Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 Ran by samsung (administrator) on TEAMALPHA (08-09-2016 18:29:52) Running from C:\Users\samsung\Downloads Loaded Profiles: samsung (Available Profiles: samsung & DefaultAppPool) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (PFU LIMITED) C:\Users\samsung\Desktop\ScanSnap Files\PFU\ScanSnap\CardMinder\CardLauncher.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\samsung\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7167.40721.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\System32\sdclt.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-09] (Atheros Commnucations) HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\Users\samsung\Desktop\ScanSnap Files\PFU\ScanSnap\Driver\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED) HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\e2756eac-a68e-43f5-a110-a54180326776.exe /check HKLM-x32\...\Run: [PowerDVD13Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe" HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [504792 2014-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-07-07] (Razer Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [45568 2014-04-13] (PFU LIMITED) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-24] (Raptr, Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-24] (Valve Corporation) HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\Run: [MediaFire Tray] => "C:\Users\samsung\AppData\Local\MediaFire Desktop\mf_watch.exe" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\Run: [CatalinaGroup Update] => C:\Users\samsung\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [130928 2015-12-31] (Catalina Group Ltd.) HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd) HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\RunOnce: [Uninstall C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\RunOnce: [Uninstall C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\RunOnce: [Uninstall C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\RunOnce: [Uninstall C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2016-05-07] () ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2016-05-07] () ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2016-05-07] () ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2016-05-07] () ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2016-05-07] () ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation) ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_e3ee9.dll [2014-07-03] (TODO: ) ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_e3ee9.dll [2014-07-03] (TODO: ) ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_e3ee9.dll [2014-07-03] (TODO: ) ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_e3ee9.dll [2014-07-03] (TODO: ) ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_e3ee9.dll [2014-07-03] (TODO: ) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {39D54CC2-69CF-43b4-B167-577D25E7F496} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncSharedPending] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CardMinder Viewer.lnk [2015-05-29] ShortcutTarget: CardMinder Viewer.lnk -> C:\Users\samsung\Desktop\ScanSnap Files\PFU\ScanSnap\CardMinder\CardLauncher.exe (PFU LIMITED) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Conversion to PDF with ScanSnap Organizer.lnk [2015-05-29] ShortcutTarget: Conversion to PDF with ScanSnap Organizer.lnk -> C:\Users\samsung\Desktop\ScanSnap Files\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe (PFU LIMITED) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk [2015-04-11] ShortcutTarget: ScanSnap Manager.lnk -> C:\Users\samsung\Desktop\ScanSnap Files\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED) Startup: C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2016-01-05] ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2540 series.lnk [2016-09-06] ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zcan+.lnk [2016-08-14] ShortcutTarget: Zcan+.lnk -> C:\Program Files (x86)\Zcan+\Scanner Mouse.exe () GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 210.4.2.61 8.8.8.8 Tcpip\..\Interfaces\{3bc84cf6-4844-4c78-87c4-5103a3646da1}: [DhcpNameServer] 210.4.2.61 8.8.8.8 Tcpip\..\Interfaces\{84a60fe5-9929-4fd8-bd62-4bf01b943932}: [DhcpNameServer] 210.4.2.61 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1285780863-4141913994-941100708-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-1285780863-4141913994-941100708-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE BHO: youtubeadblocker -> {4cabfe67-ea68-495c-906f-72eb8d3555e4} -> C:\Program Files (x86)\youtubeadblocker\KZCEoo0qJZpLnw.x64.dll => No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-09] (Atheros Commnucations) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5cpveg2z.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_232.dll [2016-04-21] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_232.dll [2016-04-21] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-04-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-04-18] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @catalinahub.net/CatalinaGroup Update;version=3 -> C:\Users\samsung\AppData\Local\CatalinaGroup\Update\1.3.25.223\npCatalinaUpdate3.dll [2015-12-31] (Catalina Group Ltd.) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @catalinahub.net/CatalinaGroup Update;version=9 -> C:\Users\samsung\AppData\Local\CatalinaGroup\Update\1.3.25.223\npCatalinaUpdate3.dll [2015-12-31] (Catalina Group Ltd.) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @nsroblox.roblox.com/launcher -> C:\Users\samsung\AppData\Local\Roblox\Versions\version-a5eaf158bd544c4d\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\samsung\AppData\Local\Roblox\Versions\version-a5eaf158bd544c4d\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\samsung\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @talk.google.com/O1DPlugin -> C:\Users\samsung\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google) FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @tools.google.com/Google Update;version=3 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @tools.google.com/Google Update;version=9 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-1285780863-4141913994-941100708-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\samsung\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\samsung\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\samsung\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google) FF Extension: (gpummoozgithubcom) - C:\Users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5cpveg2z.default\extensions\gpum@mooz.github.com [2014-08-25] [not signed] FF Extension: (4cc4a13b94a67568370d5f9de54a9c7f) - C:\Users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5cpveg2z.