Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hijack this log file


  • This topic is locked This topic is locked
5 replies to this topic

#1 Gnana prakash

Gnana prakash

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 07 September 2014 - 03:05 PM

My mouse is running crazily all over the place without control.  I can't move it the way I want to.  I suspect there may be some malicious program that is causing this.  Your help needed.

 

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:30:07 AM, on 9/8/2014
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\MBlaze UI\bin\App.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=503&aid=100&itype=n&ver=13001&tm=393&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,,C:\Program Files\jidusiqy\rouhdlap.exe
O2 - BHO: CrossriderApp0037658 - {11111111-1111-1111-1111-110311761158} - C:\Program Files\VMP UltiSend\VMP UltiSend-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F8A65AA-E3E3-4F54-A023-E1EF0AF01F6E}: NameServer = 10.228.129.113 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: UDisk Monitor - Unknown owner - C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe

--
End of file - 6747 bytes
 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 PM

Posted 12 September 2014 - 09:28 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I did find some bad files on your HijackThis log but do not think this is the cause of your mouse problems.
I suspect that your mouse is going bad and need to be replaced..
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 Gnana prakash

Gnana prakash
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 12 September 2014 - 05:56 PM

FRST log and  it's Addition log:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Chan (administrator) on CHAN-PC on 13-09-2014 03:56:48
Running from C:\Users\Chan\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
() C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(FileHippo.com) C:\Program Files\FileHippo.com\UpdateChecker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
(IObit) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
() C:\Program Files\MBlaze UI\bin\App.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-12] (Macrovision Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM.EXE [139992 2014-09-09] (Realtek Semiconductor Corp.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,C:\Program Files\jidusiqy\rouhdlap.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-12] (Macrovision Corporation)
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\Run: [Google Update] => C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-07] (Google Inc.)
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {366026f5-a112-11e3-b68d-b044ff3e7155} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {366026f9-a112-11e3-b68d-b044ff3e7155} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {6d720382-ff4d-11e3-8a61-bf6d43e5485f} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {6d72038c-ff4d-11e3-8a61-dcd668617689} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {737fe106-a121-11e3-9cb5-d7ec034f382c} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {737fe10c-a121-11e3-9cb5-d7ec034f382c} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {9be5fb56-a176-11e3-9e6a-ec9fefd9f459} - F:\AutoRun.exe
HKU\S-1-5-21-3595032436-1198616242-287078722-1000\...\MountPoints2: {9be5fb5a-a176-11e3-9e6a-ec9fefd9f459} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{5F8A65AA-E3E3-4F54-A023-E1EF0AF01F6E}: [NameServer] 10.228.129.113 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\user.js
FF Extension: VMP UltiSend - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\3ffb86d0-3ce6-450b-92b6-10f6577b9f01@85d80483-1202-4ccd-9f03-847dea3e3a48.com [2014-09-09]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\artur.dubovoy@gmail.com [2014-07-31]
FF Extension: Lightbeam - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-08-15]
FF Extension: Youtube Downloader - Media Downloader - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\paulsaintuzb@gmail.com.xpi [2014-07-15]
FF Extension: Test Pilot - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\testpilot@labs.mozilla.com.xpi [2014-06-30]
FF Extension: YouTube High Definition - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-24]
FF Extension: DownThemAll! - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-07-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-02]
FF Extension: No Name - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR HomePage: Default -> B8F1ABC8E6D336C500AED2086701F370429C8FBF30F776FAB3C8E90CF2831A3B
CHR DefaultSearchKeyword: Default -> google.co.in
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR CustomProfile: C:\Users\Chan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08]
CHR Extension: (avast! Online Security) - C:\Users\Chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\Chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-09-08] (Intel Corporation)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [277976 2014-09-08] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-09-08] (Realtek Semiconductor)
R2 UDisk Monitor; C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe [512000 2013-05-10] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-05] ()
R3 Generalusbserialser20679; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [108544 2013-03-22] (Incorporated)
S3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [73216 2014-03-02] (Huawei Technologies Co., Ltd.) [File not signed]
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [86488 2014-09-09] (Intel Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [205968 2013-02-01] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [6374104 2014-09-09] (Realtek Semiconductor Corp.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 03:56 - 2014-09-13 03:57 - 00014499 _____ () C:\Users\Chan\Downloads\FRST.txt
2014-09-13 03:54 - 2014-09-13 03:57 - 00000000 ____D () C:\FRST
2014-09-13 03:46 - 2014-09-13 03:53 - 01097728 _____ (Farbar) C:\Users\Chan\Downloads\FRST.exe
2014-09-13 03:43 - 2014-09-13 03:48 - 01115472 _____ (Malwarebytes Corporation ) C:\Users\Chan\Downloads\mbam-setup-2.0.2.1012.exe.part
2014-09-10 17:45 - 2014-06-04 15:17 - 00031008 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-09-10 17:44 - 2014-09-10 17:44 - 00001088 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-09-10 17:44 - 2014-09-10 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-09-10 17:44 - 2014-06-04 15:17 - 00109856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-09-10 17:44 - 2014-06-04 15:17 - 00018624 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2014-09-09 00:39 - 2014-09-09 00:45 - 36399648 _____ () C:\Users\Chan\Downloads\Firefox Setup 33.0b1.exe
2014-09-09 00:15 - 2014-09-09 00:15 - 06374104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2014-09-09 00:15 - 2014-09-09 00:15 - 01910488 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU.exe
2014-09-09 00:15 - 2014-09-09 00:15 - 00421080 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX.dll
2014-09-09 00:15 - 2014-09-09 00:15 - 00139992 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM.exe
2014-09-09 00:14 - 2014-09-09 00:14 - 02122952 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28.sys
2014-09-09 00:14 - 2014-09-09 00:14 - 00718552 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2014-09-09 00:14 - 2014-09-09 00:14 - 00382492 _____ () C:\Windows\system32\Drivers\FW7650.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00239920 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInst.dll
