Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I think my PC got infected by Razor1911 [Closed] [Solved]

razor1911 sim city 5 infection

  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK to clear that :

Open Avast
Go to settings > general
Select popups and remove the tick from show offers

Capture.JPG

How is the computer behaving at the moment
  • 0

Advertisements


#17
langvu900

langvu900

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

It's good! Thanks! Sometimes my computer runs fast and sometimes slow. Do you think my computer is free from malware? Thanks again! :laughing: 


  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
All indications are that you are clean can we will run one final confirmatory check with FRST to be sure

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#19
langvu900

langvu900

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Thank  you so much!! Here is the Addition.txt and FRST.txt:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03

Ran by Papa (administrator) on FAMILIE-LE-NB on 25-08-2014 16:15:36
Running from C:\Users\PhanCo.FAMILIE-LE-NB\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
(Copyright 2012 SAMSUNG) C:\Users\Papa\Documents\AllShare Play\AllShare Play Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Copyright 2012 SAMSUNG) C:\Users\Papa\Documents\AllShare Play\AllShare Play Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Itim Technologies Co., Ltd.) C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\CocCoc\Update\1.3.39.7\CocCocCrashHandler.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NCT Corporation) C:\Program Files (x86)\NhacCuaTui\1.0.6.27\NhacCuaTui.exe
(Akamai Technologies, Inc.) C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Akamai\netsession_win.exe
(i-Funbox.com) C:\Program Files (x86)\iFunbox 2013\iFunBox2013.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Akamai Technologies, Inc.) C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\YouCam6\YouCamService6.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(VNPT-CA) C:\Program Files (x86)\VNPT-CA\VNPT-CA CL Token Manager v1\vnpt-ca_cl_v1_certd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [500696 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-07] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-12] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [VNPT-CA CL Token Manager V1_std] => C:\Program Files (x86)\VNPT-CA\VNPT-CA CL Token Manager v1\vnpt-ca_cl_v1_certd.exe [139312 2013-10-30] (VNPT-CA)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911040 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Run: [Tiny download manager] => C:\Users\Papa\AppData\Local\DM\TinyDM.exe [288728 2014-02-16] (http://www.tinydm.com/)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3604048 2013-06-20] (Tonec Inc.)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Run: [Avast-Browser-Cleanup] => C:\Program Files\Alwil Software\Avast5\BrowserCleanup.exe [2564088 2014-08-19] (AVAST Software)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\RunOnce: [Avast-Browser-Cleanup] => C:\Program Files\Alwil Software\Avast5\BrowserCleanup.exe [2564088 2014-08-19] (AVAST Software)
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S1].txt [8702 2014-08-23] ()
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\MountPoints2: {bc1d265d-fc35-11e3-b3d0-806e6f6e6963} - F:\autorun.exe
HKU\S-1-5-21-4169419405-2626366916-160398126-1000\...\MountPoints2: {f83808f1-fc17-11e3-a4b2-60eb69562f4e} - F:\autorun.exe
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [DAEMON Tools Lite] => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-02] (Google Inc.)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [CocCoc Update] => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\CocCoc\Update\CocCocUpdate.exe [142200 2014-01-20] (Itim Technologies Co., Ltd.)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3604048 2013-06-20] (Tonec Inc.)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [NhacCuaTui] => C:\Program Files (x86)\NhacCuaTui\1.0.6.27\NhacCuaTui.exe [2033016 2013-11-22] (NCT Corporation)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [Akamai NetSession Interface] => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\Run: [iFunBox Price Watch] => C:\Program Files (x86)\iFunbox 2013\iFunBox2013.exe [5474816 2013-09-27] (i-Funbox.com)
HKU\S-1-5-21-4169419405-2626366916-160398126-1007\...\MountPoints2: {d37c59bb-7531-11e3-9803-60eb69562f4e} - D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (No File)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: .webnavi -> {71748560-AA80-4469-9C1D-29A66233974C} => C:\Users\Papa\AppData\Roaming\webnavi\nvi64.dll No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: .webnavi -> {71748560-AA80-4469-9C1D-29A66233974C} => C:\Users\Papa\AppData\Roaming\webnavi\nvi.dll No File
