PDA

View Full Version : Downloaded virus, pop ups, redirect etc



chelseafan
2014-08-07, 10:25
I downloaded a virus. Here are my log files. Thanks.

Random files appearing on my desktop. 'open-so

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Samsung (administrator) on SAMSUNG-PC on 06-08-2014 19:07:53
Running from C:\Users\Samsung\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BitTorrent Inc.) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe
(Flux Software LLC) C:\Users\Samsung\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files\005\hzunyanhtn64.exe
(Pay By Ads LTD) C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
() C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\etmajyzoqm64.exe
( ) C:\Users\Samsung\AppData\Roaming\VOPackage\VOPackage.exe
() C:\Users\Samsung\AppData\Roaming\VOPackage\VOsrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\fst_gb_91\fst_gb_91.exe
() C:\Users\Samsung\AppData\Local\fst_gb_91\upfst_gb_91.exe
() C:\Program Files (x86)\InfoTrigger\updateInfoTrigger2.exe
(Systweak) C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe
(Systweak) C:\Program Files (x86)\Right Backup\RBClientService.exe
(Systweak) C:\Program Files (x86)\Right Backup\RightBackup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [fst_gb_91] => C:\Program Files (x86)\fst_gb_91\fst_gb_91.exe [3977696 2014-08-05] ()
HKLM-x32\...\RunOnce: [VOPackage] => C:\Users\Samsung\AppData\Roaming\VOPackage\VOPackage.exe [290388 2014-07-31] ( )
HKLM-x32\...\RunOnce: [upfst_gb_91.exe] => C:\Users\Samsung\AppData\Local\fst_gb_91\upfst_gb_91.exe [3305952 2014-08-05] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [uTorrent] => C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe [1936720 2014-08-05] (BitTorrent Inc.)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [f.lux] => C:\Users\Samsung\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [Torntv Downloader] => C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [onlysearch] => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe [535984 2014-08-06] (Pay By Ads LTD)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [146888 2014-07-29] (PC Utilities Software Limited)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [playnowradio] => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe [382976 2014-02-03] (Pay By Ads LTD)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
ShortcutTarget: TorntvDownloader.lnk -> C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5E886DA294B0CF01
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5667B8030526A2C3&affID=129300&tsp=5331
SearchScopes: HKCU - {64893FA7-B5C4-4A58-BEFD-8303A8BA2728} URL = http://www.only-search.com/?babsrc=SP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331&q={searchTerms}&r=382
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: InfoTrigger -> {93cd09ae-8875-4d49-8af8-b1b2e7522c76} -> C:\Program Files (x86)\InfoTrigger\InfoTrigger2bho.dll (InfoTrigger)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