2014-09-09 00:14 - 2014-09-09 00:14 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2014-09-09 00:14 - 2014-09-09 00:14 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2014-09-09 00:14 - 2014-09-09 00:14 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-09-09 00:14 - 2014-09-09 00:14 - 00008192 _____ () C:\Windows\system32\Drivers\rt2860.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00004096 _____ () C:\Windows\system32\Drivers\rt3290.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00004096 _____ () C:\Windows\system32\Drivers\3290PCI4KB.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriver_01011.Wdf
2014-09-09 00:13 - 2014-09-09 00:13 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-09-09 00:13 - 2014-09-09 00:13 - 00086488 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriver.sys
2014-09-09 00:13 - 2014-09-09 00:13 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2014-09-09 00:13 - 2012-07-26 09:09 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-09-09 00:13 - 2012-07-26 09:09 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-09-09 00:13 - 2012-07-26 08:16 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-09-09 00:13 - 2012-06-02 20:04 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-09-08 23:56 - 2014-09-08 23:56 - 00001088 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-09-08 23:56 - 2014-09-08 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-09-08 22:42 - 2014-09-08 22:42 - 00364504 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-09-08 22:36 - 2014-09-08 22:36 - 18032128 _____ (Intel Corporation) C:\Windows\system32\igdfcl32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 15647200 _____ (Intel Corporation) C:\Windows\system32\igdumdim32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 06381568 _____ (Intel Corporation) C:\Windows\system32\ig7icd32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 04343256 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 04339672 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 02990592 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2014-09-08 22:36 - 2014-09-08 22:36 - 01755648 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 01551872 _____ (Intel Corporation) C:\Windows\system32\igdrcl32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 01132960 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00894424 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00734720 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00607744 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00544728 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00544216 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00398808 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00393688 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00393176 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00349112 _____ () C:\Windows\system32\igdmd32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00329728 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00294912 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igdbcl32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00279000 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00277976 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00241152 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00235520 _____ () C:\Windows\system32\igfxCPL.cpl
2014-09-08 22:36 - 2014-09-08 22:36 - 00221696 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00205784 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00187348 __RSH () C:\Windows\system32\resTHA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00183808 _____ () C:\Windows\system32\igdde32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00183800 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00180736 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00180164 __RSH () C:\Windows\system32\resELL.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00176020 __RSH () C:\Windows\system32\resRUS.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00161876 __RSH () C:\Windows\system32\resARA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00161332 __RSH () C:\Windows\system32\resHEB.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00161268 __RSH () C:\Windows\system32\resJPN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00159192 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00158032 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00156692 __RSH () C:\Windows\system32\resFRA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00156676 __RSH () C:\Windows\system32\resHUN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00155136 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00154980 __RSH () C:\Windows\system32\resKOR.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154884 __RSH () C:\Windows\system32\resITA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154884 __RSH () C:\Windows\system32\resDEU.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154724 __RSH () C:\Windows\system32\resROM.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154612 __RSH () C:\Windows\system32\resESN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154180 __RSH () C:\Windows\system32\resPLK.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154036 __RSH () C:\Windows\system32\resSKY.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153844 __RSH () C:\Windows\system32\resNLD.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153600 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3643.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00153284 __RSH () C:\Windows\system32\resPTB.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153140 __RSH () C:\Windows\system32\resTRK.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153108 __RSH () C:\Windows\system32\resCSY.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00152980 __RSH () C:\Windows\system32\resPTG.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00152564 __RSH () C:\Windows\system32\resFIN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00152132 __RSH () C:\Windows\system32\resHRV.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00151684 __RSH () C:\Windows\system32\resSVE.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00151508 __RSH () C:\Windows\system32\resSLV.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00150580 __RSH () C:\Windows\system32\resNOR.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00150068 __RSH () C:\Windows\system32\resDAN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00148756 __RSH () C:\Windows\system32\resENU.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00146980 __RSH () C:\Windows\system32\resCHT.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00146148 __RSH () C:\Windows\system32\resCHS.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00142848 _____ () C:\Windows\system32\igdail32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00063488 _____ () C:\Windows\system32\igfxCUIServicePS.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00057856 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00056116 _____ () C:\Windows\system32\iglhxs32.vp
2014-09-08 22:36 - 2014-09-08 22:36 - 00033968 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010240 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00000895 _____ () C:\Windows\system32\Gfxv2_0.exe.config
2014-09-08 22:36 - 2014-09-08 22:36 - 00000895 _____ () C:\Windows\system32\DPTopologyAppv2_0.exe.config
2014-09-08 22:36 - 2014-09-08 22:36 - 00000895 _____ () C:\Windows\system32\CustomModeAppv2_0.exe.config
2014-09-08 22:36 - 2014-09-08 22:36 - 00000889 _____ () C:\Windows\system32\Gfxv4_0.exe.config