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shb.com.vn/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z115t77m1j59s
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z115t77m1j59s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z115t77m1j59s
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = http://www.bigseekpr...q={searchTerms}
SearchScopes: HKCU - {391588CC-C239-46D5-90E3-05638F1D5DF5} URL = http://search.creati...q={searchTerms}
SearchScopes: HKCU - {57238BE3-743E-4BE5-9F23-6AE7B33571A8} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...1I7ACAW_deVN406
SearchScopes: HKCU - {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = http://www.bigseekpr...q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Blog This in Windows Live -> {2adefb8e-b923-35e6-86e2-2b7841f5d6a4} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - PasswordBox - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab
Handler: haufereader - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: haufereader - No CLSID Value - 
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{17D9B602-7FC4-4529-A557-E1456C40D5AF}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\12lc5kq6.default
FF DefaultSearchEngine: Search
FF SearchEngineOrder.1: Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.n-tv.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @soe.sony.com/installer,version=1.0.3 -> C:\Users\PhanCo.FAMILIE-LE-NB\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Temp\Rar$EXa0.497\LienMinhHuyenThoai\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: @zing.vn/ZingPlay-WebControl-1,version=1.0.1 -> C:\Program Files\VinaGame\ZingPlay\npWebActivater.dll (VNG Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSWF32.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\12lc5kq6.default\searchplugins\passwordbox.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-06-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-11-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2012-05-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-28]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2012-02-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-05-07]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-09-10]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\Papa\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Papa\AppData\Roaming\IDM\idmmzcc5 [2013-09-15]
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Papa\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\12lc5kq6.default\extensions\[email protected] []
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.shb.com.vn/"
CHR Extension: (SearchNewTab) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\afddldeabjlloeiaejhkcihpbfjbcnca [2013-09-14]
CHR Extension: (IDM Integration) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm [2014-02-01]
CHR Extension: (Google Wallet) - C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-12]
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)
R2 AllShare Play Service; C:\Users\Papa\Documents\AllShare Play\AllShare Play Service.exe [662752 2012-12-20] (Copyright 2012 SAMSUNG)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-08-12] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [106488 2014-08-12] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [107624 2014-08-23] (RaMMicHaeL)
S2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [X]
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [312184 2010-09-21] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-12] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-08-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-12] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-20] ()
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 hxsyol; C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [86352 2013-11-27] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-20] ()
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-08-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-01-04] (Duplex Secure Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-25 16:15 - 2014-08-25 16:16 - 00034607 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST.txt
2014-08-25 16:15 - 2014-08-25 16:15 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST-OlderVersion
2014-08-24 17:46 - 2014-08-24 17:46 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\TeamViewer
2014-08-24 12:46 - 2014-08-24 12:47 - 576083497 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\SacredShadowWolf Tutorials - The Forest Ver.0.05.rar
2014-08-23 09:55 - 2014-08-23 09:56 - 01364531 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\AdwCleaner.exe
