520 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhsasc64.dll
2015-05-26 18:21 - 2015-05-26 18:21 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-05-26 18:21 - 2015-05-26 18:21 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-05-26 18:20 - 2015-05-26 18:20 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-05-26 18:15 - 2015-05-26 18:15 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-05-26 18:12 - 2015-05-26 18:12 - 00641088 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-05-26 18:12 - 2015-05-26 18:12 - 00641088 _____ C:\Windows\system32\atiapfxx.blb
2015-05-26 18:12 - 2015-05-26 18:12 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-05-26 18:12 - 2015-05-26 18:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-05-26 18:09 - 2015-05-26 18:09 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-05-26 18:09 - 2015-05-26 18:09 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-05-26 18:08 - 2015-05-26 18:08 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-05-26 18:07 - 2015-05-26 18:07 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-05-26 18:07 - 2015-05-26 18:07 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-05-26 18:07 - 2015-05-26 18:07 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-05-26 18:07 - 2015-05-26 18:07 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-05-26 18:03 - 2015-05-26 18:03 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-05-26 18:03 - 2015-05-26 18:03 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-05-25 15:28 - 2015-05-25 15:29 - 287296528 _____ ( ) C:\Users\Colin\Downloads\patch_witcher3_1.04_2.0.0.30.exe
2015-05-25 15:28 - 2015-05-25 15:28 - 00011677 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.update.3.v1.04.gog.torrent
2015-05-22 19:33 - 2015-06-08 22:03 - 00000000 ____D C:\Users\Colin\Documents\The Witcher 3
2015-05-22 13:39 - 2015-05-22 13:50 - 569468823 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 08 [1080p].mkv
2015-05-21 13:24 - 2015-05-21 13:25 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.v1.01.Update-GOG
2015-05-21 13:24 - 2015-05-21 13:24 - 00025210 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.v1.02.update.gog.torrent
2015-05-21 13:21 - 2015-05-21 13:21 - 00001975 _____ C:\Users\Public\Desktop\The Witcher® 3 - Wild Hunt.lnk
2015-05-21 13:21 - 2015-05-21 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-05-21 13:02 - 2015-05-21 13:02 - 00022560 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.v1.03.update.gog.torrent
2015-05-21 13:02 - 2015-05-21 13:02 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.v1.03.Update-GOG
2015-05-21 12:59 - 2015-05-21 13:00 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.DLC [GOG]
2015-05-21 12:59 - 2015-05-21 12:59 - 00029561 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.dlc.gog.torrent
2015-05-21 12:54 - 2015-06-13 01:58 - 00000000 ____D C:\GOG Games
2015-05-21 07:11 - 2015-05-21 07:14 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt-GOG Preload v2
2015-05-21 07:10 - 2015-05-21 07:10 - 00900272 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.gog.com.preload.torrent
2015-05-20 13:53 - 2015-05-20 13:53 - 01713824 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Colin\Downloads\GPU-Z.0.8.2.exe
2015-05-19 15:43 - 2015-05-19 15:44 - 00000000 ____D C:\Users\Colin\Documents\Witcher 2
2015-05-18 22:27 - 2015-05-18 22:27 - 36664464 _____ (NVIDIA Corporation) C:\Users\Colin\Downloads\GeForce_Experience_v2.4.3.22.exe
2015-05-18 19:16 - 2015-05-18 19:16 - 00111722 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.steam.preload.edition.ali213.cpul.torrent
2015-05-18 18:47 - 2015-05-18 18:47 - 04767824 _____ (ffdshow ) C:\Users\Colin\Downloads\ffdshow_rev4531_20140628.exe
2015-05-18 18:34 - 2015-05-18 18:34 - 00777280 _____ C:\Users\Colin\Downloads\xy-VSFilter_3.0.0.306_x86.zip
2015-05-18 18:34 - 2015-05-18 18:34 - 00671652 _____ C:\Users\Colin\Downloads\XySubFilter_3.1.0.705_x86_BETA2.zip
2015-05-18 18:34 - 2015-05-18 18:34 - 00000000 ____D C:\Users\Colin\Downloads\xy-VSFilter_3.0.0.306_x86
2015-05-18 18:34 - 2015-05-18 18:34 - 00000000 ____D C:\Users\Colin\Downloads\XySubFilter_3.1.0.705_x86_BETA2
2015-05-18 18:22 - 2015-06-13 01:24 - 00007680 _____ C:\Users\Colin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-18 18:18 - 2015-05-18 18:18 - 00000000 ____D C:\Users\Colin\AppData\Roaming\MPC-HC
2015-05-18 18:16 - 2015-05-18 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-05-18 18:16 - 2015-05-18 18:50 - 00000000 ____D C:\Program Files (x86)\ffdshow
2015-05-18 18:16 - 2015-05-18 18:16 - 00000998 _____ C:\Users\Public\Desktop\Configure ReClock.lnk
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SVP 3.1
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReClock
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\Program Files (x86)\ReClock
2015-05-18 18:16 - 2014-02-09 20:36 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-05-18 18:15 - 2015-05-18 18:17 - 00000000 ____D C:\ProgramData\SVP 3.1
2015-05-18 18:15 - 2015-05-18 18:16 - 00000000 ____D C:\Program Files (x86)\SVP
2015-05-18 18:13 - 2015-05-18 18:13 - 01159056 _____ C:\Users\Colin\Downloads\SetupReClock1885.exe
2015-05-18 17:55 - 2015-05-18 18:16 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2015-05-18 17:50 - 2015-05-18 17:50 - 00000000 ____D C:\Users\Colin\Desktop\MPC-HC
2015-05-18 02:28 - 2015-05-18 02:28 - 00005281 _____ C:\Users\Colin\Downloads\replay_1827807026.bat
2015-05-17 19:43 - 2015-05-17 19:43 - 34398836 _____ (SmoothVideo Project ) C:\Users\Colin\Downloads\SVP_3.1.6.exe
2015-05-17 11:09 - 2015-05-17 11:09 - 00000000 ____D C:\Users\Colin\AppData\Roaming\ういんどみる
2015-05-17 11:09 - 2015-05-17 11:09 - 00000000 ____D C:\ProgramData\フロントウイング
2015-05-16 16:49 - 2015-05-16 16:59 - 1024406021 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 69 [1080p].mkv
2015-05-16 11:54 - 2015-05-16 12:14 - 1468095472 _____ C:\Users\Colin\Downloads\redkit_77_96addacf.zip