Chrome:
=======
CHR HomePage: hxxp://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331
CHR StartupUrls: "hxxp://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331"
CHR DefaultSearchKeyword: only-search.com
CHR DefaultSearchProvider: OnlySearch
CHR DefaultSearchURL: http://www.only-search.com/?babsrc=SP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-05]
CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-05]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-05]
CHR Extension: (Google Search) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-05]
CHR Extension: (Google Wallet) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3475912 2014-08-06] ()
R2 AllDaySavingsService64; C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 hzunyanhtn64; C:\Program Files\005\hzunyanhtn64.exe [709120 2014-08-06] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 RBClientService; C:\Program Files (x86)\Right Backup\RBClientService.exe [48240 2014-07-11] (Systweak)
R2 servervo; C:\Users\Samsung\AppData\Roaming\VOPackage\VOsrv.exe [73728 2014-08-06] () [File not signed]
R2 Update InfoTrigger; C:\Program Files (x86)\InfoTrigger\updateInfoTrigger2.exe [323368 2014-08-06] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-10-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-31] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [206336 2011-03-02] (SMI)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-06 19:07 - 2014-08-06 19:08 - 00012614 _____ () C:\Users\Samsung\Downloads\FRST.txt
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\FRST
2014-08-06 19:05 - 2014-08-06 19:06 - 05185536 _____ (AVAST Software) C:\Users\Samsung\Downloads\aswMBR.exe
2014-08-06 19:00 - 2014-08-06 19:01 - 02094080 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2014-08-06 18:58 - 2014-08-06 18:59 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-06 18:55 - 2014-08-06 18:55 - 00001099 _____ () C:\Users\Samsung\Desktop\Continue Live Installation.lnk
2014-08-06 18:50 - 2014-08-06 18:50 - 00003068 _____ () C:\Windows\System32\Tasks\Right Backup_startup
2014-08-06 18:50 - 2014-08-06 18:50 - 00001054 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\rbtemp
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\Program Files (x86)\Right Backup
2014-08-06 18:49 - 2014-08-06 18:50 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\systweak
2014-08-06 18:49 - 2014-08-06 18:50 - 00000000 ____D () C:\ProgramData\Systweak
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:49 - 2014-08-06 18:49 - 00003336 _____ () C:\Windows\System32\Tasks\ASP
2014-08-06 18:49 - 2014-08-06 18:49 - 00003076 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-08-06 18:49 - 2014-08-06 18:49 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-08-06 18:49 - 2014-08-06 18:49 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-08-06 18:49 - 2014-08-06 18:49 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-08-06 18:49 - 2014-08-06 18:49 - 00001045 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-08-06 18:49 - 2014-08-06 18:49 - 00000296 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-08-06 18:49 - 2014-08-06 18:49 - 00000288 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-08-06 18:49 - 2014-08-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-08-06 18:49 - 2014-08-06 18:49 - 00000000 ____D () C:\Program Files (x86)\ASP
2014-08-06 18:49 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-08-06 18:48 - 2014-08-06 18:50 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\System Speedup
2014-08-06 18:48 - 2014-08-06 18:48 - 00003320 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-08-06 18:48 - 2014-08-06 18:48 - 00003240 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-08-06 18:48 - 2014-08-06 18:48 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-06 18:48 - 2014-08-06 18:48 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-08-06 18:48 - 2014-08-06 18:48 - 00000000 ____D () C:\Users\Samsung\AppData\Local\playnowradio
2014-08-06 18:48 - 2014-08-06 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-08-06 18:48 - 2014-08-06 18:48 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-08-06 18:48 - 2014-07-17 18:49 - 00020328 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-08-06 18:47 - 2014-08-06 18:50 - 00000000 ____D () C:\Users\Samsung\AppData\Local\fst_gb_91
2014-08-06 18:47 - 2014-08-06 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-06 18:47 - 2014-08-06 18:47 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:47 - 2014-08-06 18:47 - 00000000 ____D () C:\Program Files (x86)\fst_gb_91
2014-08-06 18:46 - 2014-08-06 18:46 - 00003256 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2014-08-06 18:46 - 2014-08-06 18:46 - 00001066 _____ () C:\Users\Samsung\Desktop\Optimizer Pro.lnk
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\Users\Samsung\Documents\Optimizer Pro
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Optimizer Pro
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-08-06 18:44 - 2014-08-06 18:44 - 00000004 _____ () C:\end
2014-08-06 18:44 - 2014-08-06 18:44 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\VOPackage
2014-08-06 18:44 - 2014-08-06 18:44 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-06 18:43 - 2014-08-06 18:49 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Nosibay
2014-08-06 18:43 - 2014-08-06 18:43 - 00009077 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:43 - 2014-08-06 18:43 - 00000374 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Store
2014-08-06 18:42 - 2014-08-06 18:55 - 00000000 ____D () C:\Program Files\AllDaySavings
2014-08-06 18:42 - 2014-08-06 18:43 - 00001294 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.boostrap.log
2014-08-06 18:42 - 2014-08-06 18:43 - 00000000 ____D () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712
2014-08-06 18:42 - 2014-08-06 18:42 - 00003552 _____ () C:\Windows\System32\Tasks\Only-search
2014-08-06 18:42 - 2014-08-06 18:42 - 00003400 _____ () C:\Windows\System32\Tasks\EPUpdater
2014-08-06 18:42 - 2014-08-06 18:42 - 00001426 _____ () C:\Users\Samsung\Desktop\Only-search.lnk
2014-08-06 18:42 - 2014-08-06 18:42 - 00000097 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.boostrap.log
2014-08-06 18:42 - 2014-08-06 18:42 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BabSolution
2014-08-06 18:41 - 2014-08-06 18:41 - 00001852 _____ () C:\Users\Samsung\Desktop\Search.lnk
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-08-06 18:40 - 2014-08-06 18:41 - 00000000 ____D () C:\Program Files\005
2014-08-06 18:39 - 2014-08-06 18:44 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-06 18:39 - 2014-08-06 18:39 - 00000000 ____D () C:\Users\Samsung\AppData\Local\globalUpdate
2014-08-06 18:36 - 2014-08-06 18:36 - 00369720 _____ () C:\Users\Samsung\Downloads\The.Wind.Rises.2013.1080p.JPN.BluRay.Remux.AVC.MULTi-WARHD (1).exe
2014-08-06 18:34 - 2014-08-06 18:34 - 00369720 _____ () C:\Users\Samsung\Downloads\The.Wind.Rises.2013.1080p.JPN.BluRay.Remux.AVC.MULTi-WARHD.exe
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\dvdcss
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieUserList
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieSiteList
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Local\FluxSoftware
2014-08-05 21:55 - 2014-08-05 21:55 - 00597304 _____ () C:\Users\Samsung\Downloads\flux-setup.exe
2014-08-05 21:36 - 2014-08-06 08:52 - 00000000 ____D () C:\Users\Samsung\Downloads\Happy Times - Xingfu shiguang
2014-08-05 21:34 - 2014-08-06 12:27 - 00000000 ____D () C:\Users\Samsung\Downloads\The.Lunchbox.2013.720p.BluRay.DTS.x264-PublicHD
2014-08-05 21:33 - 2014-08-05 21:47 - 00000000 ____D () C:\Users\Samsung\Downloads\Studio Ghibli Collection [jap-eng audio] eng-sub [Mkv]
2014-08-05 21:31 - 2014-08-06 16:33 - 00000058 _____ () C:\Users\Samsung\Documents\BETS.txt
2014-08-05 16:12 - 2014-08-06 15:29 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\vlc
2014-08-05 16:12 - 2014-08-05 16:12 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-05 16:09 - 2014-08-05 16:10 - 24743106 _____ () C:\Users\Samsung\Downloads\vlc-2.1.5-win32.exe
2014-08-05 16:03 - 2014-07-14 18:44 - 00972056 _____ (TMRG, Inc.) C:\Windows\system32\rlls64.dll
2014-08-05 16:03 - 2014-07-14 18:44 - 00661784 _____ (TMRG, Inc.) C:\Windows\SysWOW64\rlls.dll
2014-08-05 15:52 - 2014-08-05 22:18 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-08-05 15:50 - 2014-08-05 15:51 - 06740514 _____ ( ) C:\Users\Samsung\Desktop\MKVPlayerSetupD.exe
2014-08-05 15:49 - 2014-08-05 15:49 - 00366920 _____ (Softonic) C:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe
2014-08-05 12:10 - 2014-08-05 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-05 12:07 - 2014-08-05 19:12 - 00000000 ____D () C:\Users\Samsung\Downloads\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-08-05 12:06 - 2014-08-05 18:11 - 00000000 ____D () C:\Users\Samsung\Downloads\Game Of Thrones Complete Season 1, 2, 3 x264 + Extras Multisubs
2014-08-05 12:06 - 2014-08-05 14:24 - 00000000 ____D () C:\Users\Samsung\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2014-08-05 12:01 - 2014-08-05 12:01 - 00000855 _____ () C:\Users\Samsung\Desktop\µTorrent.lnk
2014-08-05 12:01 - 2014-08-05 12:01 - 00000835 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-05 11:51 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\uTorrent
2014-08-05 11:50 - 2014-08-05 11:51 - 01936720 _____ (BitTorrent Inc.) C:\Users\Samsung\Downloads\uTorrent.exe
2014-08-05 11:45 - 2014-08-05 11:45 - 00020473 _____ () C:\Users\Samsung\Downloads\MRP August.xlsx
2014-08-05 11:30 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-05 11:27 - 2014-08-05 11:27 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-08-05 11:27 - 2014-08-05 11:27 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-05 11:26 - 2014-08-05 11:27 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-05 11:26 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-05 11:25 - 2014-08-05 11:25 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-05 11:25 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-05 11:25 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-05 11:25 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-05 11:24 - 2014-06-30 03:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-05 11:24 - 2014-06-30 03:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 11:24 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-05 11:24 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-05 11:24 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-05 11:24 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-05 11:24 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-05 11:24 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-05 11:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-05 11:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-05 11:24 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-05 11:24 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-05 11:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-05 11:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-05 11:24 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-05 11:24 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-05 11:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-05 11:24 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-05 11:24 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-05 11:23 - 2014-08-05 11:23 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-05 11:23 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-05 11:23 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-05 11:23 - 2014-06-18 02:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-05 11:23 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-05 11:23 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-05 11:23 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-05 11:23 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-05 11:23 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-05 11:23 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-05 11:23 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-05 11:23 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-05 11:23 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-05 11:23 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-05 11:23 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-05 11:23 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-05 11:23 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-05 11:23 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-05 11:23 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-08-05 11:23 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-08-05 11:23 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-05 11:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-05 11:22 - 2014-06-20 21:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-05 11:22 - 2014-06-20 20:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-05 11:22 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-05 11:22 - 2014-06-19 02:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-05 11:22 - 2014-06-19 02:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-05 11:22 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-05 11:22 - 2014-06-19 01:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-05 11:22 - 2014-06-19 01:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-05 11:22 - 2014-06-19 01:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-05 11:22 - 2014-06-19 01:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-05 11:22 - 2014-06-19 01:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-05 11:22 - 2014-06-19 01:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-05 11:22 - 2014-06-19 01:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-05 11:22 - 2014-06-19 01:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-05 11:22 - 2014-06-19 01:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-05 11:22 - 2014-06-19 01:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-05 11:22 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-05 11:22 - 2014-06-19 01:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-05 11:22 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-05 11:22 - 2014-06-19 00:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-05 11:22 - 2014-06-19 00:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-05 11:22 - 2014-06-19 00:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-05 11:22 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-05 11:22 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-05 11:22 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-05 11:22 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-05 11:22 - 2014-06-19 00:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-05 11:22 - 2014-06-19 00:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-05 11:22 - 2014-06-19 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-05 11:22 - 2014-06-19 00:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-05 11:22 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-05 11:22 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-05 11:22 - 2014-06-19 00:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-05 11:22 - 2014-06-19 00:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-05 11:22 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-05 11:22 - 2014-06-19 00:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-05 11:22 - 2014-06-19 00:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-05 11:22 - 2014-06-19 00:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-05 11:22 - 2014-06-19 00:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-05 11:22 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-05 11:22 - 2014-06-19 00:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-05 11:22 - 2014-06-19 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-05 11:22 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-05 11:22 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-05 11:22 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-05 11:22 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-05 11:22 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-05 11:22 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-05 11:22 - 2014-06-18 23:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-05 11:22 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-05 11:22 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-05 11:22 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-05 11:22 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-05 11:22 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-05 11:22 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-05 11:22 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-05 11:22 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-05 11:22 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-05 11:22 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-05 11:22 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-05 11:22 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-05 11:22 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-05 11:22 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-05 11:22 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-05 11:22 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-05 11:22 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-05 11:22 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-05 11:22 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-05 11:22 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-05 11:22 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-05 11:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-05 11:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-05 11:20 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-05 11:20 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-05 11:20 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-05 11:20 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-05 11:20 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-05 11:20 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-05 11:20 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-05 11:20 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-05 11:20 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-05 11:20 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-05 11:20 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-05 11:16 - 2014-08-05 11:16 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-08-05 11:15 - 2014-08-05 11:16 - 13829304 _____ (Microsoft Corporation) C:\Users\Samsung\Downloads\mseinstall.exe
2014-08-05 11:14 - 2014-08-05 11:15 - 15824384 _____ (LastPass) C:\Users\Samsung\Downloads\lastpass_x64.exe
2014-08-05 11:11 - 2014-08-05 11:11 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 11:11 - 2014-08-05 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 11:09 - 2014-08-06 18:14 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 11:09 - 2014-08-06 11:14 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 11:09 - 2014-08-05 11:11 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Google
2014-08-05 11:09 - 2014-08-05 11:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 11:09 - 2014-08-05 11:09 - 00895120 _____ (Google Inc.) C:\Users\Samsung\Downloads\ChromeSetup.exe
2014-08-05 11:09 - 2014-08-05 11:09 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-05 11:09 - 2014-08-05 11:09 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-05 11:08 - 2014-08-05 11:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Deployment
2014-08-05 11:08 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Apps\2.0
2014-08-04 15:05 - 2014-08-05 11:27 - 00058408 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\system32\NV
2014-08-04 13:57 - 2011-11-30 07:09 - 00001752 _____ () C:\Windows\Sensor.set
2014-08-04 13:57 - 2011-03-02 12:07 - 00206336 _____ (SMI) C:\Windows\system32\Drivers\SMIksdrv.sys
2014-08-04 13:57 - 2011-02-10 06:29 - 00572928 _____ () C:\Windows\system32\SM37XCoInst.dll
2014-08-04 13:57 - 2010-05-05 12:46 - 00317440 _____ () C:\Windows\system32\370prop.ax
2014-08-04 13:57 - 2010-05-05 12:46 - 00258048 _____ () C:\Windows\SysWOW64\370prop.ax
2014-08-04 13:57 - 2010-02-25 12:14 - 00451584 _____ (SiliconMotion Inc.) C:\Windows\system32\370proplib.dll
2014-08-04 13:57 - 2010-02-25 12:14 - 00372736 _____ (SiliconMotion Inc.) C:\Windows\SysWOW64\370proplib.dll
2014-08-04 13:57 - 2008-01-16 10:06 - 02806784 _____ (Silicon Motion Corporation) C:\Windows\system32\Drivers\SMIexp.sys
2014-08-04 13:56 - 2014-08-04 14:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-04 13:56 - 2014-08-04 13:56 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-04 13:56 - 2013-05-29 02:10 - 11524096 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-08-04 13:56 - 2010-08-11 05:11 - 00954368 _____ (SiliconMotion) C:\Windows\SysWOW64\RemoveSM37X.exe
2014-08-04 13:56 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 13:56 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 13:55 - 2014-08-04 13:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-04 13:55 - 2013-11-14 12:58 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-04 13:55 - 2013-11-14 12:58 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-04 13:55 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-08-04 13:55 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 03467927 _____ () C:\Windows\system32\nvcoproc.bin
2014-08-04 13:55 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 01065248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-08-04 13:55 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-04 13:54 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-08-04 13:54 - 2013-11-14 12:58 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Intel
2014-08-04 13:53 - 2013-11-06 20:05 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-08-04 13:53 - 2013-10-31 19:38 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-08-04 13:53 - 2013-10-31 19:28 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-08-04 13:53 - 2013-10-31 19:28 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-08-04 13:53 - 2013-10-31 19:27 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 01981696 _____ () C:\Windows\system32\iglhxa64.cpa
2014-08-04 13:53 - 2013-10-31 19:24 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00001074 _____ () C:\Windows\system32\iglhxa64.vp
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Program Files\Realtek
2014-08-04 13:52 - 2013-12-03 20:29 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-08-04 13:52 - 2013-12-03 16:05 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-08-04 13:52 - 2013-12-03 14:38 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-08-04 13:52 - 2013-12-02 16:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-08-04 13:52 - 2013-11-29 18:59 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-08-04 13:52 - 2013-11-26 17:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-08-04 13:52 - 2013-11-25 15:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-08-04 13:52 - 2013-11-25 15:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-08-04 13:52 - 2013-11-16 00:40 - 05904880 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00515568 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00442352 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00399856 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00254960 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00172016 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-08-04 13:52 - 2013-11-14 15:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-08-04 13:52 - 2013-11-13 18:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-04 13:52 - 2013-11-13 18:41 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-08-04 13:52 - 2013-11-13 18:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-08-04 13:52 - 2013-11-13 18:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-04 13:52 - 2013-10-31 19:30 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-08-04 13:52 - 2013-10-31 19:30 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-08-04 13:52 - 2013-10-31 19:28 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-08-04 13:52 - 2013-10-31 19:28 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-08-04 13:52 - 2013-10-31 19:24 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-08-04 13:52 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-08-04 13:52 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-08-04 13:52 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-04 13:52 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-08-04 13:52 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-08-04 13:52 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-08-04 13:52 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-08-04 13:52 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-08-04 13:52 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-08-04 13:52 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-04 13:52 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-08-04 13:52 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-08-04 13:52 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-08-04 13:52 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-08-04 13:52 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-08-04 13:52 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-08-04 13:52 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-08-04 13:52 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-08-04 13:52 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-08-04 13:52 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-08-04 13:51 - 2013-11-28 05:55 - 00449496 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-08-04 13:51 - 2013-11-26 12:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-08-04 13:51 - 2013-11-26 12:49 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-08-04 13:51 - 2013-11-26 12:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-08-04 13:51 - 2013-10-28 11:15 - 00632168 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2014-08-04 13:51 - 2013-10-28 11:15 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2014-08-04 13:51 - 2013-01-23 15:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-08-04 13:50 - 2011-12-16 14:24 - 00079040 _____ (TOSHIBA CORPORATION) C:\Windows\system32\Drivers\tosrfusb.sys
2014-08-04 13:50 - 2009-06-18 18:42 - 00040832 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\Drivers\TosBtCi.dll
2014-08-04 13:47 - 2014-08-04 13:47 - 00001417 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 13:47 - 2014-08-04 13:47 - 00000020 ___SH () C:\Users\Samsung\ntuser.ini
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Adobe
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung
2014-08-04 13:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 13:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 13:46 - 2014-08-04 13:46 - 00000000 __SHD () C:\Recovery
2014-08-04 13:45 - 2014-08-06 16:55 - 00944479 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 21:20 - 2014-07-31 21:20 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-06 19:08 - 2014-08-06 19:07 - 00012614 _____ () C:\Users\Samsung\Downloads\FRST.txt
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\FRST
2014-08-06 19:07 - 2014-08-05 11:51 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\uTorrent
2014-08-06 19:06 - 2014-08-06 19:05 - 05185536 _____ (AVAST Software) C:\Users\Samsung\Downloads\aswMBR.exe
2014-08-06 19:01 - 2014-08-06 19:00 - 02094080 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2014-08-06 18:59 - 2014-08-06 18:58 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-06 18:55 - 2014-08-06 18:55 - 00001099 _____ () C:\Users\Samsung\Desktop\Continue Live Installation.lnk
2014-08-06 18:55 - 2014-08-06 18:42 - 00000000 ____D () C:\Program Files\AllDaySavings
2014-08-06 18:50 - 2014-08-06 18:50 - 00003068 _____ () C:\Windows\System32\Tasks\Right Backup_startup
2014-08-06 18:50 - 2014-08-06 18:50 - 00001054 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\rbtemp
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\Program Files (x86)\Right Backup
2014-08-06 18:50 - 2014-08-06 18:49 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\systweak
2014-08-06 18:50 - 2014-08-06 18:49 - 00000000 ____D () C:\ProgramData\Systweak
2014-08-06 18:50 - 2014-08-06 18:48 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\System Speedup
2014-08-06 18:50 - 2014-08-06 18:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\fst_gb_91
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:49 - 2014-08-06 18:49 - 00003336 _____ () C:\Windows\System32\Tasks\ASP
2014-08-06 18:49 - 2014-08-06 18:49 - 00003076 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-08-06 18:49 - 2014-08-06 18:49 - 00003046 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-08-06 18:49 - 2014-08-06 18:49 - 00002890 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-08-06 18:49 - 2014-08-06 18:49 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-08-06 18:49 - 2014-08-06 18:49 - 00001045 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-08-06 18:49 - 2014-08-06 18:49 - 00000296 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-08-06 18:49 - 2014-08-06 18:49 - 00000288 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-08-06 18:49 - 2014-08-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-08-06 18:49 - 2014-08-06 18:49 - 00000000 ____D () C:\Program Files (x86)\ASP
2014-08-06 18:49 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Nosibay
2014-08-06 18:48 - 2014-08-06 18:48 - 00003320 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-08-06 18:48 - 2014-08-06 18:48 - 00003240 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-08-06 18:48 - 2014-08-06 18:48 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-06 18:48 - 2014-08-06 18:48 - 00001078 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-08-06 18:48 - 2014-08-06 18:48 - 00000000 ____D () C:\Users\Samsung\AppData\Local\playnowradio
2014-08-06 18:48 - 2014-08-06 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-08-06 18:48 - 2014-08-06 18:48 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-08-06 18:47 - 2014-08-06 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-06 18:47 - 2014-08-06 18:47 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:47 - 2014-08-06 18:47 - 00000000 ____D () C:\Program Files (x86)\fst_gb_91
2014-08-06 18:46 - 2014-08-06 18:46 - 00003256 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2014-08-06 18:46 - 2014-08-06 18:46 - 00001066 _____ () C:\Users\Samsung\Desktop\Optimizer Pro.lnk
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\Users\Samsung\Documents\Optimizer Pro
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Optimizer Pro
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-08-06 18:46 - 2014-08-06 18:46 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-08-06 18:44 - 2014-08-06 18:44 - 00000004 _____ () C:\end
2014-08-06 18:44 - 2014-08-06 18:44 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\VOPackage
2014-08-06 18:44 - 2014-08-06 18:44 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-06 18:44 - 2014-08-06 18:39 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-06 18:43 - 2014-08-06 18:43 - 00009077 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:43 - 2014-08-06 18:43 - 00000374 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Store
2014-08-06 18:43 - 2014-08-06 18:42 - 00001294 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.boostrap.log
2014-08-06 18:43 - 2014-08-06 18:42 - 00000000 ____D () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712
2014-08-06 18:42 - 2014-08-06 18:42 - 00003552 _____ () C:\Windows\System32\Tasks\Only-search
2014-08-06 18:42 - 2014-08-06 18:42 - 00003400 _____ () C:\Windows\System32\Tasks\EPUpdater
2014-08-06 18:42 - 2014-08-06 18:42 - 00001426 _____ () C:\Users\Samsung\Desktop\Only-search.lnk
2014-08-06 18:42 - 2014-08-06 18:42 - 00000097 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.boostrap.log
2014-08-06 18:42 - 2014-08-06 18:42 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BabSolution
2014-08-06 18:41 - 2014-08-06 18:41 - 00001852 _____ () C:\Users\Samsung\Desktop\Search.lnk
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-08-06 18:41 - 2014-08-06 18:40 - 00000000 ____D () C:\Program Files\005
2014-08-06 18:39 - 2014-08-06 18:39 - 00000000 ____D () C:\Users\Samsung\AppData\Local\globalUpdate
2014-08-06 18:36 - 2014-08-06 18:36 - 00369720 _____ () C:\Users\Samsung\Downloads\The.Wind.Rises.2013.1080p.JPN.BluRay.Remux.AVC.MULTi-WARHD (1).exe
2014-08-06 18:34 - 2014-08-06 18:34 - 00369720 _____ () C:\Users\Samsung\Downloads\The.Wind.Rises.2013.1080p.JPN.BluRay.Remux.AVC.MULTi-WARHD.exe
2014-08-06 18:14 - 2014-08-05 11:09 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-06 17:00 - 2009-07-14 05:51 - 00030892 _____ () C:\Windows\setupact.log
2014-08-06 16:55 - 2014-08-04 13:45 - 00944479 _____ () C:\Windows\WindowsUpdate.log
2014-08-06 16:33 - 2014-08-05 21:31 - 00000058 _____ () C:\Users\Samsung\Documents\BETS.txt
2014-08-06 15:29 - 2014-08-05 16:12 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\vlc
2014-08-06 12:27 - 2014-08-05 21:34 - 00000000 ____D () C:\Users\Samsung\Downloads\The.Lunchbox.2013.720p.BluRay.DTS.x264-PublicHD
2014-08-06 11:14 - 2014-08-05 11:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\dvdcss
2014-08-06 08:52 - 2014-08-05 21:36 - 00000000 ____D () C:\Users\Samsung\Downloads\Happy Times - Xingfu shiguang
2014-08-06 01:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-05 22:18 - 2014-08-05 15:52 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieUserList
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieSiteList
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Local\FluxSoftware
2014-08-05 21:55 - 2014-08-05 21:55 - 00597304 _____ () C:\Users\Samsung\Downloads\flux-setup.exe
2014-08-05 21:47 - 2014-08-05 21:33 - 00000000 ____D () C:\Users\Samsung\Downloads\Studio Ghibli Collection [jap-eng audio] eng-sub [Mkv]
2014-08-05 21:02 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-05 21:02 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-05 20:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-05 19:12 - 2014-08-05 12:07 - 00000000 ____D () C:\Users\Samsung\Downloads\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-08-05 18:11 - 2014-08-05 12:06 - 00000000 ____D () C:\Users\Samsung\Downloads\Game Of Thrones Complete Season 1, 2, 3 x264 + Extras Multisubs
2014-08-05 16:12 - 2014-08-05 16:12 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-05 16:10 - 2014-08-05 16:09 - 24743106 _____ () C:\Users\Samsung\Downloads\vlc-2.1.5-win32.exe
2014-08-05 15:59 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-05 15:59 - 2010-11-21 04:47 - 00011068 _____ () C:\Windows\PFRO.log
2014-08-05 15:51 - 2014-08-05 15:50 - 06740514 _____ ( ) C:\Users\Samsung\Desktop\MKVPlayerSetupD.exe
2014-08-05 15:49 - 2014-08-05 15:49 - 00366920 _____ (Softonic) C:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe
2014-08-05 14:24 - 2014-08-05 12:06 - 00000000 ____D () C:\Users\Samsung\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2014-08-05 12:18 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 12:12 - 2009-07-14 05:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-05 12:10 - 2014-08-05 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-05 12:01 - 2014-08-05 12:01 - 00000855 _____ () C:\Users\Samsung\Desktop\µTorrent.lnk
2014-08-05 12:01 - 2014-08-05 12:01 - 00000835 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-05 11:51 - 2014-08-05 11:50 - 01936720 _____ (BitTorrent Inc.) C:\Users\Samsung\Downloads\uTorrent.exe
2014-08-05 11:45 - 2014-08-05 11:45 - 00020473 _____ () C:\Users\Samsung\Downloads\MRP August.xlsx
2014-08-05 11:34 - 2013-12-12 11:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-05 11:31 - 2013-12-12 11:08 - 00765700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-05 11:27 - 2014-08-05 11:27 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-08-05 11:27 - 2014-08-05 11:27 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-05 11:27 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-05 11:27 - 2014-08-04 15:05 - 00058408 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 11:26 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-05 11:25 - 2014-08-05 11:25 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-05 11:23 - 2014-08-05 11:23 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-05 11:16 - 2014-08-05 11:16 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-08-05 11:16 - 2014-08-05 11:15 - 13829304 _____ (Microsoft Corporation) C:\Users\Samsung\Downloads\mseinstall.exe
2014-08-05 11:15 - 2014-08-05 11:14 - 15824384 _____ (LastPass) C:\Users\Samsung\Downloads\lastpass_x64.exe
2014-08-05 11:11 - 2014-08-05 11:11 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 11:11 - 2014-08-05 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 11:11 - 2014-08-05 11:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Google
2014-08-05 11:11 - 2014-08-05 11:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 11:09 - 2014-08-05 11:09 - 00895120 _____ (Google Inc.) C:\Users\Samsung\Downloads\ChromeSetup.exe
2014-08-05 11:09 - 2014-08-05 11:09 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-05 11:09 - 2014-08-05 11:09 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-05 11:09 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Deployment
2014-08-05 11:08 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Apps\2.0
2014-08-05 11:03 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-05 10:44 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-04 22:39 - 2009-07-14 06:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\system32\NV
2014-08-04 14:35 - 2014-08-04 13:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\winrm
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\WCN
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\slmgr
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-04 14:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-04 13:56 - 2014-08-04 13:56 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-04 13:56 - 2014-08-04 13:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 13:56 - 2014-08-04 13:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-04 13:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Intel
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Program Files\Realtek
2014-08-04 13:47 - 2014-08-04 13:47 - 00001417 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 13:47 - 2014-08-04 13:47 - 00000020 ___SH () C:\Users\Samsung\ntuser.ini
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Adobe
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung
2014-08-04 13:47 - 2013-12-12 22:56 - 00000000 ____D () C:\Windows\Panther
2014-08-04 13:46 - 2014-08-04 13:46 - 00000000 __SHD () C:\Recovery
2014-08-04 13:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-04 13:43 - 2009-07-14 05:46 - 00003806 _____ () C:\Windows\DtcInstall.log
2014-08-04 13:42 - 2013-12-12 11:58 - 00003652 _____ () C:\Windows\TSSysprep.log
2014-08-04 13:42 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-31 21:20 - 2014-07-31 21:20 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys
2014-07-23 10:52 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-17 18:49 - 2014-08-06 18:48 - 00020328 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-07-14 18:44 - 2014-08-05 16:03 - 00972056 _____ (TMRG, Inc.) C:\Windows\system32\rlls64.dll
2014-07-14 18:44 - 2014-08-05 16:03 - 00661784 _____ (TMRG, Inc.) C:\Windows\SysWOW64\rlls.dll

Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\BbAD57.exe
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-04 14:21

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Samsung at 2014-08-06 19:08:58
Running from C:\Users\Samsung\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13665 - Systweak Software)
f.lux (HKCU\...\Flux) (Version: - )
FreeSoftToday 013.91 (HKLM-x32\...\fst_gb_91_is1) (Version: - FREESOFTTODAY) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
InfoTrigger (HKLM\...\InfoTrigger) (Version: 2014.08.06.095705 - InfoTrigger)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Microsoft .NET Framework 4.5.1 (HKLM\...\{7E59919F-564E-3FB5-B1FC-884251B18B06}) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (Version: 8.0.58298 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
Only-search (HKCU\...\onlysearch) (Version: - onlysearch)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - ) <==== ATTENTION
Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebCam SC-0311139N (HKLM\...\{FD7041D8-C40A-47fb-97FF-ABA9AD0FEB81}) (Version: 5.66.1.0 - Silicon Motion)
WindApp (remove only) (HKCU\...\WindApp) (Version: - Store)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe [2014-02-03] (Pay By Ads LTD)
Task: {406AFAE0-2B4D-4383-B461-1C7FBD44A325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)
Task: {4222A868-1912-4DB4-B18B-C288E5A7F096} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2014-07-17] (Systweak)
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe [2014-08-06] (Pay By Ads LTD)
Task: {6A72BFB3-659D-46FD-9B7C-1B4E68A0D80D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)
Task: {7814DF3A-1457-4075-B4DF-A0C714C1536E} - System32\Tasks\ASP => C:\Program Files (x86)\System Speedup\SystweakASP.exe [2014-07-18] (Systweak Inc )
Task: {8C2A2370-619C-4B26-99A8-2D37B3C1C2E9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A0E9C08F-D486-4332-B33D-4E85C2B09DD5} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2014-07-17] (System Speedup)
Task: {B493DA94-0A9D-4F68-9457-1A38705F357C} - System32\Tasks\EPUpdater => C:\Users\Samsung\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-12-12] () <==== ATTENTION
Task: {CC875C2A-56E4-4F7D-8747-8F2719FDA2AC} - System32\Tasks\Right Backup_startup => C:\Program Files (x86)\Right Backup\RightBackup.exe [2014-07-11] (Systweak)
Task: {DAA67222-1EB2-43B7-BB81-48CA8B215DA6} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2014-07-17] (System Speedup)
Task: {DD7CDC09-80F3-4109-95B4-1D447719A7EE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E27999E8-82C2-4BBD-A33A-DF6F8E1325A9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {E68C4EC2-F358-4BE1-A969-2FD2FB1EAD80} - System32\Tasks\WIN-statsAdmin => C:\Users\Samsung\AppData\Local\Microsoft\WinU\~tflnaet.exe [2014-07-01] ()
Task: {E9BA53DC-7457-4B1F-84CC-AA8D523080AE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ED691586-E838-46AE-AD91-B65BA97B8282} - System32\Tasks\WIN-statsSystem => C:\Users\Samsung\AppData\Local\Microsoft\WinU\~eodpahy.exe [2014-06-30] ()
Task: {EFE6006B-F585-4858-823A-EC177681F73C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F6A6D032-9CD8-4C53-BC15-639F6B9EA93F} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-07-29] (PC Utilities Software Limited) <==== ATTENTION
Task: {FF0CE169-D7EC-4A59-B4CF-388EFB036DF4} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2014-07-17] (System Speedup)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe

==================== Loaded Modules (whitelisted) =============

2014-08-04 13:55 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-04 13:52 - 2013-10-31 19:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-06 18:41 - 2014-08-06 18:41 - 00709120 _____ () C:\Program Files\005\hzunyanhtn64.exe
2014-07-31 21:20 - 2014-07-31 21:20 - 00172544 _____ () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\etmajyzoqm64.exe
2014-07-31 21:20 - 2014-07-31 21:20 - 00110080 _____ () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\nfapi.dll
2014-07-31 21:20 - 2014-07-31 21:20 - 00456192 _____ () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\ProtocolFilters.dll
2014-08-06 18:44 - 2014-08-06 18:44 - 00073728 _____ () C:\Users\Samsung\AppData\Roaming\VOPackage\VOsrv.exe
2014-08-06 18:47 - 2014-08-05 16:47 - 03977696 _____ () C:\Program Files (x86)\fst_gb_91\fst_gb_91.exe
2014-08-06 18:47 - 2014-08-05 16:47 - 03305952 _____ () C:\Users\Samsung\AppData\Local\fst_gb_91\upfst_gb_91.exe
2014-08-06 10:57 - 2014-08-06 10:57 - 00323368 _____ () C:\Program Files (x86)\InfoTrigger\updateInfoTrigger2.exe
2014-08-06 18:41 - 2014-08-06 18:41 - 00573100 _____ () C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\sqlite.dll
2014-08-06 18:44 - 2014-08-06 18:44 - 00011264 _____ () C:\Users\Samsung\AppData\Local\Temp\nsxC55A.tmp\System.dll
2014-08-06 18:44 - 2014-08-06 18:44 - 00117248 _____ () C:\Users\Samsung\AppData\Local\Temp\nsxC55A.tmp\IpConfig.dll
2014-08-06 18:46 - 2014-08-06 18:46 - 03475912 _____ () c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-08-06 18:49 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\ASP\System.Data.SQLite.dll
2014-08-06 18:49 - 2014-07-17 18:54 - 01730984 _____ () C:\Program Files (x86)\ASP\aspsys.dll
2014-08-06 18:49 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\ASP\UNRAR.DLL
2014-08-06 18:50 - 2013-08-02 19:21 - 00886272 _____ () C:\Program Files (x86)\Right Backup\System.Data.SQLite.dll
2014-08-06 18:41 - 2014-08-06 18:41 - 00148480 _____ () C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\chrmXtn.dll
2014-08-04 13:57 - 2010-05-05 12:46 - 00317440 _____ () C:\Windows\system32\370prop.ax
2014-08-05 11:11 - 2014-07-15 10:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Toshiba RFBUS Driver
Description: Toshiba RFBUS Driver
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/06/2014 06:39:29 PM) (Source: MsiInstaller) (EventID: 11309) (User: Samsung-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.

