Downloaded virus, pop ups, redirect etc

**chelseafan** · 2014-08-08, 02:15

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 08/08/2014
Scan Time: 00:59:46
Logfile: mwblog.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.07.10
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Samsung

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 315095
Time Elapsed: 8 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.AdPeak.A, C:\Program Files\005\hzunyanhtn64.exe, 1816, Delete-on-Reboot, [43830bb81d5ec1753ee6526613f1cc34]
PUP.Optional.PayByAds.A, C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe, 2468, Delete-on-Reboot, [2c9a695a116a4de9deddfbf927ddc43c]

Modules: 0
(No malicious items detected)

Registry Keys: 10
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hzunyanhtn64, Quarantined, [43830bb81d5ec1753ee6526613f1cc34],
PUP.Optional.InfoTrigger.A, HKLM\SOFTWARE\WOW6432NODE\InfoTrigger, Quarantined, [ad19457ee3984de90e41499781819f61],
PUP.Optional.Adpeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AllDaySavingsService64, Quarantined, [07bf1ca70d6e4fe7432640995ca6de22],
PUP.Optional.AdPeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\netfilter64, Quarantined, [ebdb863d1f5c39fdbb8902d68f73db25],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, Quarantined, [33939a29c5b62d090cce83b6af55ce32],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [80461ba8dba0ed490abab628d32f7c84],
PUP.Optional.Groovorio, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CC865B26-C31D-4D23-B17B-96548EEF03F6}, Quarantined, [4b7b8142f18acd6967190139da2ade22],
PUP.Optional.OnlySearch.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\onlysearch, Quarantined, [3a8cf1d2fb8030067e910ad0b949d12f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [6d59b50e94e70b2b24c914b7857de719],

Registry Values: 1
PUP.Optional.PayByAds.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|onlysearch, C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe, Quarantined, [2c9a695a116a4de9deddfbf927ddc43c]

Registry Data: 1
PUP.Optional.Groovorio.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://groovorio.com/?f=1&a=grv_tuto...2034954236&ir=, Good: (www.google.com), Bad: (http://groovorio.com/?f=1&a=grv_tuto...&ir=),Replaced,[745252710b704bebe1b73289857fa25e]

Folders: 3
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings, Quarantined, [a12505be1c5fd2647113eae3f909a45c],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\SSL, Quarantined, [a12505be1c5fd2647113eae3f909a45c],

Files: 39
PUP.Optional.AdPeak.A, C:\Program Files\005\hzunyanhtn64.exe, Delete-on-Reboot, [43830bb81d5ec1753ee6526613f1cc34],
PUP.Optional.PayByAds.A, C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe, Delete-on-Reboot, [2c9a695a116a4de9deddfbf927ddc43c],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsc9E5C.tmp, Quarantined, [388efec54d2e59ddc1d0b90158ac36ca],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nse1189.tmp, Quarantined, [c204af144f2c73c3a2efc2f8e91bb44c],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsgAD12.tmp, Quarantined, [dbebcff484f781b5fb96f9c15ca805fb],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsm7F5A.tmp, Quarantined, [f6d011b2c4b73bfbcac7b00ac63eea16],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsc9E5C.tmp, Quarantined, [60664b7814672a0cbad7249615ef11ef],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nse1189.tmp, Quarantined, [dee8784b91ea58deeca543774db72bd5],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsgAD12.tmp, Quarantined, [23a36f54b6c50333cdc41e9cb94bd52b],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsm7F5A.tmp, Quarantined, [e1e56f548af1a98d5041536713f1fc04],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsuFC67.tmp, Quarantined, [f8cedce7f18a85b1296804b660a43ec2],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsvEABD.tmp, Quarantined, [b214903359228babbbd6279322e2946c],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsuFC67.tmp, Quarantined, [b0167b48bbc090a6276aecce51b3de22],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsvEABD.tmp, Quarantined, [74520ab99edd51e5b9d8ecceb4504bb5],
PUP.Optional.BubbleDock.A, C:\Users\Samsung\AppData\Local\Temp\682014184631\Uninstall Bubble Dock.exe, Quarantined, [80468a39a2d9c96dbb25d1733dc4dd23],
PUP.Optional.Installcore, C:\Users\Samsung\AppData\Local\Temp\is-PSLC7.tmp\InstallManagerR.exe, Quarantined, [33937e45b8c3f93ddfa4476268997789],
PUP.Optional.Softonic.A, C:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe, Quarantined, [e9dd18abea9103338ddace5c8180a759],
PUP.Optional.OneClickDownloader.A, C:\Users\Samsung\Downloads\The.Wind.Rises.2013.1080p.JPN.BluRay.Remux.AVC.MULTi-WARHD (1).exe, Quarantined, [b80e18ab047749edc399b86426db6f91],
Trojan.Downloader, C:\Users\Samsung\AppData\Local\Microsoft\WinU\~eodpahy.exe, Quarantined, [5a6ce6ddb1ca67cf7f172e1dc04036ca],
PUP.Optional.OnlySearch.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.only-search.com_0.localstorage, Delete-on-Reboot, [16b0a61d66152b0b0d48e2f227db04fc],
PUP.Optional.OnlySearch.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.only-search.com_0.localstorage-journal, Delete-on-Reboot, [43832f94413a66d093c2fed6ad559f61],
PUP.Optional.OnlySearch.A, C:\Users\Samsung\Desktop\Only-search.lnk, Quarantined, [b016853e46351125907ea83212f0956b],
PUP.Optional.BetterDeals.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Delete-on-Reboot, [24a2893aaccf280e84bb8f560cf6cc34],
PUP.Optional.BetterDeals.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Delete-on-Reboot, [a81e2d96bdbe6bcb39068362fc068b75],
PUP.Optional.Superfish.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [20a63e856a11e551db9edb0f08faf907],
PUP.Optional.Superfish.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [b01617ac433877bf84f5e505768cde22],
PUP.Optional.Adpeak.A, C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\etmajyzoqm64.exe, Quarantined, [07bf1ca70d6e4fe7432640995ca6de22],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleCrashHandler.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdate.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdateBroker.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdateHelper.msi, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdateOnDemand.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\goopdate.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\goopdateres_en.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\npGoogleUpdate4.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\psmachine.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\psuser.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.Groovorio.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://groovorio.com/?f=7&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=", "http://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331" ],), Replaced,[f5d14b78a3d848ee6d89df160301e020]
PUP.Optional.Groovorio.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://groovorio.com/?f=1&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=",), Replaced,[3f87b211fa8133036493b540fc0810f0]