2014-09-08 22:36 - 2014-09-08 22:36 - 00000889 _____ () C:\Windows\system32\DPTopologyApp.exe.config
2014-09-08 22:36 - 2014-09-08 22:36 - 00000889 _____ () C:\Windows\system32\CustomModeApp.exe.config
2014-09-08 21:50 - 2014-09-08 21:50 - 39215104 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-08 21:50 - 2014-09-08 21:50 - 00163840 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-08 21:50 - 2014-09-08 21:50 - 00098304 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-08 21:50 - 2014-09-08 21:50 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-08 21:48 - 2014-09-08 21:48 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-09-08 21:48 - 2014-09-08 21:48 - 03086040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-09-08 21:48 - 2014-09-08 21:48 - 02566872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 02474200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-09-08 21:48 - 2014-09-08 21:48 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-08 21:48 - 2014-09-08 21:48 - 00916696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-09-08 21:48 - 2014-09-08 21:48 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-09-08 21:48 - 2014-09-08 21:48 - 00000000 ____D () C:\Program Files\Realtek
2014-09-08 21:31 - 2014-09-08 21:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-08 21:31 - 2014-09-08 21:31 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-08 21:29 - 2014-02-17 13:41 - 00024384 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-09-08 21:27 - 2014-09-13 01:33 - 39317504 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-09-08 21:27 - 2014-09-13 01:33 - 00163840 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-09-08 21:27 - 2014-09-13 01:33 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-09-08 21:27 - 2014-09-13 01:33 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-09-08 21:14 - 2014-09-08 21:14 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\ProductData
2014-09-08 21:13 - 2014-09-08 21:13 - 00001146 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-09-08 21:12 - 2014-09-13 01:36 - 00002111 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-09-08 21:12 - 2014-09-08 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-09-08 21:12 - 2014-09-08 21:12 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-08 20:37 - 2014-09-13 01:28 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-08 20:37 - 2014-09-10 17:44 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\IObit
2014-09-08 20:37 - 2014-09-10 17:44 - 00000000 ____D () C:\Program Files\IObit
2014-09-08 20:37 - 2014-09-08 23:56 - 00000000 ____D () C:\ProgramData\IObit
2014-09-08 20:37 - 2014-09-08 20:38 - 00002085 _____ () C:\Users\Public\Desktop\Driver Booster 2 Beta.lnk
2014-09-08 20:37 - 2014-09-08 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2 Beta 2.0
2014-09-08 20:25 - 2014-09-09 02:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-08 20:09 - 2014-09-08 20:31 - 38662680 _____ (IObit ) C:\Users\Chan\Downloads\advanced-systemcare-setup.exe
2014-09-08 20:07 - 2014-09-08 20:19 - 08190744 _____ (IObit ) C:\Users\Chan\Downloads\driver_booster_setup_beta.exe
2014-09-08 14:59 - 2014-09-08 14:59 - 00108824 _____ () C:\Users\Chan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 14:58 - 2014-09-08 14:59 - 00406272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 06:19 - 2014-09-09 16:02 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-08 06:19 - 2014-09-09 02:16 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-08 06:19 - 2014-09-09 02:16 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-08 02:20 - 2014-09-08 02:20 - 00007597 _____ () C:\Users\Chan\AppData\Local\Resmon.ResmonCfg
2014-09-08 02:13 - 2014-09-08 02:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\Chan\Downloads\HijackThis.exe
2014-09-08 01:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-08 01:50 - 2014-09-08 01:50 - 01370467 _____ () C:\Users\Chan\Downloads\AdwCleaner(1).exe
2014-09-08 00:08 - 2014-09-08 00:08 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\Synaptics
2014-09-08 00:05 - 2014-09-08 00:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-09-07 23:33 - 2014-09-07 23:35 - 04901352 _____ (Piriform Ltd) C:\Users\Chan\Downloads\ccsetup417.exe
2014-09-07 23:22 - 2014-09-13 03:28 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000UA.job
2014-09-07 23:22 - 2014-09-12 23:28 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000Core.job
2014-09-04 22:48 - 2014-09-04 22:48 - 00000561 _____ () C:\Users\Chan\Downloads\LOVETHEWAY.xspf
2014-09-04 21:27 - 2014-09-04 21:28 - 04247216 _____ () C:\Users\Chan\Downloads\EminemRihannaLo
2014-08-27 22:44 - 2014-08-27 22:44 - 00000121 _____ () C:\Users\Chan\Downloads\listen.pls
2014-08-23 18:10 - 2014-08-23 18:10 - 00000000 ____D () C:\Users\Chan\Documents\EA SPORTS™ Cricket 07
2014-08-22 18:02 - 2014-08-22 18:07 - 22439520 _____ (Mozilla) C:\Users\Chan\Downloads\Firefox Setup 22.0b1.exe
2014-08-15 17:47 - 2014-08-15 17:47 - 00000000 ____D () C:\Users\Chan\AppData\Local\Adobe
2014-08-15 14:48 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-15 14:48 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-08-15 14:47 - 2014-08-15 14:47 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2014-08-15 14:47 - 2014-08-15 14:47 - 00000000 ____D () C:\Program Files\Winamp Detect
2014-08-15 14:44 - 2014-08-17 12:50 - 00000000 ____D () C:\Program Files\360
2014-08-15 14:44 - 2014-08-15 14:44 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-08-15 14:43 - 2014-08-15 14:43 - 17888872 _____ (Nullsoft, Inc.) C:\Users\Chan\Downloads\winamp57_3444_beta_full_all.exe
2014-08-15 14:25 - 2014-08-15 14:25 - 00766008 _____ ( ) C:\Users\Chan\Downloads\winamp57_3444_beta_full_all_inst.exe
2014-08-14 14:53 - 2014-08-14 14:53 - 00000000 ____D () C:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 03:57 - 2014-09-13 03:56 - 00014499 _____ () C:\Users\Chan\Downloads\FRST.txt
2014-09-13 03:57 - 2014-09-13 03:54 - 00000000 ____D () C:\FRST
2014-09-13 03:57 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\tracing
2014-09-13 03:53 - 2014-09-13 03:46 - 01097728 _____ (Farbar) C:\Users\Chan\Downloads\FRST.exe
2014-09-13 03:48 - 2014-09-13 03:43 - 01115472 _____ (Malwarebytes Corporation ) C:\Users\Chan\Downloads\mbam-setup-2.0.2.1012.exe.part
2014-09-13 03:42 - 2014-03-01 12:51 - 02059452 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 03:30 - 2014-03-02 01:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 03:28 - 2014-09-07 23:22 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000UA.job
2014-09-13 01:36 - 2014-09-08 21:12 - 00002111 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-09-13 01:33 - 2014-09-08 21:27 - 39317504 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-09-13 01:33 - 2014-09-08 21:27 - 00163840 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-09-13 01:33 - 2014-09-08 21:27 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-09-13 01:33 - 2014-09-08 21:27 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-09-13 01:33 - 2014-03-01 12:52 - 00000000 ____D () C:\Users\Chan
2014-09-13 01:32 - 2014-03-02 22:56 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\Skype
2014-09-13 01:28 - 2014-09-08 20:37 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-13 01:26 - 2009-07-14 10:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 23:28 - 2014-09-07 23:22 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000Core.job
2014-09-12 22:02 - 2014-03-01 13:07 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\vlc
2014-09-12 00:47 - 2014-03-02 00:28 - 00002321 _____ () C:\Users\Chan\Desktop\Google Chrome.lnk