Error: (08/06/2014 01:23:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/05/2014 09:43:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 36.0.1985.125 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12c0

Start Time: 01cfb0eb50468ef8

Termination Time: 15

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id:

Error: (08/05/2014 08:33:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2014 08:30:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 36.0.1985.125 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11bc

Start Time: 01cfb0e37e597616

Termination Time: 4

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: d5dcf5be-1cd6-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 08:20:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 36.0.1985.125 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 978

Start Time: 01cfb0e223ea07ad

Termination Time: 11

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 7f04d03f-1cd5-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 08:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 36.0.1985.125 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 814

Start Time: 01cfb0e1fcae9fb5

Termination Time: 22

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 5af96b1a-1cd5-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 08:17:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 36.0.1985.125 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1094

Start Time: 01cfb0bedd4dde52

Termination Time: 35

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 21492294-1cd5-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 04:03:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/05/2014 04:02:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/06/2014 07:07:29 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 07:02:19 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:57:09 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:51:58 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:46:48 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:41:38 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:36:27 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:31:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:26:07 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/06/2014 06:20:56 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (08/06/2014 06:39:29 PM) (Source: MsiInstaller) (EventID: 11309) (User: Samsung-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/06/2014 01:23:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Samsung\downloads\SoftonicDownloader_for_mkv-player.exe

Error: (08/05/2014 09:43:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.12512c001cfb0eb50468ef815C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (08/05/2014 08:33:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2014 08:30:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.12511bc01cfb0e37e5976164C:\Program Files (x86)\Google\Chrome\Application\chrome.exed5dcf5be-1cd6-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 08:20:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.12597801cfb0e223ea07ad11C:\Program Files (x86)\Google\Chrome\Application\chrome.exe7f04d03f-1cd5-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 08:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.12581401cfb0e1fcae9fb522C:\Program Files (x86)\Google\Chrome\Application\chrome.exe5af96b1a-1cd5-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 08:17:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.125109401cfb0bedd4dde5235C:\Program Files (x86)\Google\Chrome\Application\chrome.exe21492294-1cd5-11e4-af5d-e8039a2ef5af

Error: (08/05/2014 04:03:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe

Error: (08/05/2014 04:02:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 6057.55 MB
Available physical RAM: 2865.61 MB
Total Pagefile: 12113.27 MB
Available Pagefile: 8591.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:366.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 964863EB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-06 19:13:55
-----------------------------
19:13:55.941 OS Version: Windows x64 6.1.7601 Service Pack 1
19:13:55.942 Number of processors: 4 586 0x2A07
19:13:55.943 ComputerName: SAMSUNG-PC UserName: Samsung
19:13:58.082 Initialize success
19:13:58.134 VM: initialized successfully
19:13:58.158 VM: Intel CPU supported
19:14:00.441 VM: disk I/O iaStorA.sys
19:25:45.481 AVAST engine defs: 14080600
19:31:30.869 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
19:31:30.871 Disk 0 Vendor: ST500LM0 2AR1 Size: 476940MB BusType: 11
19:31:31.170 Disk 0 MBR read successfully
19:31:31.173 Disk 0 MBR scan
19:31:31.206 Disk 0 Windows 7 default MBR code
19:31:31.265 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
19:31:31.292 Disk 0 Boot: NTFS code=1
19:31:31.342 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476588 MB offset 718848
19:31:31.628 Disk 0 scanning C:\Windows\system32\drivers
19:31:47.853 Service scanning
19:32:24.496 Modules scanning
19:32:24.504 Disk 0 trace - called modules:
19:32:24.528 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
19:32:24.532 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008ac6060]
19:32:24.536 3 CLASSPNP.SYS[fffff88001cf643f] -> nt!IofCallDriver -> [0xfffffa800893ac50]
19:32:24.540 5 iaStorF.sys[fffff880018b2f84] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80057729c0]
19:32:26.177 AVAST engine scan C:\Windows
19:32:29.317 AVAST engine scan C:\Windows\system32
19:36:35.357 AVAST engine scan C:\Windows\system32\drivers
19:36:51.331 AVAST engine scan C:\Users\Samsung
19:39:17.691 File: C:\Users\Samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88QZTS5R\ssupsetup_binstall3[2].exe **INFECTED** Win32:Malware-gen
19:39:55.447 File: C:\Users\Samsung\AppData\Local\Microsoft\WinU\~eodpahy.exe **INFECTED** Win32:Malware-gen
19:39:55.699 File: C:\Users\Samsung\AppData\Local\Microsoft\WinU\~tflnaet.exe **INFECTED** Win32:Malware-gen
19:41:20.674 File: C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe **INFECTED** Win32:Dropper-gen [Drp]
19:41:56.066 File: C:\Users\Samsung\AppData\Roaming\VOPackage\VOPackage.exe **INFECTED** Win32:Dropper-gen [Drp]
19:42:43.551 AVAST engine scan C:\ProgramData
19:43:55.715 Scan finished successfully
19:51:04.018 Disk 0 MBR has been saved successfully to "C:\Users\Samsung\Desktop\MBR.dat"
19:51:04.049 The log file has been saved successfully to "C:\Users\Samsung\Desktop\aswMBR.txt"


© 2014 Microsoft Terms Privacy & cookies Developers English (United Kingdom)
Hurry, ends today

Join Sky TV & get 25% off The Original Bundle, plus a £100 reward. Find out more >
AdChoices

Juliet
2014-08-08, 00:07
wowssa!
This computer is severely infected.

I know up front this will probably take several scanners and tools to try to get this back in an operable state.


-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner (http://www.bleepingcomputer.com/download/adwcleaner/)
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

http://thespykiller.co.uk/files/adwcleaner_download.png



Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.


NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why (http://www.im-infected.com/hijacker/isearch-avg-comsearch-hijacker.html) and Here (http://nojesusnopeas.blogspot.com/2012/08/sorry-but-avg-secure-search-is-malware.html). You can always Reinstall (http://www.avg.com/us-en/secure-search) it.



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


http://imageshack.us/a/img841/7292/thisisujrt.gif
Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/) to your desktop.
Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message.


*******************

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"




http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)



On the Dashboard click on Update Now
Go to the Setting Tab
Under Setting go to Detection and Protection
Under PUP and PUM make sure both are set to show Treat Dections as Malware
Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
Then on the Dashboard click on Scan
Make sure to select THREAT SCAN
Then click on Scan
When the scan is finished and the log pops up...select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes


***************************************

please post:
C:\AdwCleaner.txt
JRT.txt
Malwarebytes

chelseafan
2014-08-08, 00:31
Hi, on adwcleaner it says uncheck elements you don't want to remove

Juliet
2014-08-08, 00:36
Thats correct. Look over the list of items found, if you see a program you KNOW to be legit, unclick it.
But, very rare this happens.

*******
Also, I should had posted this in my previous reply.

Please note: Even if you are using a "safe" P2P program - uTorrent - , it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

References for the risk of these programs can also be found
Here (http://www.microsoft.com/windows/ie/community/columns/protection.mspx ) and Here (http://www.internetworldstats.com/articles/art053.htm )

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.


Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system.
Please understand that we will not continue help as long as you use P2P software and continue to re-infect your self.

chelseafan
2014-08-08, 00:47
When I click 'clean' it says 'aut2 has stopped working' and the cleaner shuts down.

Juliet
2014-08-08, 00:59
Can you download all the tools to desktop, drop into safe mode and try again.

start-computer-safe-mode
http://windows.microsoft.com/en-us/windows/start-computer-safe-mode#start-computer-safe-mode=windows-7

chelseafan
2014-08-08, 01:03
Ok i'll do that. Here's the other log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Samsung on 07/08/2014 at 22:55:31.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{64893FA7-B5C4-4A58-BEFD-8303A8BA2728}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/08/2014 at 23:00:29.39
End of JRT log

chelseafan
2014-08-08, 01:23
# AdwCleaner v3.303 - Report created 07/08/2014 at 22:23:03
# Updated 06/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Samsung - SAMSUNG-PC
# Running from : C:\Users\Samsung\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : 70e6ca8c
Service Found : netfilter64
Service Found : RBClientService
Service Found : servervo
Service Found : Update InfoTrigger
Service Found : Util InfoTrigger
Service Found : {54ad4f6c-f1ec-4341-a888-284784343715}Gw64

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Found : C:\Users\Public\Desktop\Right Backup.lnk
File Found : C:\Users\Public\Desktop\System Speedup.lnk
File Found : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Found : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Found : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Samsung\AppData\Roaming\aps.scan.quick.results
File Found : C:\Users\Samsung\AppData\Roaming\aps.scan.results
File Found : C:\Users\Samsung\AppData\Roaming\aps.uninstall.scan.results
File Found : C:\Users\Samsung\AppData\Roaming\Bubble Dock.boostrap.log
File Found : C:\Users\Samsung\Desktop\AnyProtect.lnk
File Found : C:\Users\Samsung\Desktop\Optimizer Pro.lnk
File Found : C:\Windows\System32\drivers\{54ad4f6c-f1ec-4341-a888-284784343715}Gw64.sys
File Found : C:\Windows\System32\drivers\netfilter64.sys
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\sasnative64.exe
Folder Found : C:\Program Files (x86)\AnyProtectEx
Folder Found : C:\Program Files (x86)\ASP
Folder Found : C:\Program Files (x86)\fst_gb_91
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\Groovorio
Folder Found : C:\Program Files (x86)\InfoTrigger
Folder Found : C:\Program Files (x86)\Optimizer Pro
Folder Found : C:\Program Files (x86)\Right Backup
Folder Found : C:\Program Files (x86)\System Speedup
Folder Found : C:\ProgramData\DSearchLink
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freesofttoday
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Folder Found : C:\ProgramData\Systweak
Folder Found : C:\Users\Samsung\AppData\Local\fst_gb_91
Folder Found : C:\Users\Samsung\AppData\Local\globalUpdate
Folder Found : C:\Users\Samsung\AppData\Local\playnowradio
Folder Found : C:\Users\Samsung\AppData\Local\Temp\InfoTrigger
Folder Found : C:\Users\Samsung\AppData\Roaming\BabSolution
Folder Found : C:\Users\Samsung\AppData\Roaming\GroovorioUpdater
Folder Found : C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Folder Found : C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Found : C:\Users\Samsung\AppData\Roaming\Nosibay
Folder Found : C:\Users\Samsung\AppData\Roaming\Optimizer Pro
Folder Found : C:\Users\Samsung\AppData\Roaming\System Speedup
Folder Found : C:\Users\Samsung\AppData\Roaming\Systweak
Folder Found : C:\Users\Samsung\AppData\Roaming\VOPackage
Folder Found : C:\Users\Samsung\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****

Task Found : Advanced System Protector_startup
Task Found : APSnotifierPP1
Task Found : APSnotifierPP2
Task Found : APSnotifierPP3
Task Found : Groovorio Updater
Task Found : Optimizer Pro Schedule
Task Found : Right Backup_startup
Task Found : System Speedup_DEFAULT
Task Found : System Speedup_UPDATES

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Samsung\Desktop\Search.lnk ( -url hxxp://www.only-search.com/?babsrc=DT_ss&mntrId=5667B8030526A2C3&affID=129300&tsp=5331 -wbr 4 )

***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AnyProtect
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\BABSOLUTION
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Found : HKCU\Software\Groovorio
Key Found : HKCU\Software\InfoTrigger
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Nosibay
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\System Speedup
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : HKCU\Software\VuuPC
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\AnyProtect
Key Found : [x64] HKCU\Software\BABSOLUTION
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\Groovorio
Key Found : [x64] HKCU\Software\InfoTrigger
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Nosibay
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\System Speedup
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\TutoTag
Key Found : [x64] HKCU\Software\VuuPC
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\AllDaySavings
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{93cd09ae-8875-4d49-8af8-b1b2e7522c76}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AB85A689-89A2-472E-BCEA-CB54620828C7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{a9912548-d5c8-4b6a-b317-2313251607c4}
Key Found : HKLM\Software\FreeSoftToday
Key Found : HKLM\Software\GlobalUpdate
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Found : HKLM\Software\InfoTrigger
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93cd09ae-8875-4d49-8af8-b1b2e7522c76}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_gb_91_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Groovorio
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Speedup_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\Software\System Speedup
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Tutorials
Key Found : [x64] HKLM\SOFTWARE\AllDaySavings
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AB85A689-89A2-472E-BCEA-CB54620828C7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoTrigger
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [playnowradio]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_gb_91]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Startup_urls] : hxxp://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331
Found [Extension] : blmchfpimpbbdmgpcieclabeafkljbhm

*************************

AdwCleaner[R0].txt - [9921 octets] - [07/08/2014 22:23:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9981 octets] ##########

chelseafan
2014-08-08, 01:26
It shut down again without opening notepad but these are the files I found.