Physical Sectors: 0
(No malicious items detected)

(end)

**Juliet** · 2014-08-08, 02:30

OK, good work.

Next
Locate FRST.txt (made the first time you ran Farbar's tool) and delete it and Addition.txt
I want you to make a new scan with Farbar's Recovery Scan Tool

Run FRST
Don´t change the checkboxes just click on Scan.
Logfiles are created on your desktop.
Post the FRST.txt
The first time the tool is run it generates another log Addition.txt
(Please make sure there is a check mark by Addition txt)-
Please also paste that along with the FRST.txt into your reply.

**chelseafan** · 2014-08-08, 02:48

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Samsung (administrator) on SAMSUNG-PC on 08-08-2014 01:44:24
Running from C:\Users\Samsung\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Flux Software LLC) C:\Users\Samsung\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [uTorrent] => C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe [1936720 2014-08-05] (BitTorrent Inc.)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [f.lux] => C:\Users\Samsung\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
ShortcutTarget: TorntvDownloader.lnk -> C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5E886DA294B0CF01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

Chrome:
=======
CHR DefaultSearchKeyword: groovorio.com
CHR DefaultSearchProvider: OnlySearch
CHR DefaultSearchURL: http://www.only-search.com/?babsrc=SP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-05]
CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-05]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-05]
CHR Extension: (Google Search) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-05]
CHR Extension: (Google Wallet) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-05]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-10-28] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [206336 2011-03-02] (SMI)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-08 00:57 - 2014-08-08 01:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 00:55 - 2014-08-08 00:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-08 00:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-08 00:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-08 00:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-08 00:52 - 2014-08-08 00:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-07 23:10 - 2014-08-07 23:10 - 00001184 _____ () C:\Users\Samsung\Desktop\AdwCleaner - Shortcut.lnk
2014-08-07 23:00 - 2014-08-07 23:00 - 00000774 _____ () C:\Users\Samsung\Desktop\JRT.txt
2014-08-07 22:55 - 2014-08-07 22:55 - 01016261 _____ (Thisisu) C:\Users\Samsung\Downloads\JRT.exe
2014-08-07 22:55 - 2014-08-07 22:55 - 00000000 ____D () C:\Windows\ERUNT
2014-08-07 22:50 - 2014-08-07 22:51 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner (1).exe
2014-08-07 22:22 - 2014-08-07 23:13 - 00000000 ____D () C:\AdwCleaner
2014-08-07 22:21 - 2014-08-07 22:22 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner.exe
2014-08-07 22:13 - 2014-08-07 22:34 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\rightbackup
2014-08-06 20:08 - 2014-08-06 20:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SAMSUNG-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-08-06 20:07 - 2014-08-06 20:07 - 00000000 ____D () C:\RegBackup
2014-08-06 20:06 - 2014-08-06 20:06 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-06 20:01 - 2014-08-08 01:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-06 20:01 - 2014-08-06 20:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-06 20:01 - 2014-08-06 20:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-06 20:01 - 2014-08-06 20:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Macromedia
2014-08-06 19:56 - 2014-08-06 19:56 - 00591056 _____ (ClickMeIn Limited) C:\Users\Samsung\AppData\Local\nsz7F39.tmp
2014-08-06 19:52 - 2014-08-06 19:53 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup (1).exe
2014-08-06 19:51 - 2014-08-06 19:51 - 00002720 _____ () C:\Users\Samsung\Desktop\aswMBR.txt
2014-08-06 19:51 - 2014-08-06 19:51 - 00000512 _____ () C:\Users\Samsung\Desktop\MBR.dat
2014-08-06 19:08 - 2014-08-06 19:09 - 00034287 _____ () C:\Users\Samsung\Downloads\Addition.txt
2014-08-06 19:07 - 2014-08-08 01:44 - 00012013 _____ () C:\Users\Samsung\Downloads\FRST.txt
2014-08-06 19:07 - 2014-08-08 01:44 - 00000000 ____D () C:\FRST
2014-08-06 19:05 - 2014-08-06 19:06 - 05185536 _____ (AVAST Software) C:\Users\Samsung\Downloads\aswMBR.exe
2014-08-06 19:00 - 2014-08-06 19:01 - 02094080 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2014-08-06 18:58 - 2014-08-06 18:59 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\rbtemp
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:49 - 2014-08-06 18:49 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-08-06 18:48 - 2014-08-06 18:48 - 00003320 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-08-06 18:48 - 2014-08-06 18:48 - 00003240 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-08-06 18:48 - 2014-08-06 18:48 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-06 18:47 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:43 - 2014-08-06 18:43 - 00009077 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:43 - 2014-08-06 18:43 - 00000374 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Store
2014-08-06 18:42 - 2014-08-08 01:09 - 00000000 ____D () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712
2014-08-06 18:42 - 2014-08-06 18:42 - 00003552 _____ () C:\Windows\System32\Tasks\Only-search
2014-08-06 18:42 - 2014-08-06 18:42 - 00000097 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.boostrap.log
2014-08-06 18:41 - 2014-08-07 22:44 - 00000601 _____ () C:\Users\Samsung\Desktop\Search.lnk
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:40 - 2014-08-08 01:10 - 00000000 ____D () C:\Program Files\005
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\dvdcss
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieUserList
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieSiteList
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Local\FluxSoftware
2014-08-05 21:55 - 2014-08-05 21:55 - 00597304 _____ () C:\Users\Samsung\Downloads\flux-setup.exe
2014-08-05 21:36 - 2014-08-06 08:52 - 00000000 ____D () C:\Users\Samsung\Downloads\Happy Times - Xingfu shiguang
2014-08-05 21:34 - 2014-08-06 12:27 - 00000000 ____D () C:\Users\Samsung\Downloads\The.Lunchbox.2013.720p.BluRay.DTS.x264-PublicHD
2014-08-05 21:33 - 2014-08-05 21:47 - 00000000 ____D () C:\Users\Samsung\Downloads\Studio Ghibli Collection [jap-eng audio] eng-sub [Mkv]
2014-08-05 21:31 - 2014-08-06 16:33 - 00000058 _____ () C:\Users\Samsung\Documents\BETS.txt
2014-08-05 16:12 - 2014-08-06 15:29 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\vlc
2014-08-05 16:12 - 2014-08-05 16:12 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-05 16:09 - 2014-08-05 16:10 - 24743106 _____ () C:\Users\Samsung\Downloads\vlc-2.1.5-win32.exe
2014-08-05 15:50 - 2014-08-05 15:51 - 06740514 _____ ( ) C:\Users\Samsung\Desktop\MKVPlayerSetupD.exe
2014-08-05 12:10 - 2014-08-05 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-05 12:07 - 2014-08-05 19:12 - 00000000 ____D () C:\Users\Samsung\Downloads\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-08-05 12:06 - 2014-08-05 18:11 - 00000000 ____D () C:\Users\Samsung\Downloads\Game Of Thrones Complete Season 1, 2, 3 x264 + Extras Multisubs
2014-08-05 12:06 - 2014-08-05 14:24 - 00000000 ____D () C:\Users\Samsung\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2014-08-05 12:01 - 2014-08-05 12:01 - 00000855 _____ () C:\Users\Samsung\Desktop\µTorrent.lnk
2014-08-05 12:01 - 2014-08-05 12:01 - 00000835 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-05 11:51 - 2014-08-08 01:27 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\uTorrent
2014-08-05 11:50 - 2014-08-05 11:51 - 01936720 _____ (BitTorrent Inc.) C:\Users\Samsung\Downloads\uTorrent.exe
2014-08-05 11:45 - 2014-08-05 11:45 - 00020473 _____ () C:\Users\Samsung\Downloads\MRP August.xlsx