2014-08-23 09:55 - 2014-08-23 09:55 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-08-23 09:55 - 2014-08-23 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-08-23 09:55 - 2014-08-23 09:55 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-08-23 09:35 - 2014-08-23 09:35 - 00695920 _____ (RaMMicHaeL) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\unchecky_setup.exe
2014-08-22 21:49 - 2014-08-22 21:49 - 00024828 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\adw2.txt
2014-08-22 21:49 - 2014-08-22 21:49 - 00024827 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\adw.txt
2014-08-22 16:45 - 2014-08-22 16:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-22 16:45 - 2014-08-22 16:45 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-22 16:45 - 2014-08-22 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-22 16:45 - 2014-08-22 16:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-22 16:45 - 2014-08-22 16:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-22 16:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-22 16:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-22 16:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-22 16:42 - 2014-08-22 16:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-21 19:23 - 2014-08-21 19:23 - 00225280 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\FLVPlayer_downloader-N3lyI5xRi.exe
2014-08-19 16:33 - 2014-08-19 16:33 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\FRST-OlderVersion
2014-08-17 13:58 - 2014-08-17 14:22 - 03163851 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\Đà Nẵng.pptx
2014-08-16 00:39 - 2014-08-16 00:54 - 111457363 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\p1.flv
2014-08-13 16:38 - 2014-08-07 08:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 16:38 - 2014-08-07 08:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-12 19:05 - 2014-08-12 19:05 - 00076705 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\Addition.txt
2014-08-12 19:04 - 2014-08-12 19:05 - 00055243 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\FRST.txt
2014-08-12 19:03 - 2014-08-25 16:15 - 00000000 ____D () C:\FRST
2014-08-12 19:02 - 2014-08-25 16:15 - 02103296 _____ (Farbar) C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST64.exe
2014-08-12 19:01 - 2014-08-12 19:01 - 00001005 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\AdwCleaner[S0] - Verknüpfung.lnk
2014-08-12 17:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-12 17:50 - 2014-08-23 10:00 - 00000000 ____D () C:\AdwCleaner
2014-08-12 17:21 - 2014-08-12 17:21 - 01366203 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\AdwCleaner.exe
2014-08-12 16:30 - 2014-08-12 16:30 - 00001987 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-12 16:30 - 2014-08-12 16:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-12 16:29 - 2014-08-12 16:29 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-08-12 16:29 - 2014-08-12 16:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 20:39 - 2014-08-11 20:39 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Skype
2014-08-11 20:39 - 2014-08-11 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-11 20:35 - 2014-08-11 20:35 - 01677928 _____ (Skype Technologies S.A.) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\SkypeSetup.exe
2014-08-10 00:50 - 2014-08-10 00:51 - 04161313 _____ () C:\Users\Papa\Downloads\tdsskiller.zip
2014-08-10 00:49 - 2014-08-10 00:49 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\tdsskiller.exe
2014-08-10 00:32 - 2014-08-10 00:32 - 00000000 ____D () C:\ProgramData\F-Secure
2014-08-10 00:25 - 2014-08-10 00:27 - 05124208 _____ (F-Secure Corporation) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\F-SecureOnlineScanner-HC.exe
2014-08-09 23:57 - 2014-08-09 23:57 - 00148710 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\Extras.Txt
2014-08-09 23:56 - 2014-08-09 23:56 - 00299540 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\OTL.Txt
2014-08-09 23:56 - 2014-08-09 23:56 - 00000000 ____D () C:\Users\Papa\AppData\Local\Apps\2.0
2014-08-09 22:03 - 2014-08-09 22:03 - 00000000 ____D () C:\Users\Papa\Documents\SimCity
2014-08-09 21:45 - 2014-08-09 21:45 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\install
2014-07-26 23:59 - 2014-07-27 00:11 - 663087765 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\The Forest Setup [Project Antx].exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-25 16:16 - 2014-08-25 16:15 - 00034607 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST.txt
2014-08-25 16:15 - 2014-08-25 16:15 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST-OlderVersion
2014-08-25 16:15 - 2014-08-12 19:03 - 00000000 ____D () C:\FRST
2014-08-25 16:15 - 2014-08-12 19:02 - 02103296 _____ (Farbar) C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST64.exe