# AdwCleaner v3.303 - Report created 07/08/2014 at 22:44:14
# Updated 06/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Samsung - SAMSUNG-PC
# Running from : C:\Users\Samsung\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : 70e6ca8c
Service Deleted : netfilter64
Service Deleted : RBClientService
Service Deleted : servervo
[#] Service Deleted : Update InfoTrigger
[#] Service Deleted : Util InfoTrigger
Service Deleted : {54ad4f6c-f1ec-4341-a888-284784343715}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freesofttoday
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Folder Deleted : C:\Program Files (x86)\AnyProtectEx
Folder Deleted : C:\Program Files (x86)\ASP
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Groovorio
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
[!] Folder Deleted : C:\Program Files (x86)\Right Backup
Folder Deleted : C:\Program Files (x86)\System Speedup
Folder Deleted : C:\Program Files (x86)\fst_gb_91
[!] Folder Deleted : C:\Program Files (x86)\InfoTrigger
Folder Deleted : C:\Users\Samsung\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Samsung\AppData\Local\playnowradio
Folder Deleted : C:\Users\Samsung\AppData\Local\fst_gb_91
Folder Deleted : C:\Users\Samsung\AppData\Local\Temp\InfoTrigger
Folder Deleted : C:\Users\Samsung\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Samsung\AppData\Roaming\GroovorioUpdater
Folder Deleted : C:\Users\Samsung\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\Samsung\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Samsung\AppData\Roaming\System Speedup
Folder Deleted : C:\Users\Samsung\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Samsung\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Folder Deleted : C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\Samsung\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Deleted : C:\Users\Public\Desktop\Right Backup.lnk
File Deleted : C:\Users\Public\Desktop\System Speedup.lnk
File Deleted : C:\Windows\System32\drivers\netfilter64.sys
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\sasnative64.exe
File Deleted : C:\Windows\System32\drivers\{54ad4f6c-f1ec-4341-a888-284784343715}Gw64.sys
File Deleted : C:\Users\Samsung\AppData\Roaming\aps.scan.quick.results
File Deleted : C:\Users\Samsung\AppData\Roaming\aps.scan.results
File Deleted : C:\Users\Samsung\AppData\Roaming\aps.uninstall.scan.results
File Deleted : C:\Users\Samsung\AppData\Roaming\Bubble Dock.boostrap.log
File Deleted : C:\Users\Samsung\Desktop\AnyProtect.lnk
File Deleted : C:\Users\Samsung\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage
File Deleted : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Deleted : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage
File Deleted : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : Advanced System Protector_startup
Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : APSnotifierPP3
Task Deleted : Groovorio Updater
Task Deleted : Optimizer Pro Schedule
Task Deleted : Right Backup_startup
Task Deleted : System Speedup_DEFAULT
Task Deleted : System Speedup_UPDATES

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Samsung\Desktop\Search.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM64\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [playnowradio]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_gb_91]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93cd09ae-8875-4d49-8af8-b1b2e7522c76}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AB85A689-89A2-472E-BCEA-CB54620828C7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{a9912548-d5c8-4b6a-b317-2313251607c4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93cd09ae-8875-4d49-8af8-b1b2e7522c76}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM64\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{AB85A689-89A2-472E-BCEA-CB54620828C7}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Groovorio
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\System Speedup
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\VuuPC
Key Deleted : HKCU\Software\InfoTrigger
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AllDaySavings
Key Deleted : HKLM\Software\FreeSoftToday
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\System Speedup
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\InfoTrigger
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Groovorio
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Speedup_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_gb_91_is1
Key Deleted : HKLM64\SOFTWARE\AllDaySavings
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoTrigger

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : http://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331
Deleted [Extension] : blmchfpimpbbdmgpcieclabeafkljbhm

Juliet
2014-08-08, 02:11
Malwarebytes' Anti-Malware log?

chelseafan
2014-08-08, 03:15
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 08/08/2014
Scan Time: 00:59:46
Logfile: mwblog.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.07.10
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Samsung

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 315095
Time Elapsed: 8 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.AdPeak.A, C:\Program Files\005\hzunyanhtn64.exe, 1816, Delete-on-Reboot, [43830bb81d5ec1753ee6526613f1cc34]
PUP.Optional.PayByAds.A, C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe, 2468, Delete-on-Reboot, [2c9a695a116a4de9deddfbf927ddc43c]

Modules: 0
(No malicious items detected)

Registry Keys: 10
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hzunyanhtn64, Quarantined, [43830bb81d5ec1753ee6526613f1cc34],
PUP.Optional.InfoTrigger.A, HKLM\SOFTWARE\WOW6432NODE\InfoTrigger, Quarantined, [ad19457ee3984de90e41499781819f61],
PUP.Optional.Adpeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AllDaySavingsService64, Quarantined, [07bf1ca70d6e4fe7432640995ca6de22],
PUP.Optional.AdPeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\netfilter64, Quarantined, [ebdb863d1f5c39fdbb8902d68f73db25],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, Quarantined, [33939a29c5b62d090cce83b6af55ce32],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [80461ba8dba0ed490abab628d32f7c84],
PUP.Optional.Groovorio, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CC865B26-C31D-4D23-B17B-96548EEF03F6}, Quarantined, [4b7b8142f18acd6967190139da2ade22],
PUP.Optional.OnlySearch.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\onlysearch, Quarantined, [3a8cf1d2fb8030067e910ad0b949d12f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [6d59b50e94e70b2b24c914b7857de719],

Registry Values: 1
PUP.Optional.PayByAds.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|onlysearch, C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe, Quarantined, [2c9a695a116a4de9deddfbf927ddc43c]

Registry Data: 1
PUP.Optional.Groovorio.A, HKU\S-1-5-21-1893469449-2281273183-1111418718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://groovorio.com/?f=1&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=, Good: (www.google.com), Bad: (http://groovorio.com/?f=1&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=),Replaced,[745252710b704bebe1b73289857fa25e]

Folders: 3
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings, Quarantined, [a12505be1c5fd2647113eae3f909a45c],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\SSL, Quarantined, [a12505be1c5fd2647113eae3f909a45c],

Files: 39
PUP.Optional.AdPeak.A, C:\Program Files\005\hzunyanhtn64.exe, Delete-on-Reboot, [43830bb81d5ec1753ee6526613f1cc34],
PUP.Optional.PayByAds.A, C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe, Delete-on-Reboot, [2c9a695a116a4de9deddfbf927ddc43c],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsc9E5C.tmp, Quarantined, [388efec54d2e59ddc1d0b90158ac36ca],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nse1189.tmp, Quarantined, [c204af144f2c73c3a2efc2f8e91bb44c],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsgAD12.tmp, Quarantined, [dbebcff484f781b5fb96f9c15ca805fb],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsm7F5A.tmp, Quarantined, [f6d011b2c4b73bfbcac7b00ac63eea16],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsc9E5C.tmp, Quarantined, [60664b7814672a0cbad7249615ef11ef],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nse1189.tmp, Quarantined, [dee8784b91ea58deeca543774db72bd5],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsgAD12.tmp, Quarantined, [23a36f54b6c50333cdc41e9cb94bd52b],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsm7F5A.tmp, Quarantined, [e1e56f548af1a98d5041536713f1fc04],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsuFC67.tmp, Quarantined, [f8cedce7f18a85b1296804b660a43ec2],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\nsvEABD.tmp, Quarantined, [b214903359228babbbd6279322e2946c],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsuFC67.tmp, Quarantined, [b0167b48bbc090a6276aecce51b3de22],
PUP.Optional.Downloader, C:\Users\Samsung\AppData\Local\Temp\ICReinstall_nsvEABD.tmp, Quarantined, [74520ab99edd51e5b9d8ecceb4504bb5],
PUP.Optional.BubbleDock.A, C:\Users\Samsung\AppData\Local\Temp\682014184631\Uninstall Bubble Dock.exe, Quarantined, [80468a39a2d9c96dbb25d1733dc4dd23],
PUP.Optional.Installcore, C:\Users\Samsung\AppData\Local\Temp\is-PSLC7.tmp\InstallManagerR.exe, Quarantined, [33937e45b8c3f93ddfa4476268997789],
PUP.Optional.Softonic.A, C:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe, Quarantined, [e9dd18abea9103338ddace5c8180a759],
PUP.Optional.OneClickDownloader.A, C:\Users\Samsung\Downloads\The.Wind.Rises.2013.1080p.JPN.BluRay.Remux.AVC.MULTi-WARHD (1).exe, Quarantined, [b80e18ab047749edc399b86426db6f91],
Trojan.Downloader, C:\Users\Samsung\AppData\Local\Microsoft\WinU\~eodpahy.exe, Quarantined, [5a6ce6ddb1ca67cf7f172e1dc04036ca],
PUP.Optional.OnlySearch.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.only-search.com_0.localstorage, Delete-on-Reboot, [16b0a61d66152b0b0d48e2f227db04fc],
PUP.Optional.OnlySearch.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.only-search.com_0.localstorage-journal, Delete-on-Reboot, [43832f94413a66d093c2fed6ad559f61],
PUP.Optional.OnlySearch.A, C:\Users\Samsung\Desktop\Only-search.lnk, Quarantined, [b016853e46351125907ea83212f0956b],
PUP.Optional.BetterDeals.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Delete-on-Reboot, [24a2893aaccf280e84bb8f560cf6cc34],
PUP.Optional.BetterDeals.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Delete-on-Reboot, [a81e2d96bdbe6bcb39068362fc068b75],
PUP.Optional.Superfish.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [20a63e856a11e551db9edb0f08faf907],
PUP.Optional.Superfish.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [b01617ac433877bf84f5e505768cde22],
PUP.Optional.Adpeak.A, C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712\etmajyzoqm64.exe, Quarantined, [07bf1ca70d6e4fe7432640995ca6de22],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleCrashHandler.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdate.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdateBroker.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdateHelper.msi, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\GoogleUpdateOnDemand.exe, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\goopdate.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\goopdateres_en.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\npGoogleUpdate4.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\psmachine.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.GlobalUpdate.A, C:\Users\Samsung\AppData\Local\Temp\comh.380385\psuser.dll, Quarantined, [6d59b50e94e70b2b24c914b7857de719],
PUP.Optional.Groovorio.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://groovorio.com/?f=7&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=", "http://www.only-search.com/?babsrc=HP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331" ],), Replaced,[f5d14b78a3d848ee6d89df160301e020]
PUP.Optional.Groovorio.A, C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://groovorio.com/?f=1&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=",), Replaced,[3f87b211fa8133036493b540fc0810f0]

Physical Sectors: 0
(No malicious items detected)


(end)

Juliet
2014-08-08, 03:30
OK, good work.

Next
Locate FRST.txt (made the first time you ran Farbar's tool) and delete it and Addition.txt
I want you to make a new scan with Farbar's Recovery Scan Tool


Run FRST

Don´t change the checkboxes just click on Scan.
Logfiles are created on your desktop.
Post the FRST.txt
The first time the tool is run it generates another log Addition.txt
(Please make sure there is a check mark by Addition txt)-
Please also paste that along with the FRST.txt into your reply.

chelseafan
2014-08-08, 03:48
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Samsung (administrator) on SAMSUNG-PC on 08-08-2014 01:44:24
Running from C:\Users\Samsung\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Flux Software LLC) C:\Users\Samsung\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [uTorrent] => C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe [1936720 2014-08-05] (BitTorrent Inc.)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [f.lux] => C:\Users\Samsung\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
ShortcutTarget: TorntvDownloader.lnk -> C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5E886DA294B0CF01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