2014-08-05 11:30 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-05 11:27 - 2014-08-05 11:27 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-08-05 11:27 - 2014-08-05 11:27 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-05 11:26 - 2014-08-05 11:27 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-05 11:26 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-05 11:25 - 2014-08-05 11:25 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-05 11:25 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-05 11:25 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-05 11:25 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-05 11:24 - 2014-06-30 03:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-05 11:24 - 2014-06-30 03:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 11:24 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-05 11:24 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-05 11:24 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-05 11:24 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-05 11:24 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-05 11:24 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-05 11:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-05 11:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-05 11:24 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-05 11:24 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-05 11:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-05 11:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-05 11:24 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-05 11:24 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-05 11:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-05 11:24 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-05 11:24 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-05 11:23 - 2014-08-05 11:23 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-05 11:23 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-05 11:23 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-05 11:23 - 2014-06-18 02:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-05 11:23 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-05 11:23 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-05 11:23 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-05 11:23 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-05 11:23 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-05 11:23 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-05 11:23 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-05 11:23 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-05 11:23 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-05 11:23 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-05 11:23 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-05 11:23 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-05 11:23 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-05 11:23 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-05 11:23 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-08-05 11:23 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-08-05 11:23 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-05 11:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-05 11:22 - 2014-06-20 21:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-05 11:22 - 2014-06-20 20:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-05 11:22 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-05 11:22 - 2014-06-19 02:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-05 11:22 - 2014-06-19 02:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-05 11:22 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-05 11:22 - 2014-06-19 01:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-05 11:22 - 2014-06-19 01:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-05 11:22 - 2014-06-19 01:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-05 11:22 - 2014-06-19 01:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-05 11:22 - 2014-06-19 01:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-05 11:22 - 2014-06-19 01:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-05 11:22 - 2014-06-19 01:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-05 11:22 - 2014-06-19 01:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-05 11:22 - 2014-06-19 01:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-05 11:22 - 2014-06-19 01:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-05 11:22 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-05 11:22 - 2014-06-19 01:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-05 11:22 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-05 11:22 - 2014-06-19 00:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-05 11:22 - 2014-06-19 00:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-05 11:22 - 2014-06-19 00:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-05 11:22 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-05 11:22 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-05 11:22 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-05 11:22 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-05 11:22 - 2014-06-19 00:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-05 11:22 - 2014-06-19 00:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-05 11:22 - 2014-06-19 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-05 11:22 - 2014-06-19 00:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-05 11:22 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-05 11:22 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-05 11:22 - 2014-06-19 00:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-05 11:22 - 2014-06-19 00:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-05 11:22 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-05 11:22 - 2014-06-19 00:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-05 11:22 - 2014-06-19 00:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-05 11:22 - 2014-06-19 00:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-05 11:22 - 2014-06-19 00:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-05 11:22 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-05 11:22 - 2014-06-19 00:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-05 11:22 - 2014-06-19 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-05 11:22 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-05 11:22 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-05 11:22 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-05 11:22 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-05 11:22 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-05 11:22 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-05 11:22 - 2014-06-18 23:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-05 11:22 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-05 11:22 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-05 11:22 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-05 11:22 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-05 11:22 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-05 11:22 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-05 11:22 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-05 11:22 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-05 11:22 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-05 11:22 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-05 11:22 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-05 11:22 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-05 11:22 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-05 11:22 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-05 11:22 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-05 11:22 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-05 11:22 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-05 11:22 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-05 11:22 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-05 11:22 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-05 11:22 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-05 11:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-05 11:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-05 11:20 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-05 11:20 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-05 11:20 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-05 11:20 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-05 11:20 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-05 11:20 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-05 11:20 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-05 11:20 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-05 11:20 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-05 11:20 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-05 11:20 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-05 11:16 - 2014-08-05 11:16 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-08-05 11:15 - 2014-08-05 11:16 - 13829304 _____ (Microsoft Corporation) C:\Users\Samsung\Downloads\mseinstall.exe
2014-08-05 11:14 - 2014-08-05 11:15 - 15824384 _____ (LastPass) C:\Users\Samsung\Downloads\lastpass_x64.exe
2014-08-05 11:11 - 2014-08-07 22:17 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 11:11 - 2014-08-05 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 11:09 - 2014-08-08 01:14 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 11:09 - 2014-08-08 01:10 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 11:09 - 2014-08-05 11:11 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Google
2014-08-05 11:09 - 2014-08-05 11:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 11:09 - 2014-08-05 11:09 - 00895120 _____ (Google Inc.) C:\Users\Samsung\Downloads\ChromeSetup.exe