2015-05-16 00:49 - 2015-05-16 00:49 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-05-16 00:49 - 2015-05-16 00:49 - 00000000 ____D C:\Python27
2015-05-16 00:49 - 2015-05-16 00:49 - 00000000 ____D C:\ProgramData\Damned
2015-05-15 18:29 - 2015-05-15 18:31 - 569118186 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 07 [1080p].mkv
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-14 11:28 - 2014-12-26 10:38 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-14 11:25 - 2013-08-22 10:46 - 00071221 _____ C:\Windows\setupact.log
2015-06-14 11:08 - 2015-01-25 19:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 11:06 - 2014-12-26 07:51 - 01132957 _____ C:\Windows\WindowsUpdate.log
2015-06-14 11:01 - 2014-12-26 09:46 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 11:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-14 04:16 - 2014-12-26 07:59 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4107431069-931421496-4038032020-1001
2015-06-14 03:40 - 2014-12-26 10:32 - 00000000 ____D C:\Users\Colin\AppData\Roaming\TS3Client
2015-06-14 03:35 - 2015-04-27 16:17 - 00000000 ____D C:\Users\Colin\Desktop\foobar
2015-06-14 03:14 - 2015-01-10 00:20 - 00000000 ____D C:\Users\Colin\Desktop\warcraft
2015-06-14 02:45 - 2014-12-26 09:54 - 00006464 _____ C:\Windows\SysWOW64\Gms.log
2015-06-14 02:44 - 2014-12-26 09:46 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 02:44 - 2014-12-26 07:54 - 00000000 ____D C:\Users\Colin\OneDrive
2015-06-14 02:43 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 02:43 - 2013-08-22 10:44 - 00337776 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 02:42 - 2014-12-26 08:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-14 02:42 - 2014-09-24 03:03 - 00025188 _____ C:\Windows\PFRO.log
2015-06-14 02:42 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\System
2015-06-14 02:41 - 2014-12-26 10:06 - 00000000 ____D C:\ProgramData\APN
2015-06-14 02:33 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-14 02:00 - 2015-02-08 16:50 - 00000000 ____D C:\Wooxy
2015-06-14 01:59 - 2015-01-13 22:47 - 00000000 ____D C:\Users\Colin\Documents\PCSX2
2015-06-14 01:57 - 2015-04-28 22:12 - 00000000 ____D C:\R.G. Catalyst
2015-06-14 01:01 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-13 23:23 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-13 23:22 - 2015-04-15 00:41 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-13 23:22 - 2014-09-24 05:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-13 23:22 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-13 23:21 - 2014-12-26 08:29 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 23:18 - 2014-12-26 08:29 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-12 15:04 - 2015-02-05 23:25 - 00000000 ____D C:\Users\Colin\AppData\Local\PunkBuster
2015-06-11 20:07 - 2015-04-14 23:47 - 00000080 _____ C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-11 20:07 - 2015-04-14 23:46 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-11 20:07 - 2015-04-14 23:46 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-11 16:19 - 2014-12-26 10:43 - 00000000 ____D C:\Users\Colin\AppData\Local\Battle.net
2015-06-11 14:31 - 2014-12-27 03:03 - 00000000 ____D C:\Users\Colin\Documents\My Games
2015-06-10 16:09 - 2014-12-26 10:43 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-10 00:41 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-09 20:03 - 2014-12-26 09:46 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 14:35 - 2014-12-27 02:58 - 00242528 _____ C:\Windows\DirectX.log
2015-06-09 13:08 - 2015-01-25 19:35 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-03 12:18 - 2014-09-24 05:55 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 12:18 - 2014-09-24 05:55 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 23:05 - 2014-12-26 07:53 - 00000000 ____D C:\Users\Colin
2015-05-31 23:04 - 2014-12-26 08:04 - 00000000 ____D C:\ProgramData\AMD
2015-05-31 23:01 - 2014-12-26 08:03 - 00000000 ____D C:\Program Files\AMD
2015-05-31 22:59 - 2014-12-26 08:02 - 00000000 ____D C:\AMD
2015-05-26 18:41 - 2014-11-20 22:44 - 01359752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 11089120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 09411256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 01136736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-05-26 18:40 - 2014-11-20 22:43 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-05-26 18:40 - 2014-11-20 22:43 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-05-26 18:40 - 2014-11-20 22:43 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-05-26 18:27 - 2015-03-31 16:32 - 40989696 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-05-26 18:25 - 2015-03-31 16:30 - 06375936 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdhsasc.dll
2015-05-26 18:07 - 2014-11-20 22:12 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-05-26 18:05 - 2014-11-20 22:10 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-05-26 18:04 - 2015-03-31 16:09 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-05-26 18:04 - 2014-11-20 22:09 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-05-26 18:03 - 2015-03-31 16:09 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-05-20 05:12 - 2015-04-04 14:08 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 05:12 - 2015-04-04 14:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-17 17:40 - 2014-12-26 10:44 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-05-17 11:08 - 2015-01-01 15:10 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Frontwing
2015-05-17 11:07 - 2015-01-31 03:22 - 00000000 ____D C:\Games
2015-05-16 03:47 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-05-15 11:56 - 2014-12-26 09:46 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 11:56 - 2014-12-26 09:46 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== Files in the root of some directories =======
 