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-04] [not signed] FF Extension: (Search Application) - C:\Users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5cpveg2z.default\Extensions\{16cd6b36-d79c-45a4-896c-a98072e32a5e}.xpi [2015-01-03] [not signed] FF Extension: (Adblock Plus) - C:\Users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\5cpveg2z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-09] FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] Chrome: ======= CHR Profile: C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28] CHR Extension: (Google Docs) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28] CHR Extension: (Google Drive) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25] CHR Extension: (Adblock for Youtube™) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-03-05] CHR Extension: (Google Search) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Sheets) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28] CHR Extension: (Google Docs Offline) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-09-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Gmail) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28] CHR Extension: (Chrome Media Router) - C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1392648 2016-07-08] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd) S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-27] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-18] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-18] (Intel Corporation) S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.) S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-04-14] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] () S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-06-19] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-08-01] (Razer Inc.) R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [File not signed] S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-03] (TeamViewer GmbH) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) S4 wwSecSvc; C:\windows\SysWOW64\wwSecure.exe [486400 2005-05-20] (Webroot Software, Inc.) [File not signed] S4 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-09] (Atheros) [File not signed] S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82664 2015-10-21] (Advanced Micro Devices, Inc.) R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-11] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-11] (Disc Soft Ltd) S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-01-03] (Echobit, LLC) R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-10-26] (LogMeIn Inc.) R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel Corporation) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2016-01-05] (Realsil Semiconductor Corporation) S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-08-11] (Razer, Inc.) R3 RZSURROUNDVADService; C:\Windows\system32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-08 18:29 - 2016-09-08 18:31 - 00035264 _____ C:\Users\samsung\Downloads\FRST.txt 2016-09-08 18:29 - 2016-09-08 18:29 - 00000000 ____D C:\FRST 2016-09-08 18:28 - 2016-09-08 18:28 - 02397696 _____ (Farbar) C:\Users\samsung\Downloads\FRST64.exe 2016-09-06 18:43 - 2016-09-06 20:25 - 01722098 _____ C:\Users\samsung\Downloads\PPT_Lesson_4(2).pptx 2016-09-05 21:30 - 2016-09-05 21:30 - 01291032 _____ C:\Users\samsung\Downloads\INTRO_UCSP_W2_PIII(5).pptx 2016-09-05 21:26 - 2016-09-05 21:43 - 10041175 _____ C:\Users\samsung\Downloads\INTRO_UCSP_W2_PII(8).pptx 2016-09-05 09:06 - 2016-09-05 09:07 - 03826240 _____ C:\Users\samsung\Downloads\adwcleaner_6.010.exe 2016-09-03 11:12 - 2016-09-03 11:12 - 01274888 _____ C:\Users\samsung\Downloads\SH_INFOTEC WEEK 5.pptx 2016-08-28 14:42 - 2016-09-05 19:16 - 00000000 ____D C:\Users\samsung\AppData\Local\Warframe 2016-08-20 15:19 - 2016-08-20 15:24 - 50899640 _____ (Hammer & Chisel, Inc.) C:\Users\samsung\Downloads\DiscordSetup.exe 2016-08-14 19:43 - 2016-08-14 19:43 - 00000000 ____D C:\Users\samsung\AppData\Local\Scanner Mouse 2016-08-14 19:38 - 2016-08-14 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zcan+ 2016-08-14 19:38 - 2016-08-14 19:42 - 00000000 ____D C:\Program Files (x86)\Zcan+ 2016-08-14 15:32 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-14 15:32 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-14 15:32 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-14 15:32 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-14 15:32 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-14 15:32 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-14 15:32 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-14 15:32 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-14 15:32 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-14 15:32 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-14 15:32 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-14 15:32 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-14 15:32 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-14 15:32 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-14 15:32 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-14 15:32 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-14 15:32 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-14 15:32 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-14 15:32 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-14 15:32 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-14 15:32 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-14 15:32 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-14 15:32 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-14 15:32 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-14 15:32 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-14 15:32 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-14 15:32 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-14 15:32 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-14 15:32 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-14 