2014-08-25 16:13 - 2010-09-18 23:13 - 01999571 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 16:10 - 2013-09-13 17:11 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Tracing
2014-08-25 16:09 - 2014-02-16 17:59 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\NhacCuaTui
2014-08-25 16:09 - 2013-11-23 13:29 - 00000320 _____ () C:\Windows\Tasks\Start Registry Reviver for [email protected](logon).job
2014-08-25 16:09 - 2012-08-06 21:55 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-25 16:09 - 2010-11-16 01:47 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 16:07 - 2009-07-14 12:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 16:07 - 2009-07-14 11:51 - 00179308 _____ () C:\Windows\setupact.log
2014-08-24 18:21 - 2013-09-15 20:09 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\DMCache
2014-08-24 18:01 - 2012-02-22 23:26 - 00000254 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-08-24 17:46 - 2014-08-24 17:46 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\TeamViewer
2014-08-24 17:46 - 2013-04-25 22:31 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Documents\Outlook-Dateien
2014-08-24 17:36 - 2010-11-16 01:47 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 17:34 - 2013-12-14 17:24 - 00001028 _____ () C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-4169419405-2626366916-160398126-1007UA.job
2014-08-24 17:34 - 2013-12-14 17:24 - 00000976 _____ () C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-4169419405-2626366916-160398126-1007Core.job
2014-08-24 16:32 - 2009-07-14 11:45 - 00016112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-24 16:32 - 2009-07-14 11:45 - 00016112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-24 12:47 - 2014-08-24 12:46 - 576083497 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\SacredShadowWolf Tutorials - The Forest Ver.0.05.rar
2014-08-23 10:01 - 2010-09-18 23:09 - 00322940 _____ () C:\Windows\PFRO.log
2014-08-23 10:00 - 2014-08-12 17:50 - 00000000 ____D () C:\AdwCleaner
2014-08-23 09:56 - 2014-08-23 09:55 - 01364531 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\AdwCleaner.exe
2014-08-23 09:55 - 2014-08-23 09:55 - 00001023 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-08-23 09:55 - 2014-08-23 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-08-23 09:55 - 2014-08-23 09:55 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-08-23 09:53 - 2013-06-04 15:53 - 00495104 ___SH () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\Thumbs.db
2014-08-23 09:35 - 2014-08-23 09:35 - 00695920 _____ (RaMMicHaeL) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\unchecky_setup.exe
2014-08-22 21:49 - 2014-08-22 21:49 - 00024828 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\adw2.txt
2014-08-22 21:49 - 2014-08-22 21:49 - 00024827 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\adw.txt
2014-08-22 21:49 - 2014-06-22 17:46 - 00000000 ____D () C:\Users\Papa\AppData\Local\26869
2014-08-22 21:49 - 2014-02-16 15:50 - 00000000 ____D () C:\Users\Papa\AppData\Local\DM
2014-08-22 21:49 - 2013-08-18 20:40 - 00000000 ____D () C:\Program Files (x86)\SaveShare
2014-08-22 21:49 - 2013-05-01 20:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-22 21:49 - 2009-07-14 10:20 - 00000000 _RSHD () C:\Windows\system
2014-08-22 16:48 - 2014-08-22 16:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-22 16:45 - 2014-08-22 16:45 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-22 16:45 - 2014-08-22 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-22 16:45 - 2014-08-22 16:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-22 16:45 - 2014-08-22 16:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-22 16:43 - 2014-08-22 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-21 19:23 - 2014-08-21 19:23 - 00225280 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\FLVPlayer_downloader-N3lyI5xRi.exe
2014-08-19 16:46 - 2013-03-28 18:22 - 00000330 __RSH () C:\Users\PhanCo.FAMILIE-LE-NB\ntuser.pol
2014-08-19 16:46 - 2013-03-28 18:22 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB
2014-08-19 16:33 - 2014-08-19 16:33 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\FRST-OlderVersion
2014-08-19 16:33 - 2009-07-14 10:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-08-18 21:35 - 2010-09-19 09:05 - 00700930 _____ () C:\Windows\system32\perfh007.dat
2014-08-18 21:35 - 2010-09-19 09:05 - 00153854 _____ () C:\Windows\system32\perfc007.dat
2014-08-18 21:35 - 2009-07-14 12:13 - 01651764 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-18 21:26 - 2009-07-14 12:08 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-17 14:22 - 2014-08-17 13:58 - 03163851 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\Đà Nẵng.pptx