Chrome:
=======
CHR DefaultSearchKeyword: groovorio.com
CHR DefaultSearchProvider: OnlySearch
CHR DefaultSearchURL: http://www.only-search.com/?babsrc=SP_kms&affID=129300&tt=&mntrid=5667B8030526A2C3&tsp=5331&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-05]
CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-05]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-05]
CHR Extension: (Google Search) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-05]
CHR Extension: (Google Wallet) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-05]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-10-28] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [206336 2011-03-02] (SMI)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-08 00:57 - 2014-08-08 01:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 00:55 - 2014-08-08 00:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-08 00:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-08 00:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-08 00:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-08 00:52 - 2014-08-08 00:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-07 23:10 - 2014-08-07 23:10 - 00001184 _____ () C:\Users\Samsung\Desktop\AdwCleaner - Shortcut.lnk
2014-08-07 23:00 - 2014-08-07 23:00 - 00000774 _____ () C:\Users\Samsung\Desktop\JRT.txt
2014-08-07 22:55 - 2014-08-07 22:55 - 01016261 _____ (Thisisu) C:\Users\Samsung\Downloads\JRT.exe
2014-08-07 22:55 - 2014-08-07 22:55 - 00000000 ____D () C:\Windows\ERUNT
2014-08-07 22:50 - 2014-08-07 22:51 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner (1).exe
2014-08-07 22:22 - 2014-08-07 23:13 - 00000000 ____D () C:\AdwCleaner
2014-08-07 22:21 - 2014-08-07 22:22 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner.exe
2014-08-07 22:13 - 2014-08-07 22:34 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\rightbackup
2014-08-06 20:08 - 2014-08-06 20:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SAMSUNG-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-08-06 20:07 - 2014-08-06 20:07 - 00000000 ____D () C:\RegBackup
2014-08-06 20:06 - 2014-08-06 20:06 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-06 20:01 - 2014-08-08 01:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-06 20:01 - 2014-08-06 20:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-06 20:01 - 2014-08-06 20:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-06 20:01 - 2014-08-06 20:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Macromedia
2014-08-06 19:56 - 2014-08-06 19:56 - 00591056 _____ (ClickMeIn Limited) C:\Users\Samsung\AppData\Local\nsz7F39.tmp
2014-08-06 19:52 - 2014-08-06 19:53 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup (1).exe
2014-08-06 19:51 - 2014-08-06 19:51 - 00002720 _____ () C:\Users\Samsung\Desktop\aswMBR.txt
2014-08-06 19:51 - 2014-08-06 19:51 - 00000512 _____ () C:\Users\Samsung\Desktop\MBR.dat
2014-08-06 19:08 - 2014-08-06 19:09 - 00034287 _____ () C:\Users\Samsung\Downloads\Addition.txt
2014-08-06 19:07 - 2014-08-08 01:44 - 00012013 _____ () C:\Users\Samsung\Downloads\FRST.txt
2014-08-06 19:07 - 2014-08-08 01:44 - 00000000 ____D () C:\FRST
2014-08-06 19:05 - 2014-08-06 19:06 - 05185536 _____ (AVAST Software) C:\Users\Samsung\Downloads\aswMBR.exe
2014-08-06 19:00 - 2014-08-06 19:01 - 02094080 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2014-08-06 18:58 - 2014-08-06 18:59 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\rbtemp
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:49 - 2014-08-06 18:49 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-08-06 18:48 - 2014-08-06 18:48 - 00003320 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-08-06 18:48 - 2014-08-06 18:48 - 00003240 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-08-06 18:48 - 2014-08-06 18:48 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-06 18:47 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:43 - 2014-08-06 18:43 - 00009077 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:43 - 2014-08-06 18:43 - 00000374 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Store
2014-08-06 18:42 - 2014-08-08 01:09 - 00000000 ____D () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712
2014-08-06 18:42 - 2014-08-06 18:42 - 00003552 _____ () C:\Windows\System32\Tasks\Only-search
2014-08-06 18:42 - 2014-08-06 18:42 - 00000097 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.boostrap.log
2014-08-06 18:41 - 2014-08-07 22:44 - 00000601 _____ () C:\Users\Samsung\Desktop\Search.lnk
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:40 - 2014-08-08 01:10 - 00000000 ____D () C:\Program Files\005
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\dvdcss
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieUserList
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieSiteList
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Local\FluxSoftware
2014-08-05 21:55 - 2014-08-05 21:55 - 00597304 _____ () C:\Users\Samsung\Downloads\flux-setup.exe
2014-08-05 21:36 - 2014-08-06 08:52 - 00000000 ____D () C:\Users\Samsung\Downloads\Happy Times - Xingfu shiguang
2014-08-05 21:34 - 2014-08-06 12:27 - 00000000 ____D () C:\Users\Samsung\Downloads\The.Lunchbox.2013.720p.BluRay.DTS.x264-PublicHD
2014-08-05 21:33 - 2014-08-05 21:47 - 00000000 ____D () C:\Users\Samsung\Downloads\Studio Ghibli Collection [jap-eng audio] eng-sub [Mkv]
2014-08-05 21:31 - 2014-08-06 16:33 - 00000058 _____ () C:\Users\Samsung\Documents\BETS.txt
2014-08-05 16:12 - 2014-08-06 15:29 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\vlc
2014-08-05 16:12 - 2014-08-05 16:12 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-05 16:09 - 2014-08-05 16:10 - 24743106 _____ () C:\Users\Samsung\Downloads\vlc-2.1.5-win32.exe
2014-08-05 15:50 - 2014-08-05 15:51 - 06740514 _____ ( ) C:\Users\Samsung\Desktop\MKVPlayerSetupD.exe
2014-08-05 12:10 - 2014-08-05 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-05 12:07 - 2014-08-05 19:12 - 00000000 ____D () C:\Users\Samsung\Downloads\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-08-05 12:06 - 2014-08-05 18:11 - 00000000 ____D () C:\Users\Samsung\Downloads\Game Of Thrones Complete Season 1, 2, 3 x264 + Extras Multisubs
2014-08-05 12:06 - 2014-08-05 14:24 - 00000000 ____D () C:\Users\Samsung\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2014-08-05 12:01 - 2014-08-05 12:01 - 00000855 _____ () C:\Users\Samsung\Desktop\µTorrent.lnk
2014-08-05 12:01 - 2014-08-05 12:01 - 00000835 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-05 11:51 - 2014-08-08 01:27 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\uTorrent
2014-08-05 11:50 - 2014-08-05 11:51 - 01936720 _____ (BitTorrent Inc.) C:\Users\Samsung\Downloads\uTorrent.exe
2014-08-05 11:45 - 2014-08-05 11:45 - 00020473 _____ () C:\Users\Samsung\Downloads\MRP August.xlsx
2014-08-05 11:30 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-05 11:27 - 2014-08-05 11:27 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-08-05 11:27 - 2014-08-05 11:27 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-05 11:26 - 2014-08-05 11:27 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-05 11:26 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-05 11:25 - 2014-08-05 11:25 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-05 11:25 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-05 11:25 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-05 11:25 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-05 11:24 - 2014-06-30 03:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-05 11:24 - 2014-06-30 03:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 11:24 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-05 11:24 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-05 11:24 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-05 11:24 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-05 11:24 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-05 11:24 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-05 11:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-05 11:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-05 11:24 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-05 11:24 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-05 11:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-05 11:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-05 11:24 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-05 11:24 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-05 11:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-05 11:24 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-05 11:24 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-05 11:23 - 2014-08-05 11:23 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-05 11:23 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-05 11:23 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-05 11:23 - 2014-06-18 02:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-05 11:23 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-05 11:23 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-05 11:23 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-05 11:23 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-05 11:23 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-05 11:23 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-05 11:23 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-05 11:23 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-05 11:23 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-05 11:23 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-05 11:23 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-05 11:23 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-05 11:23 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-05 11:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-05 11:23 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-05 11:23 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-05 11:23 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-05 11:23 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-08-05 11:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-08-05 11:23 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-08-05 11:23 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-08-05 11:23 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-05 11:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-08-05 11:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-05 11:22 - 2014-06-20 21:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-05 11:22 - 2014-06-20 20:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-05 11:22 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-05 11:22 - 2014-06-19 02:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-05 11:22 - 2014-06-19 02:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-05 11:22 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-05 11:22 - 2014-06-19 01:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-05 11:22 - 2014-06-19 01:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-05 11:22 - 2014-06-19 01:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-05 11:22 - 2014-06-19 01:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-05 11:22 - 2014-06-19 01:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-05 11:22 - 2014-06-19 01:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-05 11:22 - 2014-06-19 01:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-05 11:22 - 2014-06-19 01:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-05 11:22 - 2014-06-19 01:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-05 11:22 - 2014-06-19 01:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-05 11:22 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-05 11:22 - 2014-06-19 01:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-05 11:22 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-05 11:22 - 2014-06-19 00:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-05 11:22 - 2014-06-19 00:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-05 11:22 - 2014-06-19 00:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-05 11:22 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-05 11:22 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-05 11:22 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-05 11:22 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-05 11:22 - 2014-06-19 00:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-05 11:22 - 2014-06-19 00:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-05 11:22 - 2014-06-19 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-05 11:22 - 2014-06-19 00:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-05 11:22 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-05 11:22 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-05 11:22 - 2014-06-19 00:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-05 11:22 - 2014-06-19 00:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-05 11:22 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-05 11:22 - 2014-06-19 00:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-05 11:22 - 2014-06-19 00:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-05 11:22 - 2014-06-19 00:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-05 11:22 - 2014-06-19 00:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-05 11:22 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-05 11:22 - 2014-06-19 00:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-05 11:22 - 2014-06-19 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-05 11:22 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-05 11:22 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-05 11:22 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-05 11:22 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-05 11:22 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-05 11:22 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-05 11:22 - 2014-06-18 23:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-05 11:22 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-05 11:22 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-05 11:22 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-05 11:22 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-05 11:22 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-05 11:22 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-05 11:22 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-05 11:22 - 2014-05-30 09:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-05 11:22 - 2014-05-30 08:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-05 11:22 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-05 11:22 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-05 11:22 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-05 11:22 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-05 11:22 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-05 11:22 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-05 11:22 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-05 11:22 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-05 11:22 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-05 11:22 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-05 11:22 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-05 11:22 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-05 11:22 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-05 11:22 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-05 11:22 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-05 11:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-05 11:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-05 11:20 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-05 11:20 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-05 11:20 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-05 11:20 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-05 11:20 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-05 11:20 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-05 11:20 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-05 11:20 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-05 11:20 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-05 11:20 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-05 11:20 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-05 11:16 - 2014-08-05 11:16 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-08-05 11:15 - 2014-08-05 11:16 - 13829304 _____ (Microsoft Corporation) C:\Users\Samsung\Downloads\mseinstall.exe
2014-08-05 11:14 - 2014-08-05 11:15 - 15824384 _____ (LastPass) C:\Users\Samsung\Downloads\lastpass_x64.exe
2014-08-05 11:11 - 2014-08-07 22:17 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 11:11 - 2014-08-05 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 11:09 - 2014-08-08 01:14 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 11:09 - 2014-08-08 01:10 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 11:09 - 2014-08-05 11:11 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Google
2014-08-05 11:09 - 2014-08-05 11:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 11:09 - 2014-08-05 11:09 - 00895120 _____ (Google Inc.) C:\Users\Samsung\Downloads\ChromeSetup.exe
2014-08-05 11:09 - 2014-08-05 11:09 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-05 11:09 - 2014-08-05 11:09 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-05 11:08 - 2014-08-05 11:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Deployment
2014-08-05 11:08 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Apps\2.0
2014-08-04 15:05 - 2014-08-05 11:27 - 00058408 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\system32\NV
2014-08-04 13:57 - 2011-11-30 07:09 - 00001752 _____ () C:\Windows\Sensor.set
2014-08-04 13:57 - 2011-03-02 12:07 - 00206336 _____ (SMI) C:\Windows\system32\Drivers\SMIksdrv.sys
2014-08-04 13:57 - 2011-02-10 06:29 - 00572928 _____ () C:\Windows\system32\SM37XCoInst.dll
2014-08-04 13:57 - 2010-05-05 12:46 - 00317440 _____ () C:\Windows\system32\370prop.ax
2014-08-04 13:57 - 2010-05-05 12:46 - 00258048 _____ () C:\Windows\SysWOW64\370prop.ax
2014-08-04 13:57 - 2010-02-25 12:14 - 00451584 _____ (SiliconMotion Inc.) C:\Windows\system32\370proplib.dll
2014-08-04 13:57 - 2010-02-25 12:14 - 00372736 _____ (SiliconMotion Inc.) C:\Windows\SysWOW64\370proplib.dll
2014-08-04 13:57 - 2008-01-16 10:06 - 02806784 _____ (Silicon Motion Corporation) C:\Windows\system32\Drivers\SMIexp.sys
2014-08-04 13:56 - 2014-08-04 14:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-04 13:56 - 2014-08-04 13:56 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-04 13:56 - 2013-05-29 02:10 - 11524096 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-08-04 13:56 - 2010-08-11 05:11 - 00954368 _____ (SiliconMotion) C:\Windows\SysWOW64\RemoveSM37X.exe
2014-08-04 13:56 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 13:56 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 13:55 - 2014-08-04 13:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-04 13:55 - 2013-11-14 12:58 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-04 13:55 - 2013-11-14 12:58 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-04 13:55 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-08-04 13:55 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 03467927 _____ () C:\Windows\system32\nvcoproc.bin
2014-08-04 13:55 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 01065248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-08-04 13:55 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-08-04 13:55 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-04 13:54 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-04 13:54 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-08-04 13:54 - 2013-11-14 12:58 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Intel
2014-08-04 13:53 - 2013-11-06 20:05 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2014-08-04 13:53 - 2013-10-31 19:38 - 00017058 _____ () C:\Windows\system32\iglhxs64.vp
2014-08-04 13:53 - 2013-10-31 19:28 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-08-04 13:53 - 2013-10-31 19:28 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-08-04 13:53 - 2013-10-31 19:28 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-08-04 13:53 - 2013-10-31 19:27 - 00223664 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00210106 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00194245 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00166170 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00163421 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00159008 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00149682 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00148042 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00147393 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00147288 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00146004 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00145491 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144645 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144260 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00144020 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00143932 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142882 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142877 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142717 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00142289 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00142008 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00141838 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00141049 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137889 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137784 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00137141 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00132623 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-08-04 13:53 - 2013-10-31 19:27 - 00126300 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00124650 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-08-04 13:53 - 2013-10-31 19:27 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-08-04 13:53 - 2013-10-31 19:27 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 01981696 _____ () C:\Windows\system32\iglhxa64.cpa
2014-08-04 13:53 - 2013-10-31 19:24 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-08-04 13:53 - 2013-10-31 19:24 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-08-04 13:53 - 2013-10-31 19:24 - 00001074 _____ () C:\Windows\system32\iglhxa64.vp
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Program Files\Realtek
2014-08-04 13:52 - 2013-12-03 20:29 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-08-04 13:52 - 2013-12-03 16:05 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-08-04 13:52 - 2013-12-03 14:38 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-08-04 13:52 - 2013-12-02 16:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-08-04 13:52 - 2013-11-29 18:59 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-08-04 13:52 - 2013-11-26 17:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-08-04 13:52 - 2013-11-25 15:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-08-04 13:52 - 2013-11-25 15:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-08-04 13:52 - 2013-11-16 00:40 - 05904880 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00515568 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00442352 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00399856 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00254960 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-08-04 13:52 - 2013-11-16 00:40 - 00172016 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-08-04 13:52 - 2013-11-14 15:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-08-04 13:52 - 2013-11-13 18:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-04 13:52 - 2013-11-13 18:41 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-08-04 13:52 - 2013-11-13 18:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-08-04 13:52 - 2013-11-13 18:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-04 13:52 - 2013-10-31 19:30 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-08-04 13:52 - 2013-10-31 19:30 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-08-04 13:52 - 2013-10-31 19:28 - 00098304 _____ () C:\Windows\system32\igdde64.dll
2014-08-04 13:52 - 2013-10-31 19:28 - 00077312 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-08-04 13:52 - 2013-10-31 19:27 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-08-04 13:52 - 2013-10-31 19:24 - 00963452 _____ () C:\Windows\SysWOW64\igcodeckrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00963452 _____ () C:\Windows\system32\igcodeckrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00272928 _____ () C:\Windows\SysWOW64\igvpkrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00272928 _____ () C:\Windows\system32\igvpkrng600.bin
2014-08-04 13:52 - 2013-10-31 19:24 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-08-04 13:52 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-08-04 13:52 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-08-04 13:52 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-04 13:52 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-08-04 13:52 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-08-04 13:52 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-08-04 13:52 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-08-04 13:52 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-08-04 13:52 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-08-04 13:52 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-04 13:52 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-08-04 13:52 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-08-04 13:52 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-08-04 13:52 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-08-04 13:52 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-08-04 13:52 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-08-04 13:52 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-08-04 13:52 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-08-04 13:52 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-08-04 13:52 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-08-04 13:52 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-08-04 13:52 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-08-04 13:52 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-08-04 13:52 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-08-04 13:52 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-08-04 13:51 - 2013-11-28 05:55 - 00449496 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-08-04 13:51 - 2013-11-26 12:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-08-04 13:51 - 2013-11-26 12:49 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-08-04 13:51 - 2013-11-26 12:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-08-04 13:51 - 2013-10-28 11:15 - 00632168 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2014-08-04 13:51 - 2013-10-28 11:15 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2014-08-04 13:51 - 2013-01-23 15:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-08-04 13:50 - 2011-12-16 14:24 - 00079040 _____ (TOSHIBA CORPORATION) C:\Windows\system32\Drivers\tosrfusb.sys
2014-08-04 13:50 - 2009-06-18 18:42 - 00040832 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\Drivers\TosBtCi.dll
2014-08-04 13:47 - 2014-08-04 13:47 - 00001417 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 13:47 - 2014-08-04 13:47 - 00000020 ___SH () C:\Users\Samsung\ntuser.ini
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Adobe
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung
2014-08-04 13:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 13:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 13:46 - 2014-08-04 13:46 - 00000000 __SHD () C:\Recovery
2014-08-04 13:45 - 2014-08-08 01:09 - 01016716 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-08 01:44 - 2014-08-06 19:07 - 00012013 _____ () C:\Users\Samsung\Downloads\FRST.txt
2014-08-08 01:44 - 2014-08-06 19:07 - 00000000 ____D () C:\FRST
2014-08-08 01:41 - 2014-08-06 20:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-08 01:27 - 2014-08-05 11:51 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\uTorrent
2014-08-08 01:20 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-08 01:20 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-08 01:19 - 2014-08-04 13:45 - 01016716 _____ () C:\Windows\WindowsUpdate.log
2014-08-08 01:14 - 2014-08-05 11:09 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-08 01:11 - 2014-08-08 00:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 01:10 - 2014-08-06 18:40 - 00000000 ____D () C:\Program Files\005
2014-08-08 01:10 - 2014-08-05 11:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-08 01:10 - 2013-12-12 22:56 - 00000000 ____D () C:\Windows\Panther
2014-08-08 01:10 - 2010-11-21 04:47 - 00025556 _____ () C:\Windows\PFRO.log
2014-08-08 01:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-08 01:10 - 2009-07-14 05:51 - 00031172 _____ () C:\Windows\setupact.log
2014-08-08 01:09 - 2014-08-06 18:42 - 00000000 ____D () C:\Program Files (x86)\9B0D3D35-C69A-4D44-BBF5-B75ED01D6712
2014-08-08 00:55 - 2014-08-08 00:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-08 00:55 - 2014-08-08 00:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-08 00:53 - 2014-08-08 00:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-07 23:13 - 2014-08-07 22:22 - 00000000 ____D () C:\AdwCleaner
2014-08-07 23:10 - 2014-08-07 23:10 - 00001184 _____ () C:\Users\Samsung\Desktop\AdwCleaner - Shortcut.lnk
2014-08-07 23:00 - 2014-08-07 23:00 - 00000774 _____ () C:\Users\Samsung\Desktop\JRT.txt
2014-08-07 22:55 - 2014-08-07 22:55 - 01016261 _____ (Thisisu) C:\Users\Samsung\Downloads\JRT.exe
2014-08-07 22:55 - 2014-08-07 22:55 - 00000000 ____D () C:\Windows\ERUNT
2014-08-07 22:51 - 2014-08-07 22:50 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner (1).exe
2014-08-07 22:44 - 2014-08-06 18:47 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-07 22:44 - 2014-08-06 18:41 - 00000601 _____ () C:\Users\Samsung\Desktop\Search.lnk
2014-08-07 22:44 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2014-08-07 22:34 - 2014-08-07 22:13 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\rightbackup
2014-08-07 22:22 - 2014-08-07 22:21 - 01475072 _____ () C:\Users\Samsung\Downloads\AdwCleaner.exe
2014-08-07 22:17 - 2014-08-05 11:11 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-06 20:08 - 2014-08-06 20:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SAMSUNG-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-08-06 20:07 - 2014-08-06 20:07 - 00000000 ____D () C:\RegBackup
2014-08-06 20:06 - 2014-08-06 20:06 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-06 20:06 - 2014-08-06 20:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-06 20:01 - 2014-08-06 20:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-06 20:01 - 2014-08-06 20:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-06 20:01 - 2014-08-06 20:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-06 20:01 - 2014-08-06 20:01 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Macromedia
2014-08-06 19:56 - 2014-08-06 19:56 - 00591056 _____ (ClickMeIn Limited) C:\Users\Samsung\AppData\Local\nsz7F39.tmp
2014-08-06 19:53 - 2014-08-06 19:52 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup (1).exe
2014-08-06 19:51 - 2014-08-06 19:51 - 00002720 _____ () C:\Users\Samsung\Desktop\aswMBR.txt
2014-08-06 19:51 - 2014-08-06 19:51 - 00000512 _____ () C:\Users\Samsung\Desktop\MBR.dat
2014-08-06 19:09 - 2014-08-06 19:08 - 00034287 _____ () C:\Users\Samsung\Downloads\Addition.txt
2014-08-06 19:06 - 2014-08-06 19:05 - 05185536 _____ (AVAST Software) C:\Users\Samsung\Downloads\aswMBR.exe
2014-08-06 19:01 - 2014-08-06 19:00 - 02094080 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2014-08-06 18:59 - 2014-08-06 18:58 - 04057608 _____ () C:\Users\Samsung\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-06 18:50 - 2014-08-06 18:50 - 00000000 ____D () C:\rbtemp
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:49 - 2014-08-06 18:49 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-08-06 18:48 - 2014-08-06 18:48 - 00003320 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-08-06 18:48 - 2014-08-06 18:48 - 00003240 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-08-06 18:48 - 2014-08-06 18:48 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-06 18:43 - 2014-08-06 18:43 - 00009077 _____ () C:\Users\Samsung\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:43 - 2014-08-06 18:43 - 00000374 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.installation.log
2014-08-06 18:43 - 2014-08-06 18:43 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Store
2014-08-06 18:42 - 2014-08-06 18:42 - 00003552 _____ () C:\Windows\System32\Tasks\Only-search
2014-08-06 18:42 - 2014-08-06 18:42 - 00000097 _____ () C:\Users\Samsung\AppData\Roaming\WindApp.boostrap.log
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 16:33 - 2014-08-05 21:31 - 00000058 _____ () C:\Users\Samsung\Documents\BETS.txt
2014-08-06 15:29 - 2014-08-05 16:12 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\vlc
2014-08-06 12:27 - 2014-08-05 21:34 - 00000000 ____D () C:\Users\Samsung\Downloads\The.Lunchbox.2013.720p.BluRay.DTS.x264-PublicHD
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\dvdcss
2014-08-06 08:52 - 2014-08-05 21:36 - 00000000 ____D () C:\Users\Samsung\Downloads\Happy Times - Xingfu shiguang
2014-08-06 01:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieUserList
2014-08-05 22:17 - 2014-08-05 22:17 - 00000000 __SHD () C:\Users\Samsung\AppData\Local\EmieSiteList
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-08-05 21:57 - 2014-08-05 21:57 - 00000000 ____D () C:\Users\Samsung\AppData\Local\FluxSoftware
2014-08-05 21:55 - 2014-08-05 21:55 - 00597304 _____ () C:\Users\Samsung\Downloads\flux-setup.exe
2014-08-05 21:47 - 2014-08-05 21:33 - 00000000 ____D () C:\Users\Samsung\Downloads\Studio Ghibli Collection [jap-eng audio] eng-sub [Mkv]
2014-08-05 19:12 - 2014-08-05 12:07 - 00000000 ____D () C:\Users\Samsung\Downloads\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV + Extras (Interviews, Commentaries, Bonus Features etc.)
2014-08-05 18:11 - 2014-08-05 12:06 - 00000000 ____D () C:\Users\Samsung\Downloads\Game Of Thrones Complete Season 1, 2, 3 x264 + Extras Multisubs
2014-08-05 16:12 - 2014-08-05 16:12 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-05 16:12 - 2014-08-05 16:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-05 16:10 - 2014-08-05 16:09 - 24743106 _____ () C:\Users\Samsung\Downloads\vlc-2.1.5-win32.exe
2014-08-05 15:59 - 2011-04-12 09:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-05 15:51 - 2014-08-05 15:50 - 06740514 _____ ( ) C:\Users\Samsung\Desktop\MKVPlayerSetupD.exe
2014-08-05 14:24 - 2014-08-05 12:06 - 00000000 ____D () C:\Users\Samsung\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2014-08-05 12:18 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 12:12 - 2009-07-14 05:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-05 12:10 - 2014-08-05 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-05 12:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-05 12:01 - 2014-08-05 12:01 - 00000855 _____ () C:\Users\Samsung\Desktop\µTorrent.lnk
2014-08-05 12:01 - 2014-08-05 12:01 - 00000835 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-05 11:51 - 2014-08-05 11:50 - 01936720 _____ (BitTorrent Inc.) C:\Users\Samsung\Downloads\uTorrent.exe
2014-08-05 11:45 - 2014-08-05 11:45 - 00020473 _____ () C:\Users\Samsung\Downloads\MRP August.xlsx
2014-08-05 11:34 - 2013-12-12 11:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-05 11:31 - 2013-12-12 11:08 - 00765700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-05 11:27 - 2014-08-05 11:27 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-08-05 11:27 - 2014-08-05 11:27 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-08-05 11:27 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-08-05 11:27 - 2014-08-04 15:05 - 00058408 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 11:26 - 2014-08-05 11:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-08-05 11:25 - 2014-08-05 11:25 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-05 11:25 - 2014-08-05 11:25 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 11:24 - 2014-08-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-05 11:23 - 2014-08-05 11:23 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-05 11:16 - 2014-08-05 11:16 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-08-05 11:16 - 2014-08-05 11:16 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-08-05 11:16 - 2014-08-05 11:15 - 13829304 _____ (Microsoft Corporation) C:\Users\Samsung\Downloads\mseinstall.exe
2014-08-05 11:15 - 2014-08-05 11:14 - 15824384 _____ (LastPass) C:\Users\Samsung\Downloads\lastpass_x64.exe
2014-08-05 11:11 - 2014-08-05 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 11:11 - 2014-08-05 11:09 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Google
2014-08-05 11:11 - 2014-08-05 11:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 11:09 - 2014-08-05 11:09 - 00895120 _____ (Google Inc.) C:\Users\Samsung\Downloads\ChromeSetup.exe
2014-08-05 11:09 - 2014-08-05 11:09 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-05 11:09 - 2014-08-05 11:09 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-05 11:09 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Deployment
2014-08-05 11:08 - 2014-08-05 11:08 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Apps\2.0
2014-08-05 11:03 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-05 10:44 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-04 22:39 - 2009-07-14 06:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-04 14:35 - 2014-08-04 14:35 - 00000000 ____D () C:\Windows\system32\NV
2014-08-04 14:35 - 2014-08-04 13:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\winrm
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\WCN
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\slmgr
2014-08-04 14:33 - 2011-04-12 09:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-04 14:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-08-04 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-04 14:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-04 13:56 - 2014-08-04 13:56 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-04 13:56 - 2014-08-04 13:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 13:56 - 2014-08-04 13:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 13:55 - 2014-08-04 13:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-04 13:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-04 13:53 - 2014-08-04 13:53 - 00000000 ____D () C:\Intel
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 ____D () C:\Program Files\Realtek
2014-08-04 13:47 - 2014-08-04 13:47 - 00001417 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 13:47 - 2014-08-04 13:47 - 00000020 ___SH () C:\Users\Samsung\ntuser.ini
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Adobe
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2014-08-04 13:47 - 2014-08-04 13:47 - 00000000 ____D () C:\Users\Samsung
2014-08-04 13:46 - 2014-08-04 13:46 - 00000000 __SHD () C:\Recovery
2014-08-04 13:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-04 13:43 - 2009-07-14 05:46 - 00003806 _____ () C:\Windows\DtcInstall.log
2014-08-04 13:42 - 2013-12-12 11:58 - 00003652 _____ () C:\Windows\TSSysprep.log
2014-08-04 13:42 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-04 14:21