15:32 - 2016-08-03 17:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2016-08-14 15:32 - 2016-08-03 17:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-08-14 15:32 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-14 15:32 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-14 15:32 - 2016-08-03 17:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2016-08-14 15:32 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-14 15:32 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-14 15:32 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-14 15:32 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-14 15:32 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-14 15:32 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-14 15:32 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-14 15:32 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-14 15:32 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-14 15:32 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-14 15:32 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-14 15:32 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-14 15:32 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-14 15:32 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-14 15:32 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-14 15:32 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-14 15:32 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-14 15:32 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-14 15:32 - 2016-08-03 17:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-08-14 15:32 - 2016-08-03 17:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-08-14 15:32 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-14 15:32 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-14 15:32 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-14 15:32 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-14 15:32 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-14 15:32 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-14 15:32 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-14 15:32 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-14 15:32 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-14 15:32 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-14 15:32 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-14 15:32 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-14 15:32 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-14 15:32 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-14 15:32 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-14 15:32 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-14 15:32 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-14 15:32 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-14 15:32 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-14 15:32 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-14 15:32 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-14 15:32 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-14 15:32 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-14 15:32 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-14 15:32 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-14 15:32 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-14 15:32 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-14 15:32 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-14 15:32 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-14 15:32 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-14 15:32 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-14 15:32 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-14 15:32 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-14 15:32 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-14 15:32 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-14 15:32 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-14 15:32 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-14 15:32 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-14 15:32 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-14 15:32 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-14 15:32 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-14 15:32 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-14 15:32 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-14 15:32 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-14 15:32 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-14 15:32 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-14 15:32 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-14 15:32 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-14 15:32 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-14 15:32 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-14 15:32 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-14 15:32 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-14 15:32 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-14 15:31 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-14 15:31 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-14 15:31 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-14 15:31 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-14 15:31 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-14 15:31 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-14 15:31 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-14 15:31 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-14 15:31 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-14 15:31 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-14 15:31 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-14 15:31 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-14 15:31 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-14 15:31 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-14 15:31 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-14 15:31 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-14 15:31 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-14 15:31 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-14 15:31 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-14 15:31 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-14 15:31 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-14 15:31 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-14 15:31 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-14 15:31 