2015-06-06 15:21 - 2015-06-06 15:21 - 296320648 _____ (                                                            ) C:\Users\Colin\AppData\Roaming\patch_witcher3_1.01-1.05_2.0.0.32.exe
2015-05-18 18:22 - 2015-06-13 01:24 - 0007680 _____ () C:\Users\Colin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 15:54 - 2015-01-06 15:54 - 0000000 ___SH () C:\Users\Colin\AppData\Local\LumaEmu
2015-03-22 12:36 - 2015-03-22 12:36 - 0001239 _____ () C:\Users\Colin\AppData\Local\recently-used.xbel
2014-12-26 09:47 - 2014-12-26 09:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-06 15:21 - 2015-06-06 15:21 - 0000006 __RSH () C:\ProgramData\f502ed9c1b20c948fb71ed15d0d1b492bc90cc67
 
Files to move or delete:
====================
C:\Users\Colin\AppData\Roaming\Origin\update.vbe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-07 04:22
 
==================== End of log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:03 PM

Posted 15 June 2015 - 01:16 PM

:welcome:
 
First, please remove Spybot Search and Destroy. It will have a conflict with our tools, and in addition, this program wont protect your computer.
 
Download the attached file and save it in the same directory FRST64 is saved.
  • Start FRST64 with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 MersennePrime

MersennePrime
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 15 June 2015 - 02:25 PM

Hi JSntgRvr,

 

I uninstalled Spybot Search and Destroy and put the fixlist.txt in the same folder as FRST64 and did what you said. Here are the results:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Colin at 2015-06-15 15:23:30 Run:1
Running from C:\Users\Colin\Desktop\New folder
Loaded Profiles: Colin (Available Profiles: Colin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,"C:\Windows\system32\userinit.exe", [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2015-01-27] (Microsoft Corporation) <==== ATTENTION 
BootExecute: autocheck autochk * sdnclean64.exe
 
 
 
 
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found. 
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
 
==== End of Fixlog 15:23:30 ====


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:03 PM

Posted 15 June 2015 - 06:13 PM

Please re-scan with FRST64. Post both, the FRST.txt and the Addition.txt logs. Let me know if there has been any improvement after the above fix.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 MersennePrime

MersennePrime
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 15 June 2015 - 06:57 PM

I have posted the results of the scan below as well as attached the Addition.txt log. The problems still persists. I restarted my computer and within minutes, I saw through my task manager that all of my CPU was being used up until I ran Rkill and it temporarily disabled the programs "lsass.exe" and "svchost.exe" in the Temp folder.