2014-09-10 17:44 - 2014-09-10 17:44 - 00001088 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-09-10 17:44 - 2014-09-10 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-09-10 17:44 - 2014-09-08 20:37 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\IObit
2014-09-10 17:44 - 2014-09-08 20:37 - 00000000 ____D () C:\Program Files\IObit
2014-09-10 16:27 - 2014-03-02 02:05 - 00000000 ____D () C:\Windows\Panther
2014-09-10 15:27 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\rescache
2014-09-10 01:32 - 2014-03-01 13:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 01:32 - 2014-03-01 13:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-09 16:02 - 2014-09-08 06:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-09 02:16 - 2014-09-08 20:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-09 02:16 - 2014-09-08 06:19 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-09 02:16 - 2014-09-08 06:19 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-09 00:45 - 2014-09-09 00:39 - 36399648 _____ () C:\Users\Chan\Downloads\Firefox Setup 33.0b1.exe
2014-09-09 00:21 - 2014-03-01 12:56 - 00717892 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 00:15 - 2014-09-09 00:15 - 06374104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2014-09-09 00:15 - 2014-09-09 00:15 - 01910488 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU.exe
2014-09-09 00:15 - 2014-09-09 00:15 - 00421080 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX.dll
2014-09-09 00:15 - 2014-09-09 00:15 - 00139992 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM.exe
2014-09-09 00:15 - 2014-03-23 16:15 - 00003975 _____ () C:\Windows\system32\RaCoInst.log
2014-09-09 00:15 - 2009-07-14 10:22 - 00000000 ____D () C:\Windows\twain_32
2014-09-09 00:14 - 2014-09-09 00:14 - 02122952 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28.sys
2014-09-09 00:14 - 2014-09-09 00:14 - 00718552 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2014-09-09 00:14 - 2014-09-09 00:14 - 00382492 _____ () C:\Windows\system32\Drivers\FW7650.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00239920 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInst.dll
2014-09-09 00:14 - 2014-09-09 00:14 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2014-09-09 00:14 - 2014-09-09 00:14 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2014-09-09 00:14 - 2014-09-09 00:14 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-09-09 00:14 - 2014-09-09 00:14 - 00008192 _____ () C:\Windows\system32\Drivers\rt2860.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00004096 _____ () C:\Windows\system32\Drivers\rt3290.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00004096 _____ () C:\Windows\system32\Drivers\3290PCI4KB.bin
2014-09-09 00:14 - 2014-09-09 00:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriver_01011.Wdf
2014-09-09 00:13 - 2014-09-09 00:13 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-09-09 00:13 - 2014-09-09 00:13 - 00086488 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriver.sys
2014-09-09 00:13 - 2014-09-09 00:13 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2014-09-08 23:56 - 2014-09-08 23:56 - 00001088 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-09-08 23:56 - 2014-09-08 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-09-08 23:56 - 2014-09-08 20:37 - 00000000 ____D () C:\ProgramData\IObit
2014-09-08 22:42 - 2014-09-08 22:42 - 00364504 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-09-08 22:36 - 2014-09-08 22:36 - 18032128 _____ (Intel Corporation) C:\Windows\system32\igdfcl32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 15647200 _____ (Intel Corporation) C:\Windows\system32\igdumdim32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 06381568 _____ (Intel Corporation) C:\Windows\system32\ig7icd32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 04343256 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 04339672 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 02990592 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2014-09-08 22:36 - 2014-09-08 22:36 - 01755648 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 01551872 _____ (Intel Corporation) C:\Windows\system32\igdrcl32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 01132960 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00894424 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00734720 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00607744 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00544728 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00544216 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00398808 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00393688 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00393176 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00349112 _____ () C:\Windows\system32\igdmd32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00329728 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00294912 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igdbcl32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00279000 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00277976 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00241152 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00235520 _____ () C:\Windows\system32\igfxCPL.cpl
2014-09-08 22:36 - 2014-09-08 22:36 - 00221696 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00205784 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00187348 __RSH () C:\Windows\system32\resTHA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00183808 _____ () C:\Windows\system32\igdde32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00183800 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00180736 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00180164 __RSH () C:\Windows\system32\resELL.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00176020 __RSH () C:\Windows\system32\resRUS.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00161876 __RSH () C:\Windows\system32\resARA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00161332 __RSH () C:\Windows\system32\resHEB.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00161268 __RSH () C:\Windows\system32\resJPN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00159192 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-09-08 22:36 - 2014-09-08 22:36 - 00158032 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00156692 __RSH () C:\Windows\system32\resFRA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00156676 __RSH () C:\Windows\system32\resHUN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00155136 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00154980 __RSH () C:\Windows\system32\resKOR.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154884 __RSH () C:\Windows\system32\resITA.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154884 __RSH () C:\Windows\system32\resDEU.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154724 __RSH () C:\Windows\system32\resROM.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154612 __RSH () C:\Windows\system32\resESN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154180 __RSH () C:\Windows\system32\resPLK.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00154036 __RSH () C:\Windows\system32\resSKY.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153844 __RSH () C:\Windows\system32\resNLD.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153600 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3643.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00153284 __RSH () C:\Windows\system32\resPTB.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153140 __RSH () C:\Windows\system32\resTRK.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00153108 __RSH () C:\Windows\system32\resCSY.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00152980 __RSH () C:\Windows\system32\resPTG.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00152564 __RSH () C:\Windows\system32\resFIN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00152132 __RSH () C:\Windows\system32\resHRV.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00151684 __RSH () C:\Windows\system32\resSVE.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00151508 __RSH () C:\Windows\system32\resSLV.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00150580 __RSH () C:\Windows\system32\resNOR.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00150068 __RSH () C:\Windows\system32\resDAN.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00148756 __RSH () C:\Windows\system32\resENU.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00146980 __RSH () C:\Windows\system32\resCHT.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00146148 __RSH () C:\Windows\system32\resCHS.cui