2014-08-16 00:54 - 2014-08-16 00:39 - 111457363 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\p1.flv
2014-08-15 23:02 - 2013-04-13 22:12 - 00000000 ___RD () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\Co's stuff
2014-08-15 22:01 - 2013-07-21 19:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:45 - 2010-11-16 02:37 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 21:44 - 2014-07-18 20:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 21:44 - 2010-11-20 05:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-12 19:05 - 2014-08-12 19:05 - 00076705 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\Addition.txt
2014-08-12 19:05 - 2014-08-12 19:04 - 00055243 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\FRST.txt
2014-08-12 19:01 - 2014-08-12 19:01 - 00001005 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\AdwCleaner[S0] - Verknüpfung.lnk
2014-08-12 17:57 - 2010-11-14 18:52 - 00000000 ____D () C:\Users\Papa
2014-08-12 17:21 - 2014-08-12 17:21 - 01366203 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\AdwCleaner.exe
2014-08-12 16:30 - 2014-08-12 16:30 - 00001987 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-12 16:30 - 2011-01-13 13:28 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-12 16:29 - 2014-08-12 16:30 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-12 16:29 - 2014-08-12 16:29 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-08-12 16:29 - 2014-08-12 16:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-12 16:29 - 2013-03-25 22:52 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-12 16:29 - 2013-03-25 22:52 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-12 16:29 - 2012-05-17 10:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-12 16:29 - 2011-06-09 21:51 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-08-12 16:29 - 2011-01-13 13:28 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-12 16:29 - 2011-01-13 13:28 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-12 16:29 - 2009-01-05 05:40 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-08-12 16:29 - 2009-01-05 05:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 21:03 - 2013-08-17 00:01 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\Skype
2014-08-11 20:39 - 2014-08-11 20:39 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Skype
2014-08-11 20:39 - 2014-08-11 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-11 20:39 - 2012-06-06 16:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-11 20:39 - 2010-11-20 22:26 - 00000000 ____D () C:\ProgramData\Skype
2014-08-11 20:35 - 2014-08-11 20:35 - 01677928 _____ (Skype Technologies S.A.) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\SkypeSetup.exe
2014-08-10 00:51 - 2014-08-10 00:50 - 04161313 _____ () C:\Users\Papa\Downloads\tdsskiller.zip
2014-08-10 00:49 - 2014-08-10 00:49 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\tdsskiller.exe
2014-08-10 00:32 - 2014-08-10 00:32 - 00000000 ____D () C:\ProgramData\F-Secure
2014-08-10 00:27 - 2014-08-10 00:25 - 05124208 _____ (F-Secure Corporation) C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\F-SecureOnlineScanner-HC.exe
2014-08-09 23:57 - 2014-08-09 23:57 - 00148710 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\Extras.Txt
2014-08-09 23:56 - 2014-08-09 23:56 - 00299540 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\OTL.Txt
2014-08-09 23:56 - 2014-08-09 23:56 - 00000000 ____D () C:\Users\Papa\AppData\Local\Apps\2.0
2014-08-09 22:03 - 2014-08-09 22:03 - 00000000 ____D () C:\Users\Papa\Documents\SimCity
2014-08-09 21:45 - 2014-08-09 21:45 - 00000000 ____D () C:\Users\Papa\AppData\Roaming\install
2014-08-09 15:30 - 2014-07-18 19:12 - 00002074 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-08-09 15:30 - 2014-06-25 11:01 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-09 15:30 - 2014-06-25 11:01 - 00001013 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-09 15:18 - 2013-09-15 20:09 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\IDM
2014-08-07 08:52 - 2014-08-13 16:38 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 08:46 - 2014-08-13 16:38 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 16:15 - 2012-05-30 17:11 - 00000000 ____D () C:\Windows\Coole_Schule_6
2014-08-05 09:20 - 2011-01-13 13:49 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-27 16:37 - 2013-09-15 20:09 - 00000000 ____D () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\Compressed
2014-07-27 08:05 - 2013-03-14 17:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 08:05 - 2013-03-14 17:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 06:03 - 2013-03-14 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-27 00:11 - 2014-07-26 23:59 - 663087765 _____ () C:\Users\PhanCo.FAMILIE-LE-NB\Downloads\The Forest Setup [Project Antx].exe
 