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-14 15:31 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-14 14:38 - 2016-08-14 14:39 - 00995880 _____ (Microsoft Corporation) C:\Users\samsung\Downloads\vs2015.3.exe 2016-08-14 14:34 - 2016-08-14 14:39 - 31389056 _____ (Microsoft Corporation ) C:\Users\samsung\Downloads\VSCodeSetup-stable.exe 2016-08-14 14:02 - 2016-08-14 14:02 - 00000000 _____ C:\WINDOWS\SysWOW64\shoC3EE.tmp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-08 18:30 - 2015-11-12 10:15 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt 2016-09-08 18:30 - 2014-06-30 20:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-08 18:29 - 2014-06-24 17:42 - 00000000 ___HD C:\Users\samsung\.mediafire 2016-09-08 18:29 - 2013-11-25 18:22 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000UA.job 2016-09-08 18:25 - 2013-11-01 14:57 - 00000000 ____D C:\Program Files (x86)\Steam 2016-09-07 21:47 - 2015-12-31 12:06 - 00000966 _____ C:\WINDOWS\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000UA.job 2016-09-07 20:10 - 2015-09-12 11:15 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-07 18:19 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-07 18:19 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-07 18:07 - 2013-07-03 21:01 - 00000000 ____D C:\Users\samsung\AppData\Local\Adobe 2016-09-06 19:27 - 2015-06-26 15:29 - 00000132 _____ C:\Users\samsung\AppData\Roaming\Adobe PNG Format CS5 Prefs 2016-09-06 10:41 - 2015-11-27 18:45 - 00000000 __SHD C:\Users\samsung\IntelGraphicsProfiles 2016-09-06 10:40 - 2015-09-12 11:15 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-06 10:40 - 2012-05-22 17:50 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2016-09-06 10:28 - 2016-01-08 23:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-06 10:28 - 2015-10-30 14:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-09-06 10:28 - 2015-01-17 20:51 - 00000091 _____ C:\HaxLogs.txt 2016-09-06 10:27 - 2015-01-15 17:47 - 00000000 ____D C:\AdwCleaner 2016-09-05 21:45 - 2012-08-05 16:34 - 00000000 ____D C:\Users\samsung\AppData\Roaming\SoftGrid Client 2016-09-05 12:47 - 2015-12-31 12:06 - 00000914 _____ C:\WINDOWS\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000Core.job 2016-09-05 11:54 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-09-05 11:51 - 2012-05-22 17:50 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2016-09-05 11:00 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF 2016-09-05 09:12 - 2016-01-08 23:13 - 00000000 ____D C:\Users\samsung 2016-09-03 15:47 - 2016-01-08 23:12 - 01010686 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-03 15:46 - 2013-06-16 17:38 - 00000000 ____D C:\Users\samsung\Desktop\Pictures of Pictures 2016-09-03 14:01 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-03 14:01 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-01 19:14 - 2016-01-06 18:48 - 00001354 _____ C:\Users\Public\Desktop\Razer Cortex.lnk 2016-08-28 20:38 - 2015-09-02 09:49 - 00001285 _____ C:\Users\samsung\Desktop\ROBLOX Studio.lnk 2016-08-28 20:38 - 2015-08-16 17:31 - 00001470 _____ C:\Users\samsung\Desktop\ROBLOX Player.lnk 2016-08-28 20:38 - 2015-08-16 17:24 - 00000000 ____D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2016-08-27 18:53 - 2016-06-24 22:55 - 00000000 ____D C:\Users\samsung\AppData\Local\Arma 3 2016-08-27 15:51 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache 2016-08-27 13:29 - 2013-11-25 18:22 - 00000864 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000Core.job 2016-08-26 19:53 - 2015-12-31 14:15 - 00002567 _____ C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrio.lnk 2016-08-26 19:53 - 2015-12-31 14:15 - 00002559 _____ C:\Users\samsung\Desktop\Citrio.lnk 2016-08-23 20:54 - 2013-04-19 13:41 - 00000000 ____D C:\Users\samsung\Desktop\My Folder 2016-08-18 22:07 - 2015-09-10 13:42 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-18 21:47 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-18 21:47 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-18 18:33 - 2014-04-25 20:21 - 00000000 ____D C:\Users\samsung\Desktop\scan folder 2016-08-14 19:23 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-14 19:23 - 2013-07-15 08:57 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-14 19:13 - 2012-08-06 20:23 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-11 00:37 - 2015-02-07 15:50 - 00137840 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys 2016-08-09 10:12 - 2014-10-11 14:34 - 00002578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Files in the root of some directories ======= 2015-06-26 15:29 - 2016-09-06 19:27 - 0000132 _____ () C:\Users\samsung\AppData\Roaming\Adobe PNG Format CS5 Prefs 2014-07-31 03:49 - 2014-11-18 04:26 - 0000102 _____ () C:\Users\samsung\AppData\Roaming\WB.CFG 2016-05-17 10:40 - 2016-05-17 10:41 - 266040255 _____ () C:\Users\samsung\AppData\Local\ACCCx3_6_0_248.zip.aamdownload 2016-05-17 10:40 - 2016-05-17 10:41 - 0003014 _____ () C:\Users\samsung\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd 2012-09-02 18:11 - 2015-08-15 13:37 - 0011264 _____ () C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-17 15:02 - 2015-03-17 15:02 - 0011872 _____ () C:\Users\samsung\AppData\Local\Temp-log.txt 2015-06-27 20:40 - 2015-06-27 20:40 - 0000000 _____ () C:\Users\samsung\AppData\Local\Temp.dat 2015-05-30 21:34 - 2015-05-30 21:34 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-10-27 17:29 - 2012-08-28 17:29 - 0000032 ____R () C:\ProgramData\hash.dat 2012-11-19 18:25 - 2015-06-01 10:07 - 0008925 _____ () C:\ProgramData\hpzinstall.log 2014-08-04 18:58 - 2014-08-04 18:59 - 0000177 _____ () C:\ProgramData\Temp.log 2012-05-22 18:43 - 2012-05-22 18:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2012-05-22 18:39 - 2012-05-22 18:39 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log 2012-05-22 18:41 - 2012-05-22 18:41 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2012-05-22 18:39 - 2012-05-22 18:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log 2012-05-22 18:42 - 2012-05-22 18:43 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log Files to move or delete: ==================== C:\ProgramData\hash.dat Some files in TEMP: ==================== C:\Users\samsung\AppData\Local\Temp\libeay32.dll C:\Users\samsung\AppData\Local\Temp\msvcr120.dll C:\Users\samsung\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-08-29 09:35 ==================== End of FRST.txt ============================