Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by SYSTEM on MININT-SBICBFS on 31-05-2015 21:00:16 Running from J:\ Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AtherosBtStack] => "G:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" HKLM\...\Run: [AthBtTray] => "G:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-13] (Logitech Inc.) HKLM\...\Run: [NvBackend] => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2020952 2015-05-04] (Trend Micro Inc.) HKLM\...\Run: [Samsung Link] => "G:\Program Files (x86)\Samsung Link\Samsung Link Tray Agent.exe" HKLM-x32\...\Run: [Ttesports] => g:\Program Files (x86)\Ttesports\MEKA G UNIT\MEKA G Unit HID.exe HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-08-23] (Intel Corporation) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-07] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUS ShellProcess Execute] => G:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE HKLM-x32\...\Run: [BCSSync] => "H:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-29] (Hewlett-Packard) HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-22] (Affinegy, Inc.) HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2015-03-16] (Microsoft Corporation) HKU\hernan\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-16] (Hewlett-Packard Co.) HKU\hernan\...\Run: [GoogleChromeAutoLaunch_45E24D13F95E468BB10DE9D155D4B27B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.) HKU\hernan\...\Run: [OfficeSyncProcess] => "H:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" HKU\hernan\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-13] (Microsoft Corporation) HKU\Invitados\...\RunOnce: [Adobe Speed Launcher] => 1421637374 Startup: C:\Users\hernan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-19] ShortcutTarget: Dropbox.lnk -> (No File) Startup: C:\Users\hernan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk [2014-02-16] ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\hernan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014-05-23] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> H:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-22] (Affinegy, Inc.) S2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-20] (Samsung) S2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-18] () S2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-08] () S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation) S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-10] (Hewlett-Packard Company) S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation) S2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.) S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-02-17] () S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-02-17] () S2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [333848 2015-05-04] (Trend Micro Inc.) S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] () S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.) S2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-19] (Microsoft Corporation) S2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-19] (Microsoft Corporation) S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.) S4 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-02-16] (AVG Secure Search) S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-19] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X] S3 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [X] S3 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [X] S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [X] S2 AtherosSvc; G:\Program Files (x86)\Bluetooth Suite\adminservice.exe [X] S3 CVPND; "G:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe" [X] S2 MBAMService; "h:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X] S3 Microsoft SharePoint Workspace Audit Service; "H:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X] S2 NvNetworkService; "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" [X] S2 OracleMTSRecoveryService; \bin\OMTSRECO.EXE OracleMTSRecoveryService [X] S3 Origin Client Service; "H:\Program Files (x86)\Origin\OriginClientService.exe" [X] S2 Samsung Link Service; "G:\Program Files (x86)\Samsung Link\Samsung Link.exe" [X] S3 SandraAgentSrv; h:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011\RpcAgentSrv.exe [X] S2 SkypeUpdate; "G:\Program Files (x86)\Skype\Updater\Updater.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-07] (ASUSTek Computer Inc.