Some content of TEMP:
====================
C:\Users\Papa\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-01 20:18
 
==================== End Of Log ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by Papa at 2014-08-25 16:17:00
Running from C:\Users\PhanCo.FAMILIE-LE-NB\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.0.8012 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.0.8012 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6625 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.63 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - Liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.02.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0222.2010 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version:  - Oberon Media)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
AllShare Framework DMS (HKLM\...\{1ABC9BD2-7E06-4D70-929B-AC1B6461A8B2}) (Version: 1.3.06 - Samsung)
AllShare Play 1.5.0.1212201836 (HKLM\...\8474-7877-9059-0204) (Version: 1.5.0.1212201836 - Copyright 2012 SAMSUNG)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AppTrans 1.7.0 (HKLM-x32\...\{F0B50B3A-0C1F-43D8-BE9A-70ADFB473114}}_is1) (Version: 1.7.0 - iMobie Inc.)
ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.25 - ArcSoft)
ArcSoft TotalMedia Theatre 5 (HKLM-x32\...\InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}) (Version: 5.0.1.87 - ArcSoft)
ArcSoft TotalMedia Theatre 5 (x32 Version: 5.0.1.87 - ArcSoft) Hidden
ArtMoney SE v7.41 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.41 - System SoftLab)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{F5816A09-786E-C91D-3D99-8A8C92648750}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version:  - )
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager Basic (x32 Version: 2.0.0.63 - NewTech Infosystems) Hidden
Battlefield 2™ (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
BF2 Editor (HKLM-x32\...\{24E85B9C-6E60-4723-89CC-71B66881A020}) (Version: 1.00.0000 - Digital Illusions)
BF2ALL64 (HKLM-x32\...\BF2ALL64) (Version:  - )
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2291.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.3.2291.0 - Microsoft Corporation) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blitzkrieg 2 (HKLM-x32\...\Blitzkrieg 2) (Version:  - )
Bluetooth OBEX File Transfer (HKLM-x32\...\{D75BB2DA-5078-4922-81CD-17736A2D888B}) (Version: 1.2.1.1 - Medieval Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Call of Duty® 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty® 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty® 2 Demo (HKLM-x32\...\InstallShield_{FB9CDF41-F0B9-4F31-9230-7DF0D6637270}) (Version:  - )
Call of Duty® 2 Demo (x32 Version:  - ) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0421.657.10561 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0421.657.10561 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help English (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help French (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help German (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0421.657.10561 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0421.657.10561 - ATI) Hidden
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.0.0.6410 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
CLIP STUDIO PAINT (HKLM-x32\...\{4B0AD476-DE95-4293-B437-BE2511DE74B6}) (Version: 1.2.0 - CELSYS)
Clone Wars (HKCU\...\SOE-Clone Wars) (Version:  - Sony Online Entertainment)
Command & Conquer 3 (HKLM-x32\...\{B0C30E93-D3D9-4F04-A2AC-54749B573275}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer 3 Kane's Wrath™ Worldbuilder (HKLM-x32\...\{44C934E4-6610-43D4-8E9B-49F30785013A}) (Version: 1.0 - Electronic Arts)
Command & Conquer™ 3: Kane's Wrath (HKLM-x32\...\{CC2422C9-F7B5-4175-B295-5EC2283AA674}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{82696435-8572-4D8B-A230-D1AA567D0F0F}) (Version: 1.0.0.0 - Electronic Arts)
Coole Schule! 4. Klasse (HKLM-x32\...\{2C03B8FF-A0CD-4F7D-A0E1-597FEDF77CAB}) (Version: 1.1 - )
Coole Schule! 5. Klasse (HKLM-x32\...\{C3A5EE5D-EB16-4431-9D39-BBB3B404CC80}) (Version: 1.1 - )
Coole Schule! 6. Klasse (HKLM-x32\...\{8019A3DA-B020-4802-8140-2FC550E73AC8}) (Version: 1.1 - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
CSM Play v1.0.1 (HKLM-x32\...\CSM Play v1.0.1_is1) (Version:  - VNG Corporation.)
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{2A07A3D4-F6CA-4EEB-9576-3A6AC8A736CE}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{2A07A3D4-F6CA-4EEB-9576-3A6AC8A736CE}) (Version:  - Microsoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
EA Installer (HKLM-x32\...\EA Installer.-1797597899) (Version: 2.3.0.74 - Electronic Arts, Inc.)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.10.15.1228 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version:  - Electronic Arts)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haufe iDesk-Browser (HKLM-x32\...\{0F32914F-A633-4516-B531-7084C8F19F93}) (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