Attached File  Addition.txt   54.65KB   3 downloads

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Colin (administrator) on COLIN2-PC on 15-06-2015 19:45:18
Running from C:\Users\Colin\Desktop\New folder
Loaded Profiles: Colin (Available Profiles: Colin)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.247\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.148\deploy\LolClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-01-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-06-09]
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
HKU\S-1-5-21-4107431069-931421496-4038032020-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A204CECF-05BD-47FE-8874-8CA5429D41AE}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\1p8v7xvo.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4107431069-931421496-4038032020-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Colin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Extension: Reddit Enhancement Suite - C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\1p8v7xvo.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-01-26]
FF Extension: Adblock Plus - C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\1p8v7xvo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF HKU\S-1-5-21-4107431069-931421496-4038032020-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2015-06-13]
CHR Extension: (Google Slides) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (BetterTTV) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-12-26]
CHR Extension: (Google Docs) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Sad Panda) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-12-26]
CHR Extension: (uBlock Origin) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-03-18]
CHR Extension: (Google Search) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (Pandora Listener) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\danjmbbdjabpapehlajpomcignjnoidp [2014-12-29]
CHR Extension: (Tampermonkey) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-25]
CHR Extension: (TastyPlug) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\faccgibalfdoihmenknhpfhldkmgaang [2015-03-18]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-27]
CHR Extension: (Google Sheets) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (ReChat for Twitch™) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2014-12-26]
CHR Extension: (Kappa Everywhere - Global Twitch Emotes) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafkphjeboadjffjfcigcdfdilpcacod [2015-04-08]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-09]
CHR Extension: (Grooveshark Enhancement Suite) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbglmejghppifhhbdhbaijiagbaedeec [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
CHR Extension: (Gmail) - C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-05] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-06-09] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2015-05-26] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-20] (Advanced Micro Devices)
R3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
S3 CorsairCAHS1; C:\Windows\system32\drivers\CAHS164.sys [1308160 2011-06-17] (C-Media Electronics Inc)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-26] (Disc Soft Ltd)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-31] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 15:21 - 2015-06-15 19:45 - 00000000 ____D C:\Users\Colin\Desktop\New folder
2015-06-15 15:21 - 2015-06-15 15:21 - 00000356 _____ C:\Users\Colin\Downloads\fixlist (1).txt
2015-06-15 15:20 - 2015-06-15 15:20 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Colin\Downloads\rkill64.exe
2015-06-15 15:17 - 2015-06-15 15:17 - 00000085 _____ C:\Windows\wininit.ini
2015-06-14 22:03 - 2015-06-14 23:10 - 00000000 __RHD C:\ESD
2015-06-14 22:02 - 2015-06-14 22:02 - 01483336 _____ (Microsoft Corporation) C:\Users\Colin\Downloads\mediacreationtool (1).exe
2015-06-14 21:39 - 2015-06-14 21:39 - 00000000 ____D C:\Users\Colin\AppData\Local\SKIDROW
2015-06-14 21:38 - 2015-06-14 21:38 - 00001334 _____ C:\Users\Colin\Desktop\Transistor x64.lnk
2015-06-14 21:38 - 2015-06-14 21:38 - 00001334 _____ C:\Users\Colin\Desktop\Transistor x32.lnk
2015-06-14 21:38 - 2015-06-14 21:38 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Transistor
2015-06-14 19:41 - 2015-06-14 19:44 - 00000000 ____D C:\Users\Colin\Downloads\[R.G. Mechanics] Transistor
2015-06-14 19:41 - 2015-06-14 19:41 - 00021262 _____ C:\Users\Colin\Downloads\[kat.cr]transistor.update.4.2014.pc.repack.by.r.g.Меchanics.torrent
2015-06-14 19:03 - 2015-06-14 19:03 - 00004390 _____ C:\Users\Colin\Downloads\fixlist.txt
2015-06-14 13:37 - 2015-06-14 13:41 - 1037096979 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 73 [1080p].mkv
2015-06-14 13:37 - 2015-06-14 13:38 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.8.DLC-GOG
2015-06-14 11:39 - 2015-06-14 11:40 - 00056302 _____ C:\Users\Colin\Downloads\Addition.txt
2015-06-14 11:38 - 2015-06-15 19:45 - 00000000 ____D C:\FRST
2015-06-14 11:38 - 2015-06-14 11:40 - 00055649 _____ C:\Users\Colin\Downloads\FRST.txt
2015-06-14 04:03 - 2015-06-14 04:03 - 01483336 _____ (Microsoft Corporation) C:\Users\Colin\Downloads\mediacreationtool.exe
2015-06-14 03:15 - 2015-06-15 15:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-14 03:15 - 2015-06-15 15:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-14 03:15 - 2015-06-14 03:15 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-14 03:14 - 2015-06-14 03:15 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Colin\Downloads\spybot-2.4.exe
2015-06-14 03:09 - 2015-06-14 03:09 - 02073320 _____ C:\Users\Colin\Downloads\TempFileCleaner_4.4.0_Setup.exe
2015-06-14 02:47 - 2015-06-15 15:20 - 00001438 _____ C:\Users\Colin\Desktop\Rkill.txt
2015-06-14 01:51 - 2015-06-14 02:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 01:51 - 2015-06-14 01:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Colin\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-14 01:51 - 2015-06-14 01:51 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-14 01:51 - 2015-06-14 01:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-14 01:51 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-14 01:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-14 01:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-14 00:59 - 2015-06-14 00:59 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Colin\Downloads\tdsskiller.exe
2015-06-14 00:54 - 2015-06-14 00:54 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Colin\Downloads\rkill.exe
2015-06-13 01:58 - 2015-06-13 01:58 - 00000000 ____D C:\Users\Colin\AppData\Roaming\RenPy
2015-06-13 01:56 - 2015-06-13 01:57 - 70835336 _____ (GOG.com ) C:\Users\Colin\Downloads\setup_long_live_the_queen_2.2.0.6.exe
2015-06-13 01:56 - 2015-06-13 01:56 - 00011317 _____ C:\Users\Colin\Downloads\[kat.cr]long.live.the.queen.1.3.gog.torrent
2015-06-12 18:54 - 2015-06-12 18:56 - 568786998 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 11 [1080p].mkv
2015-06-12 16:42 - 2015-06-12 16:42 - 00000000 ____D C:\Users\Colin\Downloads\steamSummerMinigame-master
2015-06-12 16:41 - 2015-06-12 16:41 - 00005312 _____ C:\Users\Colin\Downloads\steamSummerMinigame-master.zip
2015-06-10 18:24 - 2015-06-10 18:24 - 00019535 _____ C:\Users\Colin\Downloads\[kat.cr]titan.souls.digital.special.edition.gog.torrent