2014-08-05 11:09 - 2014-08-05 11:09 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-05 11:09 - 2014-08-05 11:09 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-05 11:08 - 2014-08-05 11:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Deployment
2014-08-05 11:08 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Apps\2.0
2014-08-04 15:05 - 2014-08-05 11:27 - 00058408 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\system32\NV
2014-08-04 13:57 - 2011-11-30 07:09 - 00001752 _____ () C:\Windows\Sensor.set
2014-08-04 13:57 - 2011-03-02 12:07 - 00206336 _____ (SMI) C:\Windows\system32\Drivers\SMIksdrv.sys
2014-08-04 13:57 - 2011-02-10 06:29 - 00572928 _____ () C:\Windows\system32\SM37XCoInst.dll
2014-08-04 13:57 - 2010-05-05 12:46 - 00317440 _____ () C:\Windows\system32\370prop.ax
2014-08-04 13:57 - 2010-05-05 12:46 - 00258048 _____ () C:\Windows\SysWOW64\370prop.ax
2014-08-04 13:57 - 2010-02-25 12:14 - 00451584 _____ (SiliconMotion Inc.) C:\Windows\system32\370proplib.dll
2014-08-04 13:57 - 2010-02-25 12:14 - 00372736 _____ (SiliconMotion Inc.) C:\Windows\SysWOW64\370proplib.dll
2014-08-04 13:57 - 2008-01-16 10:06 - 02806784 _____ (Silicon Motion Corporation) C:\Windows\system32\Drivers\SMIexp.sys
2014-08-04 13:56 - 2014-08-04 14:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-04 13:56 - 2014-08-04 13:56 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-04 13:56 - 2013-05-29 02:10 - 11524096 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-08-04 13:56 - 2010-08-11 05:11 - 00954368 _____ (SiliconMotion) C:\Windows\SysWOW64\RemoveSM37X.exe
2014-08-04 13:56 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 13:56 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 13:55 - 2014-08-04 13:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-04 13:55 - 2013-11-14 12:58 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-04 13:55 - 2013-11-14 12:58 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-04 13:55 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-08-04 13:55 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 03467927 _____ () C:\Windows\system32\nvcoproc.bin
2014-08-04 13:55 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 01065248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-08-04 13:55 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-04 13:54 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-08-04 13:54 - 2013-11-14 12:58 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Intel
2014-08-04 13:53 - 2013-11-06 20:05 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-08-04 13:53 - 2013-10-31 19:38 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-08-04 13:53 - 2013-10-31 19:28 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-08-04 13:53 - 2013-10-31 19:28 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-08-04 13:53 - 2013-10-31 19:27 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 01981696 _____ () C:\Windows\system32\iglhxa64.cpa
2014-08-04 13:53 - 2013-10-31 19:24 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00001074 _____ () C:\Windows\system32\iglhxa64.vp
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Program Files\Realtek
2014-08-04 13:52 - 2013-12-03 20:29 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-08-04 13:52 - 2013-12-03 16:05 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-08-04 13:52 - 2013-12-03 14:38 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-08-04 13:52 - 2013-12-02 16:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-08-04 13:52 - 2013-11-29 18:59 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-08-04 13:52 - 2013-11-26 17:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-08-04 13:52 - 2013-11-25 15:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-08-04 13:52 - 2013-11-25 15:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-08-04 13:52 - 2013-11-16 00:40 - 05904880 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00515568 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00442352 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00399856 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00254960 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00172016 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-08-04 13:52 - 2013-11-14 15:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-08-04 13:52 - 2013-11-13 18:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-04 13:52 - 2013-11-13 18:41 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-08-04 13:52 - 2013-11-13 18:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-08-04 13:52 - 2013-11-13 18:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-04 13:52 - 2013-10-31 19:30 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-08-04 13:52 - 2013-10-31 19:30 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-08-04 13:52 - 2013-10-31 19:28 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-08-04 13:52 - 2013-10-31 19:28 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-08-04 13:52 - 2013-10-31 19:24 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-08-04 13:52 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-08-04 13:52 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-08-04 13:52 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-04 13:52 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-08-04 13:52 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-08-04 13:52 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-08-04 13:52 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-08-04 13:52 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-08-04 13:52 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-08-04 13:52 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-04 13:52 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-08-04 13:52 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-08-04 13:52 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-08-04 13:52 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-08-04 13:52 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-08-04 13:52 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-08-04 13:52 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-08-04 13:52 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-08-04 13:52 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-08-04 13:52 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-08-04 13:51 - 2013-11-28 05:55 - 00449496 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-08-04 13:51 - 2013-11-26 12:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-08-04 13:51 - 2013-11-26 12:49 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-08-04 13:51 - 2013-11-26 12:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-08-04 13:51 - 2013-10-28 11:15 - 00632168 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2014-08-04 13:51 - 2013-10-28 11:15 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2014-08-04 13:51 - 2013-01-23 15:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-08-04 13:50 - 2011-12-16 14:24 - 00079040 _____ (TOSHIBA CORPORATION) C:\Windows\system32\Drivers\tosrfusb.sys
2014-08-04 13:50 - 2009-06-18 18:42 - 00040832 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\Drivers\TosBtCi.dll
2014-08-04 13:47 - 2014-08-04 13:47 - 00001417 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 13:47 - 2014-08-04 13:47 - 00000020 ___SH () C:\Users\Samsung\ntuser.ini
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Adobe
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung
2014-08-04 13:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 13:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 13:46 - 2014-08-04 13:46 - 00000000 __SHD () C:\Recovery
2014-08-04 13:45 - 2014-08-08 01:09 - 01016716 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-08 01:44 - 2014-08-06 19:07 - 00012013 _____ () C:\Users\Samsung\Downloads\FRST.txt
2014-08-08 01:44 - 2014-08-06 19:07 - 00000000 ____D () C:\FRST
2014-08-08 01:41 - 2014-08-06 20:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-08 01:27 - 2014-08-05 11:51 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\uTorrent
2014-08-08 01:20 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-08 01:20 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-08 01:19 - 2014-08-04 13:45 - 01016716 _____ () C:\Windows\WindowsUpdate.log
2014-08-08 01:14 - 2014-08-05 11:09 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-08 01:11 - 2014-08-08 00:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 01:10 - 2014-08-06 18:40 - 00000000 ____D () C:\Program Files\005
2014-08-08 01:10 - 2014-08-05 11:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-08 01:10 - 2013-12-12 22:56 - 00000000 ____D () C:\Windows\Panther
2014-08-08 01:10 - 2010-11-21 04:47 - 00025556 _____ () C:\Windows\PFRO.log
2014-08-08 01:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-08 01:10 - 2009-07-14 05:51 - 00031172 _____ () C:\Windows\setupact.log
2014-08-08 01:09 - 2014-08-06 18:42 - 00000000 ____D () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712