Haufe iDesk-Service (HKLM-x32\...\{27F10580-E040-11DF-8C28-005056B12123}) (Version: 10.10.25.7810 - Haufe)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 6510 series - Grundlegende Software für das Gerät (HKLM\...\{B2B8577D-EECF-4062-BEB7-A8BE3FD679ED}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Photosmart 6510 series Hilfe (HKLM-x32\...\{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
iExplorer 3.3.1.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
iFunBox 2013 (v3.0.494.416), iFunbox DevTeam (HKLM-x32\...\iFunBox 2013_is1) (Version: v3.0.494.416 - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
Lexware buchhalter 2011 (HKLM-x32\...\{2B443CC6-7EBE-43FF-91A8-6AC3B5A085FD}) (Version: 16.30.00.0179 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM-x32\...\{C8E00BC8-D619-4081-813A-6B5BCC846534}) (Version: 9.10.00.0041 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-007A-0407-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version:  - Mobile Connection Manager)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 8.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 de)) (Version: 8.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NCDownloader (HKLM-x32\...\{0F44DC3F-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - Solibo Ltd.) <==== ATTENTION
NhacCuaTui (HKLM-x32\...\{2343FB63-1E8C-4E33-8283-B0078AD79430}) (Version: 1.0.627.0 - NCT Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3007 - Acer Incorporated)
Overlord II (HKLM-x32\...\{E426CEC1-35C5-42BF-913E-6EF8F1211D01}) (Version: 1.0 - Codemasters)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PasswordBox (HKLM-x32\...\PasswordBox) (Version: 1.18.0.2194 - PasswordBox, Inc.)
PasswordBox Search (HKCU\...\PasswordBox Search) (Version:  - PasswordBox, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Transfer App (HKLM-x32\...\com.erclab.air.phototransferapp) (Version: 2.1.0 - UNKNOWN)
Photo Transfer App (x32 Version: 2.1.0 - UNKNOWN) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.1 - Nikon)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickSteuer Deluxe 2011 (HKLM-x32\...\{6BCC7669-A863-4C24-804B-9C811C102F71}) (Version: 17.07.00.0001 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer DELUXE Wissens-Center 2011 (HKLM-x32\...\{0ABA2DC3-B67B-4D87-AB1B-EC5E9CDF24B3}) (Version: 17.10.0.0 - Haufe-Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Quyền Vương Online (HKLM-x32\...\{45CCF4CB-EB83-4CE9-9D57-4D95C94A45C9}_is1) (Version: 1.0 - PlayPark.vn)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6096 - Realtek Semiconductor Corp.)
Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.108 - ReviverSoft LLC)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Sandbox (HKLM-x32\...\Sandbox) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{DC528101-617D-4E9F-B131-F8F8C52E649B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
South Park The Stick of Truth - Update 1 version 1.0.1353 (HKLM-x32\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version:  - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
State of Decay - Breakdown (HKLM-x32\...\State of Decay - Breakdown_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Studie zur Verbesserung von HP Photosmart 6510 series Produkten (HKLM\...\{D9710515-1C8F-4AF9-A61D-2E0287915B73}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Telerik Control Panel (HKLM-x32\...\{BEB6277E-58FC-48C5-AA2E-D31E07451A9D}) (Version: 14.1.416.0 - Telerik AD)
Telerik JustDecompile Q1 2014 (HKLM-x32\...\{3FEC96B0-93E2-4E59-A7B5-29862E7D3B9D}) (Version: 14.1.225.0 - Telerik AD)
The Forest 1.0 (HKLM-x32\...\The Forest 1.0) (Version: 1.0 - Cat-A-Cat)
Tiny Download Manager (remove only) (HKLM-x32\...\TinyDM) (Version: 2 - TinyDM LTD)
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unchecky v0.2.15 (HKLM-x32\...\Unchecky) (Version: 0.2.15 - RaMMicHaeL)
UniKey 4.0 RC2 (build 1101) (HKLM-x32\...\{AC006985-A51F-42AC-A7E9-5E66D8AC8063}_is1) (Version:  - Pham Kim Long)
Unity Web Player (All users) (HKLM-x32\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{17815BC8-062D-49BE-B40C-B54149C85CE3}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PRJPROR_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{91140000-003B-0000-1000-0000000FF1CE}_Office14.PRJPROR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PRJPROR_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PRJPROR_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PRJPROR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.0 - Nikon)
Vinagame ZP Tu Lo Kho (Ta La) (HKLM-x32\...\Vinagame ZP Tu Lo Kho (Ta La)) (Version:  - )