2014-09-08 22:36 - 2014-09-08 22:36 - 00142848 _____ () C:\Windows\system32\igdail32.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00063488 _____ () C:\Windows\system32\igfxCUIServicePS.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00057856 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00056116 _____ () C:\Windows\system32\iglhxs32.vp
2014-09-08 22:36 - 2014-09-08 22:36 - 00033968 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00010240 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2014-09-08 22:36 - 2014-09-08 22:36 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2014-09-08 22:36 - 2014-01-25 02:02 - 16942976 _____ (Intel Corporation) C:\Windows\system32\igd10iumd32.dll
2014-09-08 22:36 - 2014-01-25 02:02 - 03658520 _____ (Intel Corporation) C:\Windows\system32\igdusc32.dll
2014-09-08 22:36 - 2014-01-25 02:02 - 00403416 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe
2014-09-08 21:50 - 2014-09-08 21:50 - 39215104 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-08 21:50 - 2014-09-08 21:50 - 00163840 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-08 21:50 - 2014-09-08 21:50 - 00098304 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-08 21:50 - 2014-09-08 21:50 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-08 21:48 - 2014-09-08 21:48 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-09-08 21:48 - 2014-09-08 21:48 - 03086040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-09-08 21:48 - 2014-09-08 21:48 - 02566872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 02474200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-09-08 21:48 - 2014-09-08 21:48 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-08 21:48 - 2014-09-08 21:48 - 00916696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-09-08 21:48 - 2014-09-08 21:48 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-09-08 21:48 - 2014-09-08 21:48 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-09-08 21:48 - 2014-09-08 21:48 - 00000000 ____D () C:\Program Files\Realtek
2014-09-08 21:31 - 2014-09-08 21:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-08 21:31 - 2014-09-08 21:31 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-08 21:14 - 2014-09-08 21:14 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\ProductData
2014-09-08 21:13 - 2014-09-08 21:13 - 00001146 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-09-08 21:13 - 2014-03-02 05:04 - 00000000 ____D () C:\Program Files\Plugins
2014-09-08 21:12 - 2014-09-08 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-09-08 21:12 - 2014-09-08 21:12 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-08 20:38 - 2014-09-08 20:37 - 00002085 _____ () C:\Users\Public\Desktop\Driver Booster 2 Beta.lnk
2014-09-08 20:37 - 2014-09-08 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2 Beta 2.0
2014-09-08 20:31 - 2014-09-08 20:09 - 38662680 _____ (IObit ) C:\Users\Chan\Downloads\advanced-systemcare-setup.exe
2014-09-08 20:19 - 2014-09-08 20:07 - 08190744 _____ (IObit ) C:\Users\Chan\Downloads\driver_booster_setup_beta.exe
2014-09-08 14:59 - 2014-09-08 14:59 - 00108824 _____ () C:\Users\Chan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 14:59 - 2014-09-08 14:58 - 00406272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 02:20 - 2014-09-08 02:20 - 00007597 _____ () C:\Users\Chan\AppData\Local\Resmon.ResmonCfg
2014-09-08 02:13 - 2014-09-08 02:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\Chan\Downloads\HijackThis.exe
2014-09-08 02:03 - 2014-03-02 07:54 - 00000000 ____D () C:\AdwCleaner
2014-09-08 01:50 - 2014-09-08 01:50 - 01370467 _____ () C:\Users\Chan\Downloads\AdwCleaner(1).exe
2014-09-08 01:02 - 2009-07-14 10:04 - 00020208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 01:02 - 2009-07-14 10:04 - 00020208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 00:08 - 2014-09-08 00:08 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\Synaptics
2014-09-08 00:05 - 2014-09-08 00:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-09-07 23:38 - 2014-04-08 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-07 23:38 - 2014-03-01 13:51 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-07 23:38 - 2014-03-01 13:51 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-07 23:35 - 2014-09-07 23:33 - 04901352 _____ (Piriform Ltd) C:\Users\Chan\Downloads\ccsetup417.exe
2014-09-07 23:22 - 2014-03-02 00:26 - 00000000 ____D () C:\Users\Chan\AppData\Local\Google
2014-09-07 22:48 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\wfp
2014-09-07 22:47 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\registration
2014-09-06 17:21 - 2014-03-03 15:12 - 00003350 _____ () C:\Users\Chan\Documents\con2d.html.html
2014-09-04 22:48 - 2014-09-04 22:48 - 00000561 _____ () C:\Users\Chan\Downloads\LOVETHEWAY.xspf
2014-09-04 21:55 - 2014-03-02 05:21 - 00000000 ____D () C:\Program Files\Opera
2014-09-04 21:28 - 2014-09-04 21:27 - 04247216 _____ () C:\Users\Chan\Downloads\EminemRihannaLo
2014-09-04 13:17 - 2014-03-04 09:02 - 00000000 ____D () C:\Program Files\SeaMonkey
2014-09-03 21:38 - 2014-03-01 13:07 - 00000984 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-03 21:38 - 2014-03-01 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-27 22:44 - 2014-08-27 22:44 - 00000121 _____ () C:\Users\Chan\Downloads\listen.pls
2014-08-23 18:10 - 2014-08-23 18:10 - 00000000 ____D () C:\Users\Chan\Documents\EA SPORTS™ Cricket 07
2014-08-22 18:07 - 2014-08-22 18:02 - 22439520 _____ (Mozilla) C:\Users\Chan\Downloads\Firefox Setup 22.0b1.exe
2014-08-20 17:51 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-08-17 12:50 - 2014-08-15 14:44 - 00000000 ____D () C:\Program Files\360
2014-08-15 17:47 - 2014-08-15 17:47 - 00000000 ____D () C:\Users\Chan\AppData\Local\Adobe
2014-08-15 14:48 - 2014-03-09 01:12 - 00000897 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-08-15 14:48 - 2014-03-09 01:11 - 00000000 ____D () C:\Program Files\Winamp
2014-08-15 14:47 - 2014-08-15 14:47 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2014-08-15 14:47 - 2014-08-15 14:47 - 00000000 ____D () C:\Program Files\Winamp Detect
2014-08-15 14:44 - 2014-08-15 14:44 - 00000000 ____D () C:\Users\Chan\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-08-15 14:43 - 2014-08-15 14:43 - 17888872 _____ (Nullsoft, Inc.) C:\Users\Chan\Downloads\winamp57_3444_beta_full_all.exe
2014-08-15 14:25 - 2014-08-15 14:25 - 00766008 _____ ( ) C:\Users\Chan\Downloads\winamp57_3444_beta_full_all_inst.exe
2014-08-14 14:53 - 2014-08-14 14:53 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-14 14:53 - 2014-03-02 22:56 - 00000000 ____D () C:\ProgramData\Skype