2014-08-08 00:55 - 2014-08-08 00:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-08 00:53 - 2014-08-08 00:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-07 23:13 - 2014-08-07 22:22 - 00000000 ____D () C:\AdwCleaner
2014-08-07 23:10 - 2014-08-07 23:10 - 00001184 _____ () C:\Users\Samsung\Desktop\AdwCleaner - Shortcut.lnk
2014-08-07 23:00 - 2014-08-07 23:00 - 00000774 _____ () C:\Users\Samsung\Desktop\JRT.txt
2014-08-07 22:55 - 2014-08-07 22:55 - 01016261 _____ (Thisisu) C:\Users\Samsung\Downloads\JRT.exe
2014-08-07 22:55 - 2014-08-07 22:55 - 00000000 ____D () C:\Windows\ERUNT
2014-08-07 22:51 - 2014-08-07 22:50 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner (1).exe
2014-08-07 22:44 - 2014-08-06 18:47 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-07 22:44 - 2014-08-06 18:41 - 00000601 _____ () C:\Users\Samsung\Desktop\Search.lnk
2014-08-07 22:44 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2014-08-07 22:34 - 2014-08-07 22:13 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\rightbackup
2014-08-07 22:22 - 2014-08-07 22:21 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner.exe
2014-08-07 22:17 - 2014-08-05 11:11 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-06 20:08 - 2014-08-06 20:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SAMSUNG-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-08-06 20:07 - 2014-08-06 20:07 - 00000000 ____D () C:\RegBackup
2014-08-06 20:06 - 2014-08-06 20:06 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-06 20:01 - 2014-08-06 20:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-06 20:01 - 2014-08-06 20:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-06 20:01 - 2014-08-06 20:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Macromedia
2014-08-06 19:56 - 2014-08-06 19:56 - 00591056 _____ (ClickMeIn Limited) C:\Users\Samsung\AppData\Local\nsz7F39.tmp
2014-08-06 19:53 - 2014-08-06 19:52 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup (1).exe
2014-08-06 19:51 - 2014-08-06 19:51 - 00002720 _____ () C:\Users\Samsung\Desktop\aswMBR.txt
2014-08-06 19:51 - 2014-08-06 19:51 - 00000512 _____ () C:\Users\Samsung\Desktop\MBR.dat
2014-08-06 19:09 - 2014-08-06 19:08 - 00034287 _____ () C:\Users\Samsung\Downloads\Addition.txt
2014-08-06 19:06 - 2014-08-06 19:05 - 05185536 _____ (AVAST Software) C:\Users\Samsung\Downloads\aswMBR.exe
2014-08-06 19:01 - 2014-08-06 19:00 - 02094080 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2014-08-06 18:59 - 2014-08-06 18:58 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\rbtemp
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:49 - 2014-08-06 18:49 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-08-06 18:48 - 2014-08-06 18:48 - 00003320 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-08-06 18:48 - 2014-08-06 18:48 - 00003240 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-08-06 18:48 - 2014-08-06 18:48 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-06 18:43 - 2014-08-06 18:43 - 00009077 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:43 - 2014-08-06 18:43 - 00000374 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Store
2014-08-06 18:42 - 2014-08-06 18:42 - 00003552 _____ () C:\Windows\System32\Tasks\Only-search
2014-08-06 18:42 - 2014-08-06 18:42 - 00000097 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.boostrap.log
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 16:33 - 2014-08-05 21:31 - 00000058 _____ () C:\Users\Samsung\Documents\BETS.txt
2014-08-06 15:29 - 2014-08-05 16:12 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\vlc
2014-08-06 12:27 - 2014-08-05 21:34 - 00000000 ____D () C:\Users\Samsung\Downloads\The.Lunchbox.2013.720p.BluRay.DTS.x264-PublicHD
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\dvdcss
2014-08-06 08:52 - 2014-08-05 21:36 - 00000000 ____D () C:\Users\Samsung\Downloads\Happy Times - Xingfu shiguang
2014-08-06 01:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieUserList
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieSiteList
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Local\FluxSoftware
2014-08-05 21:55 - 2014-08-05 21:55 - 00597304 _____ () C:\Users\Samsung\Downloads\flux-setup.exe
2014-08-05 21:47 - 2014-08-05 21:33 - 00000000 ____D () C:\Users\Samsung\Downloads\Studio Ghibli Collection [jap-eng audio] eng-sub [Mkv]
2014-08-05 19:12 - 2014-08-05 12:07 - 00000000 ____D () C:\Users\Samsung\Downloads\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-08-05 18:11 - 2014-08-05 12:06 - 00000000 ____D () C:\Users\Samsung\Downloads\Game Of Thrones Complete Season 1, 2, 3 x264 + Extras Multisubs
2014-08-05 16:12 - 2014-08-05 16:12 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-05 16:10 - 2014-08-05 16:09 - 24743106 _____ () C:\Users\Samsung\Downloads\vlc-2.1.5-win32.exe
2014-08-05 15:59 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-05 15:51 - 2014-08-05 15:50 - 06740514 _____ ( ) C:\Users\Samsung\Desktop\MKVPlayerSetupD.exe
2014-08-05 14:24 - 2014-08-05 12:06 - 00000000 ____D () C:\Users\Samsung\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2014-08-05 12:18 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 12:12 - 2009-07-14 05:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-05 12:10 - 2014-08-05 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-05 12:01 - 2014-08-05 12:01 - 00000855 _____ () C:\Users\Samsung\Desktop\µTorrent.lnk
2014-08-05 12:01 - 2014-08-05 12:01 - 00000835 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-05 11:51 - 2014-08-05 11:50 - 01936720 _____ (BitTorrent Inc.) C:\Users\Samsung\Downloads\uTorrent.exe
2014-08-05 11:45 - 2014-08-05 11:45 - 00020473 _____ () C:\Users\Samsung\Downloads\MRP August.xlsx
2014-08-05 11:34 - 2013-12-12 11:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-05 11:31 - 2013-12-12 11:08 - 00765700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-05 11:27 - 2014-08-05 11:27 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-08-05 11:27 - 2014-08-05 11:27 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-05 11:27 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-05 11:27 - 2014-08-04 15:05 - 00058408 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 11:26 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-05 11:25 - 2014-08-05 11:25 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-05 11:23 - 2014-08-05 11:23 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-05 11:16 - 2014-08-05 11:16 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-08-05 11:16 - 2014-08-05 11:15 - 13829304 _____ (Microsoft Corporation) C:\Users\Samsung\Downloads\mseinstall.exe
2014-08-05 11:15 - 2014-08-05 11:14 - 15824384 _____ (LastPass) C:\Users\Samsung\Downloads\lastpass_x64.exe
2014-08-05 11:11 - 2014-08-05 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 11:11 - 2014-08-05 11:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Google
2014-08-05 11:11 - 2014-08-05 11:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 11:09 - 2014-08-05 11:09 - 00895120 _____ (Google Inc.) C:\Users\Samsung\Downloads\ChromeSetup.exe
2014-08-05 11:09 - 2014-08-05 11:09 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-05 11:09 - 2014-08-05 11:09 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-05 11:09 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Deployment
2014-08-05 11:08 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Apps\2.0
2014-08-05 11:03 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-05 10:44 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-04 22:39 - 2009-07-14 06:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\system32\NV
2014-08-04 14:35 - 2014-08-04 13:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\winrm
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\WCN
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\slmgr
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-04 14:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-04 13:56 - 2014-08-04 13:56 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-04 13:56 - 2014-08-04 13:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 13:56 - 2014-08-04 13:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-04 13:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Intel
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Program Files\Realtek
2014-08-04 13:47 - 2014-08-04 13:47 - 00001417 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 13:47 - 2014-08-04 13:47 - 00000020 ___SH () C:\Users\Samsung\ntuser.ini
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Adobe
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung
2014-08-04 13:46 - 2014-08-04 13:46 - 00000000 __SHD () C:\Recovery
2014-08-04 13:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-04 13:43 - 2009-07-14 05:46 - 00003806 _____ () C:\Windows\DtcInstall.log
2014-08-04 13:42 - 2013-12-12 11:58 - 00003652 _____ () C:\Windows\TSSysprep.log
2014-08-04 13:42 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-04 14:21