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Samsung at 2014-08-08 01:47:44
Running from C:\Users\Samsung\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
f.lux (HKCU\...\Flux) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{7E59919F-564E-3FB5-B1FC-884251B18B06}) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (Version: 8.0.58298 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
Play Now Radio (HKCU\...\playnowradio) (Version: - playnowradio) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebCam SC-0311139N (HKLM\...\{FD7041D8-C40A-47fb-97FF-ABA9AD0FEB81}) (Version: 5.66.1.0 - Silicon Motion)
WindApp (remove only) (HKCU\...\WindApp) (Version: - Store)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
Task: {406AFAE0-2B4D-4383-B461-1C7FBD44A325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
Task: {6A72BFB3-659D-46FD-9B7C-1B4E68A0D80D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)
Task: {8C2A2370-619C-4B26-99A8-2D37B3C1C2E9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A0E9C08F-D486-4332-B33D-4E85C2B09DD5} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {DD7CDC09-80F3-4109-95B4-1D447719A7EE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E27999E8-82C2-4BBD-A33A-DF6F8E1325A9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {E68C4EC2-F358-4BE1-A969-2FD2FB1EAD80} - System32\Tasks\WIN-statsAdmin => C:\Users\Samsung\AppData\Local\Microsoft\WinU\~tflnaet.exe [2014-07-01] ()
Task: {E9BA53DC-7457-4B1F-84CC-AA8D523080AE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ED691586-E838-46AE-AD91-B65BA97B8282} - System32\Tasks\WIN-statsSystem => C:\Users\Samsung\AppData\Local\Microsoft\WinU\~eodpahy.exe
Task: {EFE6006B-F585-4858-823A-EC177681F73C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FE1D3C38-3772-4C27-9127-370580E31D39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-06] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-04 13:55 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-04 13:52 - 2013-10-31 19:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-08-05 11:11 - 2014-07-15 10:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Toshiba RFBUS Driver
Description: Toshiba RFBUS Driver
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2014 01:12:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:26 AM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:42:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2014 11:40:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:22:46 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:22:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:13:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:07:53 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:07:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/08/2014 01:47:35 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:42:25 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:37:15 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:32:05 AM) (Source: BROWSER) (EventID: 8020) (User: )
Description: The browser was unable to promote itself to master browser. The computer that currently
believes it is the master browser is unknown.