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 01:47

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by Chan at 2014-09-13 03:58:07
Running from C:\Users\Chan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.2.2.28500 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avant Browser (remove only) (HKLM\...\AvantBrowser) (Version: 12.5.0.0 - Avant Force)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CamLife! V1.3.3 (HKLM\...\{054B6A69-463D-45E0-BCC4-1CAE328BC396}) (Version: 1.3.3 - 10moons)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
Driver Booster (HKLM\...\Driver Booster_is1) (Version: 1.5 - IObit)
Driver Booster 2 Beta 2.0 (HKLM\...\Driver Booster Beta_is1) (Version: 2.0 - IObit)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Free MP3 Cutter Joiner 9.9 (HKLM\...\{02509E6E-B951-45A8-BF42-ACFAF0D6B4DA}}_is1) (Version: 9.9 - DVDVideoMedia, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
MailToDesktop 1.03 (HKLM\...\MailToDesktop.com_is1) (Version:  - MailToDesktop.com)
MBlaze UI (HKLM\...\ZTEWireless-101_is1) (Version:  - )
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.21.00.113 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 33.0 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MTS Entertainment version 1.0 (HKLM\...\MTS Entertainment_is1) (Version: 1.0 - )
MTS Games version 1.0 (HKLM\...\MTS Games_is1) (Version: 1.0 - )
MTS PC SAFE 1.0 (HKLM\...\MTS PC SAFE) (Version: 1.0 - MTS.)
Need for Speed™ Most Wanted (HKLM\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version:  - )
Opera Stable 24.0.1558.53 (HKLM\...\Opera 24.0.1558.53) (Version: 24.0.1558.53 - Opera Software ASA)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SeaMonkey 2.25 (x86 en-US) (HKLM\...\SeaMonkey 2.25 (x86 en-US)) (Version: 2.25 - Mozilla)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tata Photon+ (HKLM\...\Tata Photon+) (Version: 11.030.01.28.628 - Huawei Technologies Co.,Ltd)
USB Video Device (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.7 Beta - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Packages (HKCU\...\Winamp Packages) (Version:  - ) <==== ATTENTION
Youtube Downloader HD v. 2.9.9.13 (HKLM\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Chan\AppData\Local\Google\Chrome\Application\37.0.2062.120\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3595032436-1198616242-287078722-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chan\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