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Samsung at 2014-08-08 01:47:44
Running from C:\Users\Samsung\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
f.lux (HKCU\...\Flux) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{7E59919F-564E-3FB5-B1FC-884251B18B06}) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (Version: 8.0.58298 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebCam SC-0311139N (HKLM\...\{FD7041D8-C40A-47fb-97FF-ABA9AD0FEB81}) (Version: 5.66.1.0 - Silicon Motion)
WindApp (remove only) (HKCU\...\WindApp) (Version: - Store)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
Task: {406AFAE0-2B4D-4383-B461-1C7FBD44A325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
Task: {6A72BFB3-659D-46FD-9B7C-1B4E68A0D80D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)
Task: {8C2A2370-619C-4B26-99A8-2D37B3C1C2E9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A0E9C08F-D486-4332-B33D-4E85C2B09DD5} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {DD7CDC09-80F3-4109-95B4-1D447719A7EE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E27999E8-82C2-4BBD-A33A-DF6F8E1325A9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {E68C4EC2-F358-4BE1-A969-2FD2FB1EAD80} - System32\Tasks\WIN-statsAdmin => C:\Users\Samsung\AppData\Local\Microsoft\WinU\~tflnaet.exe [2014-07-01] ()
Task: {E9BA53DC-7457-4B1F-84CC-AA8D523080AE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ED691586-E838-46AE-AD91-B65BA97B8282} - System32\Tasks\WIN-statsSystem => C:\Users\Samsung\AppData\Local\Microsoft\WinU\~eodpahy.exe
Task: {EFE6006B-F585-4858-823A-EC177681F73C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FE1D3C38-3772-4C27-9127-370580E31D39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-06] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-04 13:55 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-04 13:52 - 2013-10-31 19:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