Error: (08/08/2014 01:32:01 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:26:51 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:21:41 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:16:31 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:11:21 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (08/08/2014 01:08:16 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (08/08/2014 01:12:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 00:52:26 AM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:42:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samsung\Downloads\SoftonicDownloader_for_mkv-player.exe

Error: (08/07/2014 11:40:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:22:46 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:22:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:13:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 11:07:53 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
failed with 2

Error: (08/07/2014 11:07:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 6057.55 MB
Available physical RAM: 4364 MB
Total Pagefile: 12113.27 MB
Available Pagefile: 10212.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:366.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 964863EB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Juliet
2014-08-08, 04:34
These programs need to be uninstalled.
WindApp
uTorrent
Play Now Radio


*********************

The below script will reboot your computer, please don't be alarmed.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)



start
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
CHR DefaultSearchKeyword: groovorio.com
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:47 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:40 - 2014-08-08 01:10 - 00000000 ____D () C:\Program Files\005
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe
Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
Reboot:
End


Open FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

*********************

Please Run TFC by OldTimer to clear temporary files:

Download TFC from here http://oldtimer.geekstogo.com/TFC.exe
and save it to your desktop.

Close any open programs and Internet browsers.
Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
Please be patient as clearing out temp files may take a while.
Once it completes you may be prompted to restart your computer, please do so.
Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

*****************

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.


Go here (http://go.eset.com/us/online-scanner) to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activeX control to install
Click Start Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
When the scan completes, press the LIST OF THREATS FOUND button
Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
Include the contents of this report in your next reply.
Press the BACK button.
Press Finish


********************

Please post
Fixlog.txt
Eset log


How is your computer now?

chelseafan
2014-08-08, 11:48
It seems fine now, no pop ups.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-08-2014
Ran by Samsung at 2014-08-08 09:08:59 Run:1
Running from C:\Users\Samsung\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\Run: [WindApp] => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [160552 2014-07-24] (Nosibay)
HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\...\MountPoints2: {6788e91a-1bd4-11e4-a66d-806e6f6e6963} - E:\RunThis.exe
C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk
C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_tuto1_14_30&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtB0E0FyD0A0FtB0DtDzytN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFtAtN1L1Czu1N1C2X1V2Z2Y2Z1FtC1VtCyE1VtAtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyD0EtA0AtD0AtG0DtBtAzztGtB0ByEtCtGtAtA0EyEtGtCyEtB0D0DtCtBzz0A0CtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CtB0BtB0EzztGzyzz0BtAtG0FzztAyCtG0EtB0AtAtGyEtCzz0CtAtDyD0EtC0FyDyE2Q&cr=2034954236&ir=
CHR DefaultSearchKeyword: groovorio.com
2014-08-06 18:49 - 2014-08-06 18:49 - 00003630 _____ () C:\Windows\System32\Tasks\Play Now Radio
2014-08-06 18:47 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\InfoTrigger
2014-08-06 18:43 - 2014-08-06 18:43 - 00003610 _____ () C:\Windows\System32\Tasks\WindApp Update
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\Samsung\AppData\Local\onlysearch
2014-08-06 18:40 - 2014-08-08 01:10 - 00000000 ____D () C:\Program Files\005
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe
Task: {14349730-2924-4019-B962-0A88BF0EF67D} - System32\Tasks\Play Now Radio => C:\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
Task: {46648544-2FAE-4CC3-9C56-CB1B52C49B4C} - System32\Tasks\WindApp Update => C:\Users\Samsung\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {61BB6C43-1B5C-4047-8AD4-D9D5C6787351} - System32\Tasks\Only-search => C:\Users\Samsung\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe
Reboot:
End
*****************

HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WindApp => value deleted successfully.
"HKU\S-1-5-21-1893469449-2281273183-1111418718-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6788e91a-1bd4-11e4-a66d-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{6788e91a-1bd4-11e4-a66d-806e6f6e6963}" => Key not found.
C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorntvDownloader.lnk => Moved successfully.
"C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
CHR DefaultSearchKeyword: groovorio.com ==> The Chrome "Settings" can be used to fix the entry.
C:\Windows\System32\Tasks\Play Now Radio => Moved successfully.
C:\Program Files (x86)\InfoTrigger => Moved successfully.
"C:\Windows\System32\Tasks\WindApp Update" => File/Directory not found.
C:\Users\Samsung\AppData\Local\onlysearch => Moved successfully.
C:\Program Files\005 => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\nsnD8FB.tmp.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Temp\Vuupc_setup.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14349730-2924-4019-B962-0A88BF0EF67D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14349730-2924-4019-B962-0A88BF0EF67D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Play Now Radio not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Play Now Radio" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46648544-2FAE-4CC3-9C56-CB1B52C49B4C}" => Key not found.
C:\Windows\System32\Tasks\WindApp Update not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindApp Update" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61BB6C43-1B5C-4047-8AD4-D9D5C6787351}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61BB6C43-1B5C-4047-8AD4-D9D5C6787351}" => Key deleted successfully.
C:\Windows\System32\Tasks\Only-search => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Only-search" => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AdvancedSystemProtector.exe.vir MSIL/AdvancedSystemProtector.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AspManager.exe.vir a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Communication.dll.vir Win32/Systweak.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\filetypehelper.exe.vir a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\scandll.dll.vir a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_gb_91\freeSoftToday_widget.exe.vir a variant of Win32/AdWare.EoRezo.AU application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_gb_91\fst_gb_91.exe.vir a variant of Win32/AdWare.EoRezo.AU application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\InfoTrigger2BHO.dll.vir a variant of Win32/BrowseFox.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\InfoTrigger2Uninstall.exe.vir Win32/BrowseFox.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\updateInfoTrigger2.exe.vir a variant of Win32/BrowseFox.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2BAApp.dll.vir Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\utilInfoTrigger2.exe.vir a variant of Win32/BrowseFox.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\{15ab46c3-b2ad-4db9-9e5c-e0e87bea624c}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\plugins\InfoTrigger2.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\plugins\InfoTrigger2.BrowserAdapterS.dll.vir probably a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\InfoTrigger\bin\plugins\InfoTrigger2.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir a variant of Win32/SpeedingUpMyPC application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir a variant of Win32/SProtector.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\System Speedup\systweakasp.exe.vir Win32/Systweak.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir Win32/Toolbar.Babylon.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\fst_gb_91\upfst_gb_91.exe.vir a variant of Win32/Adware.EoRezo.AJ application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\fst_gb_91\Download\majfst_gentlegb.exe.vir Win32/AdWare.EoRezo.AW application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\chrmXtn.dll.vir a variant of Win32/Toolbar.Montiera.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\ffxtn.dll.vir a variant of Win32/Toolbar.Montiera.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe.vir a variant of Win32/Toolbar.Montiera.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir Win32/Toolbar.Babylon.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Samsung\AppData\Roaming\VOPackage\runasu.exe.vir a variant of Win32/VOPackage.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\System32\sasnative64.exe.vir Win64/AdvancedSystemProtector.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2.BrowserAdapter.exe a variant of Win32/BrowseFox.I potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\InfoTrigger\bin\InfoTrigger2BAApp.dll Win32/BrowseFox.N potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\InfoTrigger\bin\{15ab46c3-b2ad-4db9-9e5c-e0e87bea624c}.dll a variant of Win32/BrowseFox.M potentially unwanted application

Juliet
2014-08-08, 14:14
According to the scan all infections are held in quarantine folders.

Glad the computer is running good again.

Reset browsers


Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings (http://support.microsoft.com/kb/923737)

Firefox
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome
Chrome - Reset browser settings (https://support.google.com/chrome/answer/3296214?hl=en)

*****************

Do the above then report back.

We should be ready to remove tools and folders, then I'll post preventive tips.

chelseafan
2014-08-08, 14:34
Great, thanks a lot.

I only use Chrome. How do I uninstall Internet Explorer? I couldn't find it in uninstall a programme.

I've reset Chrome.

Juliet
2014-08-08, 14:56
Great, thanks a lot.

I only use Chrome. How do I uninstall Internet Explorer? I couldn't find it in uninstall a programme.

I've reset Chrome.

Thats a system tool you really want to leave alone.
When you do Microsoft updates ensure you keep it updated for the latest security patches, in case you should need to use it for different things.

Download Delfix from here (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix)
Ensure Remove disinfection tools is ticked
Also tick:
Create registry backup
Purge system restore
http://www.hdrcgb.org.uk/g2g/delfix.jpg

Click Run




Any other tools and files found can simply be deleted or uninstall via Add/Remove Programs in the Control Panel etc.

~~~~~~~~~~~~~~~~~~~~~`

Your good to go, good job!

Please take the time to read over a few of my preventive tips.

Computer Security
http://malwareremoval.com/forum/viewtopic.php?p=557960#p557960
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know (http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/#)

CryptoLocker Ransomware Information Guide and FAQ (http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information)

to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent (http://www.foolishit.com/vb6-projects/cryptoprevent/) install this programme to lock down and prevent crypto ransome ware

https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please navigate to Microsoft Windows Updates (http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us) and download all the "Critical Updates" for Windows.


Firefox 3 (http://www.mozilla.com/en-US/firefox/)
The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 3, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
*NoScript (http://www.noscript.net) - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

AdblockPlus

AdblockPlus, Surf the web without annoying ads!
Blocks banners, pop-ups and video ads - even on Facebook and YouTube
Protects your online privacy
Two-click installation, It's free!
click the icon that corresponds to your browser and download.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
WOT (http://www.mywot.com/) Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Green should be good to go
Yellow for caution
Red to stop



~~~~~~~~~~~~~~~~~~~~~~~~~~~~
How to prevent Malware: Created by Miekiemoes (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html)


WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article (http://www.forbes.com/sites/eliseackerman/2013/01/11/us-department-of-homeland-security-calls-on-computer-users-to-disable-java/
and this article (http://www.nbcnews.com/technology/technolog/us-warns-java-software-security-concerns-escalate-1B7938755

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser (http://www.geekstogo.com/2600/how-to-disable-java-in-your-web-browser/) and How to unplug Java from the browser (http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/ (null)))


Avoid P2P

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter (http://www.fbi.gov/cyberinvest/cyberedletter.htm)
USAToday (http://www.usatoday.com/tech/columnist/kimkomando/2006-04-13-file-sharing-woes_x.htm)
infoworld (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)

*********************************************
Please read the following safe computing articles..

Secure My Computer: A Layered Approach (http://www.dslreports.com/faq/8463)


Free Antivirus-AntiSpyware-Firewall Software (http://www.geekstogo.com/forum/Free-Antivirus-Antispyware-Software-t38.html)[/*]

Keep a backup of your important files (http://www.geekstogo.com/2008/06/19/options-for-home-computer-data-backup-part-1/) - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.



It is possible for other programs on your computer to have security vulnerability that can allow malware to infect you.
Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
You can check these by visiting Secunia Software Inspector (http://secunia.com/software_inspector) or you can use the following application for this purpose PatchMyPC (http://www.patchmypc.net/)

chelseafan
2014-08-08, 15:21
Awesome. Thanks for your help :)

Juliet
2014-08-08, 15:39
Glad we could help. :)http://i204.photobucket.com/albums/bb106/Juliet702/sparkle.gif

Since this issue appears resolved ... this Topic is closed.