==================== Restore Points  =========================

08-09-2014 16:00:42 Windows Modules Installer
08-09-2014 16:17:27 Driver Booster : High Definition Audio Device
08-09-2014 18:40:27 Driver Booster : Standard AHCI 1.0 Serial ATA Controller

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2009-06-11 03:09 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11FC7C5D-5272-40AF-8717-E505297FBD9D} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2014-08-01] (IObit)
Task: {257D61A0-3778-46C2-AC25-BEAFADF2D630} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {2B2D1892-0A1F-4511-8D7B-E2D3B49ACBEF} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-02] (IObit)
Task: {48FAD6CC-CEC7-44B9-BC0A-640A2835FE49} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-03] (IObit)
Task: {4E324DD7-44C6-49E1-A59C-4A08247ED485} - System32\Tasks\ASC7_SkipUac_Chan => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {54A0241C-4F81-42F7-AED6-78DB0784FFD8} - System32\Tasks\Driver Booster Beta Update => C:\Program Files\IObit\Driver Booster Beta\AutoUpdate.exe [2014-09-05] (IObit)
Task: {5A8B075A-6505-4188-BA7B-7134C69FF1F4} - System32\Tasks\Opera scheduled Autoupdate 1393717883 => C:\Program Files\Opera\launcher.exe [2014-08-27] (Opera Software)
Task: {66DD4A42-ACD5-422F-9D0C-B7AABEDCA65A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6887ECB9-15DA-4303-AAD9-3BF2313B5B57} - System32\Tasks\Driver Booster SkipUAC (Chan) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {696FCE2C-522B-427B-9573-62D9CDA28020} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {73A38F9D-D66B-4AF9-87D9-068D2E69026C} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {7F0F5989-B6B6-49BD-B4C4-0E7F12C6FFE1} - System32\Tasks\Driver Booster Beta SkipUAC (Chan) => C:\Program Files\IObit\Driver Booster Beta\DriverBooster.exe [2014-09-05] (IObit)
Task: {7FF5AF00-D489-4E3F-B588-FAB94D22CAB3} - System32\Tasks\{30ECA463-5454-4E85-9BC5-002CF0FCCAB0} => D:\EA SPORTS™ Cricket 07\Cricket07.exe [2006-11-15] ()
Task: {8AC73EB4-C608-4558-8275-46E46B3A1B56} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-05] (AVAST Software)
Task: {8C48A56C-F426-4F4B-9765-0CB34973D00F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000UA => C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-07] (Google Inc.)
Task: {96DF4157-2143-4595-A995-A2F5C408CAA5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000Core => C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-07] (Google Inc.)
Task: {ABF6AEA1-700F-4E04-8B79-E36658A7C735} - System32\Tasks\Driver Booster Beta Scan => C:\Program Files\IObit\Driver Booster Beta\Scheduler.exe [2014-09-05] (IObit)
Task: {B7761EED-51DC-4887-A224-180287207BA4} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit)
Task: {BFFE80D8-3A03-4E59-8493-F77BF8BC884D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F3EECDD0-8C25-42FA-AC98-E7A4BE0E8131} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\e2778b28-928c-4697-894d-65311608041e-1.job => C:\Program Files\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000Core.job => C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3595032436-1198616242-287078722-1000UA.job => C:\Users\Chan\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-08 21:12 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2014-07-05 23:01 - 2014-07-05 23:01 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-12 15:11 - 2014-09-12 15:11 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091200\algo.dll
2014-09-13 01:37 - 2014-09-13 01:37 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091202\algo.dll
2014-05-21 15:52 - 2014-05-21 15:52 - 02135232 _____ () C:\Program Files\Comodo\Dragon\dragon_updater.exe
2010-11-16 19:07 - 2010-11-16 19:07 - 00264704 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2014-07-27 11:19 - 2013-07-23 09:17 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2014-07-27 19:25 - 2013-05-10 09:37 - 00512000 _____ () C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-08 21:12 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-09-08 21:12 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-09-08 21:12 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-09-08 21:12 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2014-09-10 17:44 - 2014-06-04 15:17 - 00892288 _____ () C:\Program Files\IObit\Smart Defrag 3\webres.dll
2014-07-05 23:01 - 2014-07-05 23:01 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-08 21:12 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll
2014-09-08 23:56 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Driver Booster\madExcept_.bpl
2014-09-08 23:56 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Driver Booster\madBasic_.bpl
2014-09-08 23:56 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Driver Booster\madDisAsm_.bpl
2014-09-08 23:56 - 2014-01-07 14:16 - 00893248 _____ () C:\Program Files\IObit\Driver Booster\webres.dll
2014-09-08 23:56 - 2012-02-16 10:16 - 00516440 _____ () C:\Program Files\IObit\Driver Booster\sqlite3.dll
2014-07-27 19:25 - 2013-05-30 16:30 - 13029376 _____ () C:\Program Files\MBlaze UI\bin\App.exe
2014-07-27 19:25 - 2013-05-30 16:22 - 00019456 _____ () C:\Program Files\MBlaze UI\bin\zfThreading.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00057344 _____ () C:\Program Files\MBlaze UI\bin\zfLogService.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00192512 _____ () C:\Program Files\MBlaze UI\bin\zfHelper.dll
2014-07-27 19:25 - 2013-03-22 14:43 - 00971776 _____ () C:\Program Files\MBlaze UI\bin\libxml2.dll
2014-07-27 19:25 - 2013-03-22 14:43 - 00073728 _____ () C:\Program Files\MBlaze UI\bin\zlib1.dll
2014-07-27 19:25 - 2013-03-22 14:43 - 00290904 _____ () C:\Program Files\MBlaze UI\bin\libxslt.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00013312 _____ () C:\Program Files\MBlaze UI\bin\zfSoundPlayLib.dll
2014-07-27 19:25 - 2013-05-30 16:23 - 00204800 _____ () C:\Program Files\MBlaze UI\bin\zfXCommWrapper.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00450560 _____ () C:\Program Files\MBlaze UI\bin\zfXComm.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00014336 _____ () C:\Program Files\MBlaze UI\bin\zfSerialPort.dll
2014-07-27 19:25 - 2013-05-30 16:23 - 00069632 _____ () C:\Program Files\MBlaze UI\bin\zfCustomization.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00102400 _____ () C:\Program Files\MBlaze UI\bin\zfWaveLib.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00040960 _____ () C:\Program Files\MBlaze UI\bin\zfRasWrapper.dll
2014-07-27 19:25 - 2013-05-30 16:22 - 00077824 _____ () C:\Program Files\MBlaze UI\bin\zfDeviceHW.dll
2014-09-08 20:25 - 2014-09-03 14:34 - 03648624 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Bluetooth Controller
Description: Bluetooth Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2014 03:48:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.0.0.5358 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1094

