OTL logfile created on: 2014-04-26 14:44:28 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Samsung\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,92 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 45,28% Memory free
7,83 Gb Paging File | 4,02 Gb Available in Paging File | 51,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 177,00 Gb Total Space | 119,21 Gb Free Space | 67,35% Space Free | Partition Type: NTFS
Drive D: | 265,65 Gb Total Space | 261,77 Gb Free Space | 98,54% Space Free | Partition Type: NTFS
 
Computer Name: SAMSUNGWIN7 | User Name: Samsung | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-04-26 12:56:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samsung\Downloads\OTL.scr
PRC - [2014-04-11 04:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginService\PluginService.exe
PRC - [2014-04-06 12:31:12 | 001,065,280 | ---- | M] (ClientConnect Ltd.) -- C:\Users\Samsung\AppData\Local\NativeMessaging\CT3289075\1_0_1_6\TBMessagingHost.exe
PRC - [2014-04-03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-04-03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-04-03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-03-11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
PRC - [2014-02-26 23:46:56 | 000,425,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe
PRC - [2014-02-26 10:30:22 | 000,501,904 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe
PRC - [2013-10-31 12:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2013-10-31 12:35:30 | 000,449,760 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013-08-10 22:00:26 | 001,784,832 | ---- | M] (TODO: <Company name>) -- C:\Users\Samsung\AppData\Local\ConvertAd\ConvertAd.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-10-18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011-10-18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011-10-18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011-10-18 11:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011-09-28 00:23:10 | 005,458,312 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2011-09-06 09:36:42 | 002,275,408 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2011-09-06 09:35:54 | 001,087,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2011-08-19 05:36:46 | 000,784,976 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
PRC - [2011-08-17 09:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011-07-30 00:47:22 | 003,395,664 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
PRC - [2011-06-24 10:52:30 | 004,403,280 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011-06-05 01:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-05-05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011-05-05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
PRC - [2010-11-21 05:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010-09-20 05:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
PRC - [2009-11-02 07:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-04-02 03:58:03 | 000,390,472 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
MOD - [2014-04-02 03:58:02 | 013,691,720 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
MOD - [2014-04-02 03:57:59 | 004,081,480 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014-04-02 03:57:54 | 000,674,632 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014-04-02 03:57:53 | 000,093,000 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014-04-02 03:57:52 | 001,647,432 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014-04-02 03:57:49 | 000,065,352 | ---- | M] () -- C:\Users\Samsung\AppData\Local\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2013-10-31 12:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2013-09-13 11:02:30 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012-04-30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011-02-16 17:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
MOD - [2010-05-07 16:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009-11-02 07:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-02 07:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006-08-12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-04-11 04:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2014-04-03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-04-03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-03-12 23:39:43 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-03-11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe -- (BBUpdate)
SRV - [2014-03-11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe -- (BBSvc)
SRV - [2014-02-26 23:46:56 | 000,425,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) [Auto | Running] -- C:\Program Files (x86)\WinZipper\winzipersvc.exe -- (winzipersvc)
SRV - [2014-02-26 10:30:22 | 000,501,904 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-02-04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011-10-18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011-10-18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011-10-18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011-06-05 01:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-05-05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011-05-05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2010-06-01 08:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2013-04-13 01:53:05 | 001,390,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130412.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013-02-28 19:43:32 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130427.007\ex64.sys -- (NAVEX15)