2015-06-10 18:24 - 2015-06-10 18:24 - 00000000 ____D C:\Users\Colin\Downloads\Titan Souls
2015-06-09 23:56 - 2015-06-10 00:03 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Curse Client
2015-06-09 23:56 - 2015-06-09 23:56 - 42473080 _____ (Curse) C:\Users\Colin\Downloads\CurseClientSetup.exe
2015-06-09 23:56 - 2015-06-09 23:56 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Curse
2015-06-09 20:46 - 2015-06-09 20:46 - 00000000 ____D C:\Users\Colin\AppData\Local\Corsair
2015-06-09 18:12 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-09 18:12 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-09 18:12 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-09 18:12 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-09 18:11 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 18:11 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 18:11 - 2015-05-25 09:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 18:11 - 2015-05-25 09:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 18:11 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 18:11 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 18:11 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 18:11 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 18:11 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 18:11 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 18:11 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 18:11 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 18:11 - 2015-05-22 22:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 18:11 - 2015-05-22 22:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 18:11 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 18:11 - 2015-05-22 22:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 18:11 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 18:11 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 18:11 - 2015-05-22 22:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 18:11 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 18:11 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 18:11 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 18:11 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 18:11 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 18:11 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 18:11 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 18:11 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 18:11 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 18:11 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 18:11 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 18:11 - 2015-05-22 14:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 18:11 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 18:11 - 2015-05-22 14:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 18:11 - 2015-05-22 14:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 18:11 - 2015-05-22 14:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 18:11 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 18:11 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 18:11 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 18:11 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 18:11 - 2015-05-22 13:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 18:11 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 18:11 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 18:11 - 2015-05-22 09:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 18:11 - 2015-05-21 12:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 18:11 - 2015-05-21 09:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 18:11 - 2015-05-21 09:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 18:11 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 18:11 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 18:11 - 2015-04-16 18:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 18:11 - 2015-04-16 02:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-09 18:11 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-09 18:11 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-09 18:11 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-09 18:11 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-09 18:11 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-09 18:11 - 2015-04-08 18:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-09 18:11 - 2015-04-01 18:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-09 18:11 - 2015-04-01 18:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-09 18:11 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-09 18:11 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-09 18:11 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-09 18:11 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-09 18:11 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-09 18:11 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-09 18:11 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-09 18:11 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-09 18:11 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-09 18:11 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-09 18:11 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-09 18:11 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-09 18:11 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-09 18:11 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-09 18:11 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-09 14:35 - 2015-06-12 15:04 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-09 14:35 - 2015-06-09 14:35 - 00682280 _____ C:\Windows\SysWOW64\pbsvc.exe
2015-06-09 14:35 - 2015-06-09 14:35 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-09 14:35 - 2015-06-09 14:35 - 00000000 ____D C:\Users\Colin\AppData\Local\Activision
2015-06-09 11:19 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Colin\Downloads\Spec Ops. The Line_[R.G. Catalyst]
2015-06-09 11:19 - 2015-06-09 11:19 - 00022442 _____ C:\Users\Colin\Downloads\[kat.cr]spec.ops.the.line.repack.by.r.g.catalyst.naswari.zohaib.torrent
2015-06-06 23:02 - 2015-06-06 23:05 - 1029253695 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 72 [1080p].mkv
2015-06-06 15:21 - 2015-06-06 15:21 - 296320648 _____ ( ) C:\Users\Colin\AppData\Roaming\patch_witcher3_1.01-1.05_2.0.0.32.exe
2015-06-06 15:21 - 2015-06-06 15:21 - 00000006 __RSH C:\ProgramData\f502ed9c1b20c948fb71ed15d0d1b492bc90cc67
2015-06-06 15:21 - 2015-06-06 15:21 - 00000000 __SHD C:\ProgramData\538925
2015-06-06 15:21 - 2015-06-06 15:21 - 00000000 __SHD C:\ProgramData\441743
2015-06-06 15:21 - 2015-06-06 15:21 - 00000000 __SHD C:\ProgramData\216000
2015-06-06 15:21 - 2015-06-06 14:36 - 296496640 _____ (GOG.com ) C:\Windows\SysWOW64\clientsvr.exe
2015-06-06 14:33 - 2015-06-06 14:56 - 00000000 ____D C:\Users\Colin\Desktop\The Witcher 3 Wild Hunt
2015-06-06 14:32 - 2015-06-06 14:35 - 569563947 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 10 [1080p].mkv
2015-06-06 14:32 - 2015-06-06 14:33 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.Update.4.(v1.05).&.6DLC-GOG
2015-06-06 14:32 - 2015-06-06 14:32 - 00018014 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.gog.update.1.05.and.6.dlcs.torrent
2015-05-31 23:08 - 2015-05-31 23:08 - 00000000 ____D C:\Users\Colin\AppData\Local\GWX