Start Time: 01cfcec5479ace73

Termination Time: 133

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: c1fa56f8-3aca-11e4-b82b-a01d486edc88

Error: (09/13/2014 02:21:55 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={139D8091-63E3-4875-BE9B-A5CC41ED1D15}: The user Chan-PC\Chan dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 0.

Error: (09/13/2014 01:27:19 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (09/12/2014 04:05:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/12/2014 04:05:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/12/2014 03:08:03 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (09/12/2014 01:39:17 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={6221A059-30AD-41D3-A3B0-87CE0C8605CC}: The user Chan-PC\Chan dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 633.

Error: (09/12/2014 01:39:02 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={28326835-8505-42BE-A514-21B7FD171A21}: The user Chan-PC\Chan dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 692.

Error: (09/12/2014 01:38:44 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={011C0B32-605F-494B-8D4E-08174140E393}: The user Chan-PC\Chan dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 0.

Error: (09/12/2014 01:38:10 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={086EBBC9-3E9F-4AD9-B618-321B5612CF8F}: The user Chan-PC\Chan dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 692.


System errors:
=============
Error: (09/12/2014 09:29:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {46986115-84D6-459C-8F95-52DD653E532E}

Error: (09/12/2014 03:08:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (09/12/2014 03:08:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (09/12/2014 05:34:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (09/10/2014 04:20:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/10/2014 04:20:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/10/2014 04:20:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/10/2014 04:20:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/10/2014 04:20:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/10/2014 04:20:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/13/2014 03:48:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.0.5358109401cfcec5479ace73133C:\Program Files\Mozilla Firefox\firefox.exec1fa56f8-3aca-11e4-b82b-a01d486edc88

Error: (09/13/2014 02:21:55 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {139D8091-63E3-4875-BE9B-A5CC41ED1D15}Chan-PC\ChanMBlaze USB Modem0

Error: (09/13/2014 01:27:19 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (09/12/2014 04:05:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\IObit\driver booster\DpInst\x64\dpinst.exe

Error: (09/12/2014 04:05:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\IObit\driver booster beta\DpInst\x64\dpinst.exe

Error: (09/12/2014 03:08:03 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (09/12/2014 01:39:17 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {6221A059-30AD-41D3-A3B0-87CE0C8605CC}Chan-PC\ChanMBlaze USB Modem633

Error: (09/12/2014 01:39:02 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {28326835-8505-42BE-A514-21B7FD171A21}Chan-PC\ChanMBlaze USB Modem692

Error: (09/12/2014 01:38:44 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {011C0B32-605F-494B-8D4E-08174140E393}Chan-PC\ChanMBlaze USB Modem0

Error: (09/12/2014 01:38:10 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {086EBBC9-3E9F-4AD9-B618-321B5612CF8F}Chan-PC\ChanMBlaze USB Modem692


==================== Memory info ===========================

Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 2721.36 MB
Available physical RAM: 1390.39 MB
Total Pagefile: 5440.99 MB
Available Pagefile: 3399.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.12 GB) (Free:46.9 GB) NTFS
Drive d: () (Fixed) (Total:391.54 GB) (Free:280.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9933CA03)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=391.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 PM

Posted 13 September 2014 - 08:54 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

Winlogon\Notify\igfxcui: igfxdev.dll [X]
FF user.js: detected! => C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\user.js
FF Extension: VMP UltiSend - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\Extensions\3ffb86d0-3ce6-450b-92b6-10f6577b9f01@85d80483-1202-4ccd-9f03-847dea3e3a48.com [2014-09-09]
FF Extension: No Name - C:\Users\Chan\AppData\Roaming\Mozilla\Firefox\Profiles\dgqqhz9h.default-1404098892723\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [Not Found]
Task: C:\Windows\Tasks\e2778b28-928c-4697-894d-65311608041e-1.job => C:\Program Files\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
=========

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 PM

Posted 19 September 2014 - 08:50 AM

Are you still with me?

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 PM

Posted 25 September 2014 - 10:16 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users