DRV - [2013-02-28 19:43:32 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013-02-28 19:43:32 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013-02-28 19:43:32 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130427.007\eng64.sys -- (NAVENG)
DRV - [2013-02-27 17:22:14 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130426.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012-04-13 09:17:01 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2011-11-20 03:29:52 | 000,202,592 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files (x86)\YouWave Android\vb\VBoxDrv.sys -- (VBoxDrv)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type=ds&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410&q={searchTerms}
IE - HKLM\..\SearchScopes\{7308AAA3-588F-7A74-F51F-2F6006B16BC7}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1380092485&type=default&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=04C1B803058059E5&affID=120699&tsp=5016
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1393451106&type=default&q={searchTerms}
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1393451106&type=default&q={searchTerms}
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388689551&from=wpm0102&uid=ST9500325AS_S2WFH410XXXXS2WFH410
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\SearchScopes,bProtectorDefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\SearchScopes\{02B2B8AA-A41A-5793-940F-24F8F5C81BC0}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1380092485&type=default&q={searchTerms}
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=04C1B803058059E5&affID=120699&tsp=5016
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1393451106&type=default&q={searchTerms}
IE - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Samsung\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Samsung\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2014-04-26 12:10:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2014-04-26 12:10:12 | 000,000,000 | ---D | M]
 
[2013-03-10 14:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Extensions
[2013-09-25 08:59:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: delta-homes (Enabled)
CHR - default_search_provider: search_url = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1393451106&type=default&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_S2WFH410XXXXS2WFH410&ts=1393451106
CHR - plugin: Error reading preferences file
CHR - Extension: uTorrentControl_v6 = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.29.0.520_0\
CHR - Extension: uTorrentControl_v6 = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.29.0.520_0\nativeMessaging\nmHost
CHR - Extension: AdBlock = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Lightning Newtab = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.8.9_0\
CHR - Extension: Object Browser = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\crossrider
CHR - Extension: Object Browser = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\
CHR - Extension: Google Wallet = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Extended Protection = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\
CHR - Extension: MySearchDial = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.24_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll (Object Browser)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll File not found
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll File not found
O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-392818877-1939927122-1532879338-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AnyProtect] C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe File not found
O4 - HKLM..\Run: [AnyProtect Tray] C:\Program Files (x86)\AnyProtectEx\AnyProtectTray.exe /scanner File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ConvertAd] C:\Users\Samsung\AppData\Local\ConvertAd\ConvertAd.exe (TODO: <Company name>)
O4 - HKLM..\Run: [tuto4pc_pl_17]  File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-392818877-1939927122-1532879338-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-392818877-1939927122-1532879338-1001..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-392818877-1939927122-1532879338-1001..\Run: [TBHostSupport] C:\Users\Samsung\AppData\Local\TBHostSupport\TBHostSupport_0.dll (Conduit Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-392818877-1939927122-1532879338-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-392818877-1939927122-1532879338-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.234.241.50 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E16FC4A0-B224-46AB-99BC-C4E7B39B0D44}: DhcpNameServer = 173.234.241.50 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5e3a9f01-4d4c-11e3-981f-b803058059e8}\Shell - "" = AutoRun
O33 - MountPoints2\{5e3a9f01-4d4c-11e3-981f-b803058059e8}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-04-26 12:28:54 | 000,000,000 | ---D | C] -- C:\FRST
[2014-04-26 12:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-04-26 12:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-04-26 12:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-04-26 12:22:39 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\WYNIKI SKANU
[2014-04-12 17:04:36 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\muza 1
[2014-04-11 21:57:24 | 000,000,000 | -HSD | C] -- C:\Users\Samsung\AppData\Local\EmieUserList
[2014-04-11 21:57:24 | 000,000,000 | -HSD | C] -- C:\Users\Samsung\AppData\Local\EmieSiteList