2015-05-31 23:07 - 2015-05-31 23:07 - 00000000 ____D C:\ProgramData\ATI
2015-05-31 23:04 - 2015-05-31 23:04 - 00053564 _____ C:\Windows\SysWOW64\CCCInstall_201505312304550610.log
2015-05-31 23:04 - 2015-05-31 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-05-31 23:04 - 2015-05-31 23:04 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-05-31 22:58 - 2015-05-31 22:59 - 305009736 _____ (AMD Inc.) C:\Users\Colin\Downloads\amd-catalyst-15.5beta-64bit-win8.1-may27.exe
2015-05-31 02:28 - 2015-05-31 02:31 - 1036641095 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 71 [1080p].mkv
2015-05-31 00:51 - 2015-05-31 00:51 - 00000000 ____D C:\Users\Colin\Downloads\thomaswasalone-pc-1369347074
2015-05-31 00:50 - 2015-05-31 00:50 - 113657133 _____ C:\Users\Colin\Downloads\thomaswasalone-pc-1369347074.zip
2015-05-30 23:23 - 2015-06-06 20:57 - 00000000 ____D C:\Users\Colin\Downloads\3DMGAME-Middle.Earth.Shadow.of.Mordor.Game.of.The.Year.Edition-PROPHET
2015-05-30 23:23 - 2015-05-30 23:23 - 00279912 _____ C:\Users\Colin\Downloads\[kat.cr]middle.earth.shadow.of.mordor.game.of.the.year.edition.prophet.cpul.torrent
2015-05-29 22:42 - 2015-05-29 22:43 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.DLC.Pack-GOG
2015-05-29 22:42 - 2015-05-29 22:42 - 00032118 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.4.dlc.pack.gog.torrent
2015-05-29 15:28 - 2015-05-29 15:29 - 568788863 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 09 [1080p].mkv
2015-05-26 18:41 - 2015-05-26 18:41 - 00450744 _____ C:\Windows\system32\amdmiracast.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-05-26 18:41 - 2015-05-26 18:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-05-26 18:40 - 2015-05-26 18:40 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-05-26 18:38 - 2015-05-26 18:38 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-05-26 18:35 - 2015-05-26 18:35 - 19339264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-05-26 18:32 - 2015-05-26 18:32 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2015-05-26 18:30 - 2015-05-26 18:30 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-05-26 18:28 - 2015-05-26 18:28 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-05-26 18:28 - 2015-05-26 18:28 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-05-26 18:26 - 2015-05-26 18:26 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-26 18:26 - 2015-05-26 18:26 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-26 18:25 - 2015-05-26 18:25 - 07915520 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhsasc64.dll
2015-05-26 18:21 - 2015-05-26 18:21 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-05-26 18:21 - 2015-05-26 18:21 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-05-26 18:20 - 2015-05-26 18:20 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-05-26 18:15 - 2015-05-26 18:15 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-05-26 18:14 - 2015-05-26 18:14 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-05-26 18:12 - 2015-05-26 18:12 - 00641088 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-05-26 18:12 - 2015-05-26 18:12 - 00641088 _____ C:\Windows\system32\atiapfxx.blb
2015-05-26 18:12 - 2015-05-26 18:12 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-05-26 18:12 - 2015-05-26 18:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-05-26 18:12 - 2015-05-26 18:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-05-26 18:11 - 2015-05-26 18:11 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-05-26 18:09 - 2015-05-26 18:09 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-05-26 18:09 - 2015-05-26 18:09 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-05-26 18:08 - 2015-05-26 18:08 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-05-26 18:07 - 2015-05-26 18:07 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-05-26 18:07 - 2015-05-26 18:07 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-05-26 18:07 - 2015-05-26 18:07 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-05-26 18:07 - 2015-05-26 18:07 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-05-26 18:04 - 2015-05-26 18:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-05-26 18:03 - 2015-05-26 18:03 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-05-26 18:03 - 2015-05-26 18:03 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-05-25 15:28 - 2015-05-25 15:29 - 287296528 _____ ( ) C:\Users\Colin\Downloads\patch_witcher3_1.04_2.0.0.30.exe
2015-05-25 15:28 - 2015-05-25 15:28 - 00011677 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.update.3.v1.04.gog.torrent
2015-05-22 19:33 - 2015-06-08 22:03 - 00000000 ____D C:\Users\Colin\Documents\The Witcher 3
2015-05-22 13:39 - 2015-05-22 13:50 - 569468823 _____ C:\Users\Colin\Downloads\[HorribleSubs] DanMachi - 08 [1080p].mkv
2015-05-21 13:24 - 2015-05-21 13:25 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.v1.01.Update-GOG
2015-05-21 13:24 - 2015-05-21 13:24 - 00025210 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.v1.02.update.gog.torrent
2015-05-21 13:21 - 2015-05-21 13:21 - 00001975 _____ C:\Users\Public\Desktop\The Witcher® 3 - Wild Hunt.lnk
2015-05-21 13:21 - 2015-05-21 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-05-21 13:02 - 2015-05-21 13:02 - 00022560 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.v1.03.update.gog.torrent
2015-05-21 13:02 - 2015-05-21 13:02 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.v1.03.Update-GOG
2015-05-21 12:59 - 2015-06-14 21:34 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt.DLC [GOG]
2015-05-21 12:59 - 2015-05-21 12:59 - 00029561 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.dlc.gog.torrent
2015-05-21 12:54 - 2015-06-13 01:58 - 00000000 ____D C:\GOG Games
2015-05-21 07:11 - 2015-05-21 07:14 - 00000000 ____D C:\Users\Colin\Downloads\The.Witcher.3.Wild.Hunt-GOG Preload v2
2015-05-21 07:10 - 2015-05-21 07:10 - 00900272 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.gog.com.preload.torrent
2015-05-20 13:53 - 2015-05-20 13:53 - 01713824 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Colin\Downloads\GPU-Z.0.8.2.exe
2015-05-19 15:43 - 2015-05-19 15:44 - 00000000 ____D C:\Users\Colin\Documents\Witcher 2
2015-05-18 22:27 - 2015-05-18 22:27 - 36664464 _____ (NVIDIA Corporation) C:\Users\Colin\Downloads\GeForce_Experience_v2.4.3.22.exe
2015-05-18 19:16 - 2015-05-18 19:16 - 00111722 _____ C:\Users\Colin\Downloads\[kat.cr]the.witcher.3.wild.hunt.steam.preload.edition.ali213.cpul.torrent
2015-05-18 18:47 - 2015-05-18 18:47 - 04767824 _____ (ffdshow ) C:\Users\Colin\Downloads\ffdshow_rev4531_20140628.exe
2015-05-18 18:34 - 2015-05-18 18:34 - 00777280 _____ C:\Users\Colin\Downloads\xy-VSFilter_3.0.0.306_x86.zip
2015-05-18 18:34 - 2015-05-18 18:34 - 00671652 _____ C:\Users\Colin\Downloads\XySubFilter_3.1.0.705_x86_BETA2.zip
2015-05-18 18:34 - 2015-05-18 18:34 - 00000000 ____D C:\Users\Colin\Downloads\xy-VSFilter_3.0.0.306_x86
2015-05-18 18:34 - 2015-05-18 18:34 - 00000000 ____D C:\Users\Colin\Downloads\XySubFilter_3.1.0.705_x86_BETA2
2015-05-18 18:22 - 2015-06-13 01:24 - 00007680 _____ C:\Users\Colin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-18 18:18 - 2015-05-18 18:18 - 00000000 ____D C:\Users\Colin\AppData\Roaming\MPC-HC
2015-05-18 18:16 - 2015-05-18 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-05-18 18:16 - 2015-05-18 18:50 - 00000000 ____D C:\Program Files (x86)\ffdshow