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] () S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] () S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation) S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-02-16] (AVG Technologies) S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [38400 2011-02-08] (CSR plc.) S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-22] () S2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-10-15] (Intel Corporation) S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2015-01-29] (Trend Micro Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-13] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-13] (Malwarebytes Corporation) S3 MK1FLTR; C:\Windows\System32\Drivers\MK1FLTR.sys [31104 2011-04-23] () S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-06] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-06] () S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.) S1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.) S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.) S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.) S3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-21] (silex technology, Inc.) S1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.) S0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.) S0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.) S2 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.) S1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.) S2 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.) S2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.) S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [411648 2011-01-20] (10Moons Technologies Co.,Ltd) S3 UDXTTM6010; C:\Windows\System32\Drivers\UDXTTM6010.sys [668288 2008-04-30] () S3 UDXTTM6010HID; C:\Windows\System32\drivers\UDXTTM6010HID.sys [21504 2007-02-22] (DTV-DVB) S3 WinRing0_1_2_0; C:\Users\hernan\Desktop\Test\RealTemp_340\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org) S3 SANDRA; \??\h:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011\WNt500x64\Sandra.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S2 TMAgent; No ImagePath S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-31 20:54 - 2015-05-31 21:00 - 00000000 ____D () C:\FRST 2015-05-30 21:15 - 2015-05-30 21:15 - 00003344 ____N () C:\bootsqm.dat 2015-05-30 06:01 - 2015-05-30 06:01 - 00000729 _____ () C:\Users\Rosario\Desktop\WinDirStat.lnk 2015-05-30 06:01 - 2015-05-30 06:01 - 00000729 _____ () C:\Users\Invitados\Desktop\WinDirStat.lnk 2015-05-30 06:01 - 2015-05-30 06:01 - 00000729 _____ () C:\Users\hernan\Desktop\WinDirStat.lnk 2015-05-23 03:34 - 2015-05-23 03:34 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-05-22 09:01 - 2015-05-22 09:01 - 00262144 _____ () C:\Windows\Minidump\052415-11700-01.dmp 2015-05-22 05:52 - 2008-07-11 14:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2015-05-22 05:52 - 2008-07-11 14:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-05-22 05:52 - 2008-07-11 14:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2015-05-22 05:51 - 2015-05-22 05:51 - 00001503 _____ () C:\Users\Public\Desktop\League of Legends.lnk 2015-05-22 05:45 - 2015-05-22 05:52 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Riot Games 2015-05-20 21:08 - 2015-05-20 21:08 - 00000000 ____D () C:\Download 2015-05-20 21:07 - 2015-05-20 21:07 - 00002034 _____ () C:\Users\Public\Desktop\Samsung AllShare.lnk 2015-05-20 21:07 - 2015-05-20 21:07 - 00000000 ____D () C:\AllShare 2015-05-19 03:31 - 2015-05-19 03:31 - 00000000 __RDL () C:\Users\hernan\dropbox 2015-05-19 03:25 - 2015-05-23 03:43 - 00001025 _____ () C:\Users\hernan\Desktop\Dropbox.lnk 2015-05-19 02:22 - 2015-05-19 02:22 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack 2015-05-19 02:22 - 2012-06-09 09:21 - 00178688 _____ () C:\Windows\SysWOW64\unrar.dll 2015-05-19 00:34 - 2015-05-19 02:21 - 00001154 _____ () C:\Users\hernan\Desktop\Samsung Link thewriter30@gmail.com.lnk 2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Users\hernan\Samsung Link 2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Users\hernan\.swt 2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Upload 2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Program Files\Samsung 2015-05-17 06:12 - 2015-05-17 06:12 - 00000961 _____ () C:\Users\Public\Desktop\Xilisoft YouTube Video Converter.lnk 2015-05-15 04:44 - 2015-05-15 04:44 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\PFStaticIP 2015-05-15 04:39 - 2015-05-15 05:27 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\PortForward.com ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-31 15:00 - 2015-04-04 08:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-05-31 15:00 - 2015-04-04 08:00 - 00000000 ___SD () C:\Windows\System32\GWX 2015-05-31 15:00 - 2014-02-18 01:57 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\BitTorrent 2015-05-31 15:00 - 2009-07-13 23:46 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-31 15:00 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers 2015-05-31 15:00 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration 2015-05-31 15:00 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-05-31 02:16 - 2009-07-13 21:13 - 00823040 _____ () C:\Windows\System32\PerfStringBackup.INI 2015-05-31 02:08 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-31 