[2014-04-11 10:09:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014-04-11 10:09:32 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014-04-11 10:09:30 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014-04-11 10:09:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014-04-11 10:09:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014-04-11 10:09:25 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-04-11 10:09:21 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014-04-11 10:09:21 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014-04-11 10:09:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014-04-11 10:09:16 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014-04-09 21:45:34 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\{2A10C5ED-C7E1-4825-B9C1-5432D8968AC1}
[2014-04-09 18:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iologmsg.dll
[2014-04-09 18:22:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2014-04-09 18:22:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2014-04-09 18:22:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2014-04-09 18:22:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2014-04-09 18:22:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2014-04-08 10:46:09 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Documents\Moje odebrane pliki
[2014-04-08 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Windows Live
[2014-04-08 10:20:48 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\{98EA16BC-6924-47C2-9CCE-7E008D3BBB68}
[2014-04-08 10:20:48 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\{963EAAE2-F2EB-44FD-805A-285983549737}
[2014-03-31 17:29:26 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\poznan zdj
[2013-09-25 09:01:23 | 000,837,080 | ---- | C] (AnyProtect.com) -- C:\Users\Samsung\AppData\Local\AnyProtectScannerSetup.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-04-26 14:42:20 | 000,000,007 | ---- | M] () -- C:\Users\Samsung\Desktop\Nowy dokument sformatowany.rtf
[2014-04-26 14:42:09 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014-04-26 14:41:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014-04-26 13:58:08 | 000,001,066 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-392818877-1939927122-1532879338-1001UA.job
[2014-04-26 13:57:33 | 000,001,050 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-04-26 12:51:07 | 000,001,934 | ---- | M] () -- C:\windows\tasks\Object Browser-chromeinstaller.job
[2014-04-26 12:51:07 | 000,001,318 | ---- | M] () -- C:\windows\tasks\Object Browser-updater.job
[2014-04-26 12:51:07 | 000,001,220 | ---- | M] () -- C:\windows\tasks\Object Browser-codedownloader.job
[2014-04-26 12:51:07 | 000,001,120 | ---- | M] () -- C:\windows\tasks\Object Browser-enabler.job
[2014-04-26 12:24:31 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-04-26 12:08:00 | 000,001,046 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-04-26 12:06:41 | 4204,314,624 | -HS- | M] () -- C:\hiberfil.sys
[2014-04-25 22:57:22 | 000,001,014 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-392818877-1939927122-1532879338-1001Core.job
[2014-04-25 22:46:03 | 000,001,368 | ---- | M] () -- C:\Users\Samsung\Desktop\Wyczyść rejestr za darmo!.lnk
[2014-04-23 09:31:07 | 000,000,288 | ---- | M] () -- C:\windows\tasks\RegClean Pro_UPDATES.job
[2014-04-21 16:27:56 | 000,000,280 | ---- | M] () -- C:\windows\tasks\RegClean Pro_DEFAULT.job
[2014-04-11 09:00:04 | 000,002,665 | ---- | M] () -- C:\Users\Samsung\Desktop\Google Chrome.lnk
[2014-04-09 22:11:30 | 004,777,212 | ---- | M] () -- C:\Users\Samsung\Desktop\DSC_0137.JPG
[2014-04-08 10:48:37 | 000,320,401 | ---- | M] () -- C:\Users\Samsung\Desktop\IMG_20140408_104140.JPG
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-04-26 14:42:20 | 000,000,007 | ---- | C] () -- C:\Users\Samsung\Desktop\Nowy dokument sformatowany.rtf
[2014-04-26 12:24:30 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-04-09 21:40:24 | 004,777,212 | ---- | C] () -- C:\Users\Samsung\Desktop\DSC_0137.JPG
[2014-04-08 10:48:34 | 000,320,401 | ---- | C] () -- C:\Users\Samsung\Desktop\IMG_20140408_104140.JPG
[2014-02-25 23:32:42 | 001,653,238 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013-12-18 23:52:03 | 000,000,146 | ---- | C] () -- C:\Users\Samsung\AppData\Roaming\WB.CFG
[2013-10-27 19:29:17 | 000,078,336 | ---- | C] () -- C:\windows\SysWow64\rp.dll
[2013-10-26 18:48:55 | 000,351,112 | ---- | C] () -- C:\Users\Samsung\AppData\Local\mysearchdial-speeddial.crx
[2013-09-25 12:01:56 | 000,000,218 | ---- | C] () -- C:\Users\Samsung\.recently-used.xbel
[2013-03-28 21:25:46 | 000,165,376 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-09-25 09:02:30 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\0C1I1L1R1J0M1P0I1G
[2013-09-25 08:59:12 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\Babylon
[2013-09-28 20:55:02 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\eUpdate
[2013-11-03 15:41:47 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\GG
[2013-09-25 12:01:16 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\gtk-2.0
[2013-09-25 08:02:41 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\ipla
[2013-10-26 18:48:56 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\mysearchdial
[2014-02-26 23:46:46 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\SupTab
[2013-09-25 09:00:57 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\systweak
[2013-10-26 21:37:12 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\uTorrent
[2014-04-26 12:31:23 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\WinZipper
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:56E2E879

< End of report >