Name: Toshiba RFBUS Driver
Description: Toshiba RFBUS Driver
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2014 01:12:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:26 AM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:42:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2014 11:40:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:22:46 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:22:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:13:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:07:53 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:07:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (08/08/2014 01:47:35 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:42:25 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:37:15 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:32:05 AM) (Source: BROWSER) (EventID: 8020) (User: )
Description: The browser was unable to promote itself to master browser. The computer that currently
believes it is the master browser is unknown.

Error: (08/08/2014 01:32:01 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:26:51 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:21:41 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:16:31 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:11:21 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:08:16 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Microsoft Office Sessions:
=========================
Error: (08/08/2014 01:12:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:26 AM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:42:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe

Error: (08/07/2014 11:40:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:22:46 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:22:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:13:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:07:53 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:07:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 6057.55 MB
Available physical RAM: 4364 MB
Total Pagefile: 12113.27 MB
Available Pagefile: 10212.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:366.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 964863EB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

**Juliet** · 2014-08-08, 03:34

These programs need to be uninstalled.
WindApp
uTorrent
Play Now Radio

*********************

The below script will reboot your computer, please don't be alarmed.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

start
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
CHR DefaultSearchKeyword: groovorio.com
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:47 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:40 - 2014-08-08 01:10 - 00000000 ____D () C:\Program Files\005
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe
Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
Reboot:
End

Open FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

*********************

Please Run TFC by OldTimer to clear temporary files:

Download TFC from here http://oldtimer.geekstogo.com/TFC.exe
and save it to your desktop.

Close any open programs and Internet browsers.
Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
Please be patient as clearing out temp files may take a while.
Once it completes you may be prompted to restart your computer, please do so.
Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

*****************

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.

Go here to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activeX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
When the scan completes, press the LIST OF THREATS FOUND button
Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
Include the contents of this report in your next reply.
Press the BACK button.
Press Finish

********************

Please post
Fixlog.txt
Eset log

How is your computer now?

**chelseafan** · 2014-08-08, 10:48

It seems fine now, no pop ups.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-08-2014
Ran by Samsung at 2014-08-08 09:08:59 Run:1
Running from C:\Users\Samsung\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
CHR DefaultSearchKeyword: groovorio.com
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:47 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:40 - 2014-08-08 01:10 - 00000000 ____D () C:\Program Files\005
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe
Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
Reboot:
End
*****************

HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WindApp => value deleted successfully.
"HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6788e91a-1bd4-11e4-a66d-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{6788e91a-1bd4-11e4-a66d-806e6f6e6963}" => Key not found.
C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk => Moved successfully.
"C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
CHR DefaultSearchKeyword: groovorio.com ==> The Chrome "Settings" can be used to fix the entry.
C:\Windows\System32\Tasks\Play Now Radio => Moved successfully.
C:\Program Files (x86)\InfoTrigger => Moved successfully.
"C:\Windows\System32\Tasks\WindApp Update" => File/Directory not found.
C:\Users\Samsung\AppData\Local\onlysearch => Moved successfully.
C:\Program Files\005 => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14349730-2924-4019-B962-0A88BF0EF67D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14349730-2924-4019-B962-0A88BF0EF67D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Play Now Radio not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Play Now Radio" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46648544-2FAE-4CC3-9C56-CB1B52C49B4C}" => Key not found.
C:\Windows\System32\Tasks\WindApp Update not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindApp Update" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61BB6C43-1B5C-4047-8AD4-D9D5C6787351}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61BB6C43-1B5C-4047-8AD4-D9D5C6787351}" => Key deleted successfully.
C:\Windows\System32\Tasks\Only-search => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Only-search" => Key deleted successfully.