2015-05-18 18:16 - 2015-05-18 18:16 - 00000998 _____ C:\Users\Public\Desktop\Configure ReClock.lnk
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SVP 3.1
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReClock
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-05-18 18:16 - 2015-05-18 18:16 - 00000000 ____D C:\Program Files (x86)\ReClock
2015-05-18 18:16 - 2014-02-09 20:36 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-05-18 18:15 - 2015-05-18 18:17 - 00000000 ____D C:\ProgramData\SVP 3.1
2015-05-18 18:15 - 2015-05-18 18:16 - 00000000 ____D C:\Program Files (x86)\SVP
2015-05-18 18:13 - 2015-05-18 18:13 - 01159056 _____ C:\Users\Colin\Downloads\SetupReClock1885.exe
2015-05-18 17:55 - 2015-05-18 18:16 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2015-05-18 17:50 - 2015-05-18 17:50 - 00000000 ____D C:\Users\Colin\Desktop\MPC-HC
2015-05-18 02:28 - 2015-05-18 02:28 - 00005281 _____ C:\Users\Colin\Downloads\replay_1827807026.bat
2015-05-17 19:43 - 2015-05-17 19:43 - 34398836 _____ (SmoothVideo Project ) C:\Users\Colin\Downloads\SVP_3.1.6.exe
2015-05-17 11:09 - 2015-05-17 11:09 - 00000000 ____D C:\Users\Colin\AppData\Roaming\ういんどみる
2015-05-17 11:09 - 2015-05-17 11:09 - 00000000 ____D C:\ProgramData\フロントウイング
2015-05-16 16:49 - 2015-05-16 16:59 - 1024406021 _____ C:\Users\Colin\Downloads\[HorribleSubs] Kuroko's Basketball 3 - 69 [1080p].mkv
2015-05-16 11:54 - 2015-05-16 12:14 - 1468095472 _____ C:\Users\Colin\Downloads\redkit_77_96addacf.zip
2015-05-16 00:49 - 2015-05-16 00:49 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-05-16 00:49 - 2015-05-16 00:49 - 00000000 ____D C:\Python27
2015-05-16 00:49 - 2015-05-16 00:49 - 00000000 ____D C:\ProgramData\Damned
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 19:28 - 2014-12-26 07:51 - 02070580 _____ C:\Windows\WindowsUpdate.log
2015-06-15 19:08 - 2015-01-25 19:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 19:02 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-15 19:01 - 2014-12-26 09:46 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 17:25 - 2014-12-26 07:59 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4107431069-931421496-4038032020-1001
2015-06-15 15:34 - 2014-12-26 10:38 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-15 15:21 - 2014-12-26 09:54 - 00006464 _____ C:\Windows\SysWOW64\Gms.log
2015-06-15 15:19 - 2014-12-26 09:46 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 15:19 - 2014-12-26 07:54 - 00000000 ____D C:\Users\Colin\OneDrive
2015-06-15 15:18 - 2014-12-26 08:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-15 15:18 - 2014-09-24 03:03 - 00028990 _____ C:\Windows\PFRO.log
2015-06-15 15:18 - 2013-08-22 10:46 - 00072247 _____ C:\Windows\setupact.log
2015-06-15 15:18 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-15 15:18 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-15 03:32 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-06-15 02:23 - 2014-12-26 10:32 - 00000000 ____D C:\Users\Colin\AppData\Roaming\TS3Client
2015-06-15 00:03 - 2014-09-24 03:15 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 21:35 - 2014-12-29 15:02 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-14 03:35 - 2015-04-27 16:17 - 00000000 ____D C:\Users\Colin\Desktop\foobar
2015-06-14 03:14 - 2015-01-10 00:20 - 00000000 ____D C:\Users\Colin\Desktop\warcraft
2015-06-14 02:43 - 2013-08-22 10:44 - 00337776 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 02:42 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\System
2015-06-14 02:41 - 2014-12-26 10:06 - 00000000 ____D C:\ProgramData\APN
2015-06-14 02:33 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-14 02:00 - 2015-02-08 16:50 - 00000000 ____D C:\Wooxy
2015-06-14 01:59 - 2015-01-13 22:47 - 00000000 ____D C:\Users\Colin\Documents\PCSX2
2015-06-14 01:57 - 2015-04-28 22:12 - 00000000 ____D C:\R.G. Catalyst
2015-06-13 23:23 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-13 23:22 - 2015-04-15 00:41 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-13 23:22 - 2014-09-24 05:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-13 23:22 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-13 23:21 - 2014-12-26 08:29 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 23:18 - 2014-12-26 08:29 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-12 15:04 - 2015-02-05 23:25 - 00000000 ____D C:\Users\Colin\AppData\Local\PunkBuster
2015-06-11 20:07 - 2015-04-14 23:47 - 00000080 _____ C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-11 20:07 - 2015-04-14 23:46 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-11 20:07 - 2015-04-14 23:46 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-11 16:19 - 2014-12-26 10:43 - 00000000 ____D C:\Users\Colin\AppData\Local\Battle.net
2015-06-11 14:31 - 2014-12-27 03:03 - 00000000 ____D C:\Users\Colin\Documents\My Games
2015-06-10 16:09 - 2014-12-26 10:43 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-10 00:41 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-09 20:03 - 2014-12-26 09:46 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 14:35 - 2014-12-27 02:58 - 00242528 _____ C:\Windows\DirectX.log
2015-06-09 13:08 - 2015-01-25 19:35 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-03 12:18 - 2014-09-24 05:55 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 12:18 - 2014-09-24 05:55 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 23:05 - 2014-12-26 07:53 - 00000000 ____D C:\Users\Colin
2015-05-31 23:04 - 2014-12-26 08:04 - 00000000 ____D C:\ProgramData\AMD
2015-05-31 23:01 - 2014-12-26 08:03 - 00000000 ____D C:\Program Files\AMD
2015-05-31 22:59 - 2014-12-26 08:02 - 00000000 ____D C:\AMD
2015-05-26 18:41 - 2014-11-20 22:44 - 01359752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-05-26 18:41 - 2014-11-20 22:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 11089120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 09411256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-05-26 18:40 - 2014-11-20 22:44 - 01136736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-05-26 18:40 - 2014-11-20 22:43 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-05-26 18:40 - 2014-11-20 22:43 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-05-26 18:40 - 2014-11-20 22:43 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-05-26 18:27 - 2015-03-31 16:32 - 40989696 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-05-26 18:25 - 2015-03-31 16:30 - 06375936 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdhsasc.dll
2015-05-26 18:07 - 2014-11-20 22:12 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-05-26 18:05 - 2014-11-20 22:10 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-05-26 18:04 - 2015-03-31 16:09 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-05-26 18:04 - 2014-11-20 22:09 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-05-26 18:03 - 2015-03-31 16:09 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-05-20 05:12 - 2015-04-04 14:08 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 05:12 - 2015-04-04 14:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-17 17:40 - 2014-12-26 10:44 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-05-17 11:08 - 2015-01-01 15:10 - 00000000 ____D C:\Users\Colin\AppData\Roaming\Frontwing
2015-05-17 11:07 - 2015-01-31 03:22 - 00000000 ____D C:\Games
 