02:08 - 2009-07-13 20:51 - 00102752 _____ () C:\Windows\setupact.log 2015-05-30 23:34 - 2009-07-13 20:45 - 00006144 _____ () C:\Windows\System32\umstartup.etl 2015-05-30 21:23 - 2009-07-13 20:45 - 00013440 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-30 21:23 - 2009-07-13 20:45 - 00013440 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-30 21:19 - 2014-02-15 22:15 - 02084840 _____ () C:\Windows\WindowsUpdate.log 2015-05-30 19:27 - 2014-08-27 16:10 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1493236807-3844070063-1385112149-1000.job 2015-05-30 19:27 - 2014-02-16 00:24 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-30 19:04 - 2015-02-02 00:32 - 00000000 ____D () C:\Program Files\WinRAR 2015-05-30 18:55 - 2015-04-02 18:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-30 06:27 - 2014-02-16 00:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-30 05:57 - 2014-02-15 22:19 - 00000000 ____D () C:\users\hernan 2015-05-30 05:20 - 2014-02-18 00:47 - 00000000 ____D () C:\Windows\Minidump 2015-05-30 05:12 - 2014-02-18 03:19 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\vlc 2015-05-30 04:39 - 2014-02-17 05:45 - 00000000 ____D () C:\Users\hernan\AppData\Local\CrashDumps 2015-05-29 06:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF 2015-05-29 04:37 - 2015-01-13 05:27 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Dropbox 2015-05-29 04:34 - 2014-02-16 04:07 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Skype 2015-05-29 01:49 - 2014-05-15 02:40 - 00007610 _____ () C:\Users\hernan\AppData\Local\resmon.resmoncfg 2015-05-28 22:16 - 2015-04-15 19:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2015-05-28 18:40 - 2014-02-15 22:43 - 00112440 _____ () C:\Users\hernan\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-28 18:40 - 2009-07-13 20:45 - 00414568 _____ () C:\Windows\System32\FNTCACHE.DAT 2015-05-28 05:53 - 2014-02-18 00:52 - 00000000 ____D () C:\Users\hernan\AppData\Local\Microsoft Help 2015-05-24 03:09 - 2014-02-16 02:28 - 03289482 _____ () C:\Windows\PFRO.log 2015-05-23 21:32 - 2014-02-18 00:21 - 00000000 _____ () C:\Windows\System32\Drivers\lvuvc.hs 2015-05-23 02:41 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Public\Libraries 2015-05-22 04:38 - 2015-04-21 02:16 - 00000000 ____D () C:\Users\hernan\AppData\Local\Windows Live 2015-05-20 21:07 - 2015-04-17 16:24 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Samsung 2015-05-20 21:07 - 2015-04-17 16:20 - 00000000 ____D () C:\Program Files (x86)\Samsung 2015-05-20 21:07 - 2014-02-15 23:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-20 21:06 - 2015-04-17 16:19 - 00000000 ____D () C:\Users\hernan\AppData\Local\Downloaded Installations 2015-05-19 05:08 - 2015-04-15 19:08 - 00000821 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-05-17 05:43 - 2014-08-26 03:03 - 00000000 ____D () C:\Users\hernan\AppData\Local\Adobe 2015-05-17 04:57 - 2015-04-02 18:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-05-17 04:57 - 2014-02-16 00:42 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-17 04:57 - 2014-02-16 00:42 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-16 06:22 - 2014-02-16 00:24 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-16 06:22 - 2014-02-16 00:24 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-14 02:06 - 2014-08-13 18:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-14 02:06 - 2014-08-13 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-13 06:12 - 2014-02-16 04:31 - 00000000 ____D () C:\Windows\System32\MRT 2015-05-13 06:08 - 2014-02-16 04:31 - 140425016 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe Some files in TEMP: ==================== C:\Users\hernan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmlyo6z.dll ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 6% Total physical RAM: 16351.15 MB Available physical RAM: 15209.75 MB Total Pagefile: 16349.3 MB Available Pagefile: 15210.03 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: (SSD-C) (Fixed) (Total:60.42 GB) (Free:3.91 GB) NTFS Drive d: (SSD-F) (Fixed) (Total:58.59 GB) (Free:47.16 GB) NTFS Drive e: (D) (Fixed) (Total:298.09 GB) (Free:93.48 GB) NTFS Drive f: (G) (Fixed) (Total:465.76 GB) (Free:251.35 GB) NTFS Drive g: () (Fixed) (Total:298.08 GB) (Free:200.27 GB) NTFS Drive i: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF Drive j: (NANO) (Removable) (Total:1.92 GB) (Free:1.89 GB) FAT Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: BF7A04F7) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 69737369) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 298.1 GB) (Disk ID: 02C902C8) Partition: GPT Partition Type. ======================================================== Disk: 4 (Size: 1.9 GB) (Disk ID: 86535F3E) Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06) LastRegBack: 2015-05-23 09:29 ==================== End of log ============================