The system needed a reboot.

==== End of Fixlog ====

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AdvancedSystemProtector.exe.vir MSIL/AdvancedSystemProtector.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AspManager.exe.vir a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Communication.dll.vir Win32/Systweak.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\filetypehelper.exe.vir a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\scandll.dll.vir a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_gb_91\freeSoftToday_widget.exe.vir a variant of Win32/AdWare.EoRezo.AU application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_gb_91\fst_gb_91.exe.vir a variant of Win32/AdWare.EoRezo.AU application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\InfoTrigger2BHO.dll.vir a variant of Win32/BrowseFox.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\InfoTrigger2Uninstall.exe.vir Win32/BrowseFox.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\updateInfoTrigger2.exe.vir a variant of Win32/BrowseFox.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2BAApp.dll.vir Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\utilInfoTrigger2.exe.vir a variant of Win32/BrowseFox.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\{15ab46c3-b2ad-4db9-9e5c-e0e87bea624c}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\plugins\InfoTrigger2.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\plugins\InfoTrigger2.BrowserAdapterS.dll.vir probably a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\plugins\InfoTrigger2.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir a variant of Win32/SpeedingUpMyPC application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir a variant of Win32/SProtector.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\System Speedup\systweakasp.exe.vir Win32/Systweak.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir Win32/Toolbar.Babylon.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\fst_gb_91\upfst_gb_91.exe.vir a variant of Win32/Adware.EoRezo.AJ application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\fst_gb_91\Download\majfst_gentlegb.exe.vir Win32/AdWare.EoRezo.AW application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\chrmXtn.dll.vir a variant of Win32/Toolbar.Montiera.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\ffxtn.dll.vir a variant of Win32/Toolbar.Montiera.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe.vir a variant of Win32/Toolbar.Montiera.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir Win32/Toolbar.Babylon.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Roaming\VOPackage\runasu.exe.vir a variant of Win32/VOPackage.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\System32\sasnative64.exe.vir Win64/AdvancedSystemProtector.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2.BrowserAdapter.exe a variant of Win32/BrowseFox.I potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2BAApp.dll Win32/BrowseFox.N potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\InfoTrigger\bin\{15ab46c3-b2ad-4db9-9e5c-e0e87bea624c}.dll a variant of Win32/BrowseFox.M potentially unwanted application

**Juliet** · 2014-08-08, 13:14

According to the scan all infections are held in quarantine folders.

Glad the computer is running good again.

Reset browsers

Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
https://support.mozilla.org/en-US/kb...-most-problems
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome
Chrome - Reset browser settings

*****************

Do the above then report back.

We should be ready to remove tools and folders, then I'll post preventive tips.

**chelseafan** · 2014-08-08, 13:34

Great, thanks a lot.

I only use Chrome. How do I uninstall Internet Explorer? I couldn't find it in uninstall a programme.

I've reset Chrome.

**Juliet** · 2014-08-08, 13:56

Originally Posted by chelseafan

Great, thanks a lot.

I only use Chrome. How do I uninstall Internet Explorer? I couldn't find it in uninstall a programme.

I've reset Chrome.

Thats a system tool you really want to leave alone.
When you do Microsoft updates ensure you keep it updated for the latest security patches, in case you should need to use it for different things.

Download Delfix from here
Ensure Remove disinfection tools is ticked
Also tick:
- Create registry backup
- Purge system restore
Click Run

Any other tools and files found can simply be deleted or uninstall via Add/Remove Programs in the Control Panel etc.

~~~~~~~~~~~~~~~~~~~~~`

Your good to go, good job!

Please take the time to read over a few of my preventive tips.

Computer Security
http://malwareremoval.com/forum/view...557960#p557960
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know

CryptoLocker Ransomware Information Guide and FAQ

to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please navigate to Microsoft Windows Updates and download all the "Critical Updates" for Windows.

Firefox 3
The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 3, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

AdblockPlus

AdblockPlus, Surf the web without annoying ads!
Blocks banners, pop-ups and video ads - even on Facebook and YouTube
Protects your online privacy
Two-click installation, It's free!
click the icon that corresponds to your browser and download.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
WOT Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Green should be good to go
Yellow for caution
Red to stop

~~~~~~~~~~~~~~~~~~~~~~~~~~~~
How to prevent Malware: Created by Miekiemoes

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article (http://www.forbes.com/sites/eliseack...-disable-java/
and this article (http://www.nbcnews.com/technology/te...late-1B7938755

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser (http://www.geekstogo.com/2600/how-to...r-web-browser/) and How to unplug Java from the browser (http://krebsonsecurity.com/how-to-un...m-the-browser/))

Avoid P2P

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.
- FBI Cyber Education Letter
  USAToday
  infoworld
*********************************************
Please read the following safe computing articles..

Secure My Computer: A Layered Approach

Free Antivirus-AntiSpyware-Firewall Software[/*]

Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

It is possible for other programs on your computer to have security vulnerability that can allow malware to infect you.
Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
You can check these by visiting Secunia Software Inspector or you can use the following application for this purpose PatchMyPC

**chelseafan** · 2014-08-08, 14:21

Awesome. Thanks for your help

**Juliet** · 2014-08-08, 14:39

Glad we could help.

Since this issue appears resolved ... this Topic is closed.

Thread: Downloaded virus, pop ups, redirect etc

Thread Tools

Display

Posting Permissions