==================== Files in the root of some directories =======
 
2015-06-06 15:21 - 2015-06-06 15:21 - 296320648 _____ (                                                            ) C:\Users\Colin\AppData\Roaming\patch_witcher3_1.01-1.05_2.0.0.32.exe
2015-05-18 18:22 - 2015-06-13 01:24 - 0007680 _____ () C:\Users\Colin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 15:54 - 2015-01-06 15:54 - 0000000 ___SH () C:\Users\Colin\AppData\Local\LumaEmu
2015-03-22 12:36 - 2015-03-22 12:36 - 0001239 _____ () C:\Users\Colin\AppData\Local\recently-used.xbel
2014-12-26 09:47 - 2014-12-26 09:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-06 15:21 - 2015-06-06 15:21 - 0000006 __RSH () C:\ProgramData\f502ed9c1b20c948fb71ed15d0d1b492bc90cc67
 
Files to move or delete:
====================
C:\Users\Colin\AppData\Roaming\Origin\update.vbe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-07 04:22
 
==================== End of log ============================


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:03 PM

Posted 16 June 2015 - 10:00 AM

Download the attached file and save it in the same directory FRST64 is saved.

  • Start FRST64 with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Download AdwCleaner from here. Save the file to the desktop.


    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    AdwScan.jpg?
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be deleted.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    adwcleaner_delete_restart.jpg
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt
    Iconic_normal.png Please launch and update Malwarebytes Anti-Malware.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
    • Reboot your computer if prompted.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

    The log is available throughout History ->Application logs. Please post it contents in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 MersennePrime

MersennePrime
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 16 June 2015 - 02:11 PM

I think the problem has been fixed. After following your first step with the fixlist, my computer restarted and I waited about 10 minutes and noticed that those programs that usually hog my CPU never launched. So whatever you did in that first step, I think that is what did it. However, I followed through with the rest of your steps anyways and have posted all the logs below.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Colin at 2015-06-16 14:36:21 Run:2
Running from C:\Users\Colin\Desktop\New folder
Loaded Profiles: Colin (Available Profiles: Colin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Startup: C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-06-09]
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\ProgramData\Spybot - Search & Destroy
C:\Windows\System32\Tasks\Safer-Networking
C:\Users\Colin\AppData\Roaming\Origin\update.vbe
Folder: C:\Users\Colin\AppData\Roaming\ういんどみる
Folder: C:\ProgramData\フロントウイング
File: C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
Task: {6183072A-92A6-4E55-8ADA-96F4D9594E1B} - System32\Tasks\Origin => C:\Users\Colin\AppData\Roaming\Origin\update.vbe [2015-04-02] () <==== ATTENTION
EmptyTemp:
*****************
 
C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk => moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
C:\ProgramData\Spybot - Search & Destroy => moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => moved successfully.
C:\Users\Colin\AppData\Roaming\Origin\update.vbe => moved successfully.
 
========================= Folder: C:\Users\Colin\AppData\Roaming\ういんどみる ========================
 
2015-05-17 11:09 - 2015-05-17 11:09 - 0000000 ____D () C:\Users\Colin\AppData\Roaming\ういんどみる\cs2
 
====== End of Folder: ======
 
 
========================= Folder: C:\ProgramData\フロントウイング ========================
 
 
====== End of Folder: ======
 
 
========================= File: C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 ========================
 
MD5: D8D410C35E37CE401D9A042EA971D16B
Creation and modification date: 2015-04-14 23:47 - 2015-06-11 20:07
Size: 0000080
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product Name: 
Description: 
File Version: 
Product Version: 
Copyright$creamod: 
 
====== End of File: ======
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6183072A-92A6-4E55-8ADA-96F4D9594E1B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6183072A-92A6-4E55-8ADA-96F4D9594E1B}" => key removed successfully
C:\Windows\System32\Tasks\Origin => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => key removed successfully
EmptyTemp: => 1.4 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 14:36:45 ====
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.9 (06.16.2015:2)
OS: Windows 8.1 x64
Ran by Colin on 06/16/2015 Tue at 14:44:00.22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\apn
Successfully deleted: [Folder] C:\Users\Colin\appdata\local\crashrpt
Successfully deleted: [Folder] C:\ProgramData\216000
Successfully deleted: [Folder] C:\ProgramData\441743
Successfully deleted: [Folder] C:\ProgramData\538925
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
 
[C:\Users\Colin\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Colin\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Colin\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Colin\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/16/2015 Tue at 14:45:31.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
# AdwCleaner v4.206 - Logfile created 16/06/2015 at 14:48:37
# Updated 01/06/2015 by Xplode
# Database : 2015-06-16.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Colin - COLIN2-PC
# Running from : C:\Users\Colin\Desktop\adwcleaner_4.206.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Colin\Favorites\StumbleUpon
Folder Deleted : C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbglmejghppifhhbdhbaijiagbaedeec
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v37.0.2 (x86 en-US)
 
 
-\\ Google Chrome v43.0.2357.124
 
 
*************************
 
AdwCleaner[R0].txt - [1106 bytes] - [16/06/2015 14:47:22]
AdwCleaner[S0].txt - [985 bytes] - [16/06/2015 14:48:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1043  bytes] ##########
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/16/2015
Scan Time: 2:53:43 PM
Logfile: mwb.txt
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.06.16.05
Rootkit Database: v2015.06.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Colin
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362912
Time Elapsed: 12 min, 21 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
-----------------------------------------------------------------------
 
I believe that is all the logs you asked for. I do believe the problem has been fixed, but will continue to monitor this thread in case there is anything else you need me to do or want to inform me of something. If not, I just wanted to let you know I really appreciate you helping me with my problem and just want to say thank you.

Edited by MersennePrime, 16 June 2015 - 02:11 PM.


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:03 PM

Posted 16 June 2015 - 04:10 PM

Lets remove two unicode entries as I don't find any reference to them.
 
Download the attached file and save it in the same directory FRST64 is saved.
  • Start FRST64 with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.
 
 
Test the computer and let me know if satisfied.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 MersennePrime

MersennePrime
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 16 June 2015 - 04:13 PM

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Colin at 2015-06-16 17:12:19 Run:3
Running from C:\Users\Colin\Desktop\New folder
Loaded Profiles: Colin (Available Profiles: Colin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\ProgramData\フロントウイング
C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
*****************
 
C:\ProgramData\フロントウイング => moved successfully.
C:\Users\Colin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 => moved successfully.
 
==== End of Fixlog 17:12:19 ====
 
 
I am very satisfied. My computer can run games very smoothly once again now that my CPU has been freed up. Thanks again for your help.


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:03 PM

Posted 16 June 2015 - 04:21 PM

Congratulations.

We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    DelFix.png
  • Click Run

Here are some suggestions.

  • Always keep your JAVA updated. Older versions will make your computer vulnerable.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  • For more information and guidelines to follow to prevent future infections you can read this article by Miekiemoes.

Best wishes! :hello:


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users