Virtual Villagers 2 (HKLM-x32\...\Virtual Villagers 2_is1) (Version:  - FreeGamePick.com)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VNPT-CA CL Token Manager V1 (HKLM-x32\...\ePass2002Auto-4FE7-A218-48BDAE051E2B_std100131216) (Version:  - EnterSafe)
Vodafone Mobile Connect Lite (HKLM-x32\...\{E3B99F3D-9856-482A-9048-305E28E2510C}) (Version: 9.4.2.14731 - Vodafone)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.4300 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR Password Cracker (HKLM-x32\...\{C6A96049-4BD0-465D-BF4D-66CBD0D0E3DD}) (Version: 3.1.0.0 - iWesoft)
XCOM: Enemy Within (HKLM-x32\...\WENPTUVuZW15V2l0aGlu_is1) (Version: 1 - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
YTD Video Downloader 4.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.3 - GreenTree Applications SRL)
Zing Play (HKLM-x32\...\Zing Play) (Version: 3.0.106.8 - )
ZPTaLaAnDau (HKLM-x32\...\ZPTaLaAnDau) (Version:  - )
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4169419405-2626366916-160398126-1000_Classes\CLSID\{71748560-AA80-4469-9C1D-29A66233974C}\InprocServer32 -> C:\Users\Papa\AppData\Roaming\webnavi\nvi64.dll No File
CustomCLSID: HKU\S-1-5-21-4169419405-2626366916-160398126-1000_Classes\CLSID\{D66AFFF1-8FE8-48f0-A2D7-D231D926E751}\InprocServer32 -> C:\Users\Papa\AppData\Roaming\webnavi\nvi64.dll No File
CustomCLSID: HKU\S-1-5-21-4169419405-2626366916-160398126-1007_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4169419405-2626366916-160398126-1007_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4169419405-2626366916-160398126-1007_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4169419405-2626366916-160398126-1007_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
26-07-2014 23:01:21 Windows Update
03-08-2014 10:33:53 Geplanter Prüfpunkt
03-08-2014 18:53:40 Windows Update
09-08-2014 18:13:52 Windows Update
12-08-2014 09:25:29 avast! antivirus system restore point
12-08-2014 09:30:19 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
15-08-2014 14:40:38 Windows Update
19-08-2014 12:40:49 Windows Update
22-08-2014 16:05:55 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2014-04-02 22:36 - 2014-08-25 16:08 - 00002059 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
There are 7 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {002DFDBA-CA08-4B5C-9928-43147F96E817} - System32\Tasks\{1ED8EA91-DFCB-4126-8745-06E5E90A0E0E} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {0039F30C-749F-4539-AC6D-51FA8B6110E0} - System32\Tasks\{F6498D6E-56F6-4EDA-AE0B-A05EAC086407} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {0174B73F-DDEB-4AB5-871D-CA81AD7A301B} - System32\Tasks\{FEFD3BAB-D8EF-4232-B26C-88512C02F161} => C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\BF2_EditorSetup_v1.3\BF2_EditorSetup_v1.3.exe
Task: {07332F5E-ED4D-4B2A-AE14-4571172E64DE} - System32\Tasks\{D450941B-0D13-4C9F-9211-9CB2D30CD9BE} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2Editor.exe [2006-05-15] (Digital Illusions CE AB)
Task: {168E0202-9636-4D94-B234-DA1EE290C4CD} - System32\Tasks\{345E766D-20F2-4095-B19A-5275B3BA7F5B} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {1D4497B2-95C3-449F-8666-AEBAB81A1CC4} - System32\Tasks\{645C8593-CEF7-4F83-B6E9-27E3B823E73F} => C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\BF2_EditorSetup_v1.3\BF2_EditorSetup_v1.3.exe
Task: {2D262205-9E36-404B-84B6-5483186B48A5} - System32\Tasks\{F522BCE3-8FE5-415C-AA87-260EB3449DBF} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {2E2466B6-6AA4-4164-B260-D78E3CA91F17} - System32\Tasks\{6F845129-D911-4AFE-A1E1-7EEF2BDC178F} => C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\BF2_EditorSetup_v1.3.exe
Task: {3CF562CC-50FE-468A-82A6-BF1D27038B0C} - System32\Tasks\Start Registry Reviver for [email protected](logon) => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe
Task: {3D2DAE11-127B-48E7-8701-51682BAA8DF3} - System32\Tasks\{97073CF9-72E4-4582-94D5-0C25978710EE} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2Editor.exe [2006-05-15] (Digital Illusions CE AB)
Task: {5865B49E-AC2A-4699-BA0A-A6701E4EB11A} - System32\Tasks\{2D71BAD1-6910-4B10-80BF-E8C4B821371E} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {589D657D-AE7F-4300-A185-FFE8E5CA232B} - System32\Tasks\{4E20B463-DADE-4CEC-A9D2-9E304BCF1B06} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2_r.exe [2006-05-04] ()
Task: {5EC27903-7396-4F51-9186-C7AE53D663F9} - System32\Tasks\{60806E6A-01A7-4414-85B9-CAC41EEECD9E} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2Editor.exe [2006-05-15] (Digital Illusions CE AB)
Task: {6A8B2BD3-6DBA-4EE7-A192-6C109A89902A} - System32\Tasks\{0D49F02F-BCC2-41BD-8E01-8D9293E07387} => C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\BF2_EditorSetup_v1.3\BF2_EditorSetup_v1.3.exe
Task: {6AE0B28B-FFDA-4DEC-9921-376E3D5F7A3E} - System32\Tasks\{5163E2A9-C491-49AE-9F29-3C871BE9779B} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {70F134F5-EDBB-48C8-AD63-7D67287B8F61} - System32\Tasks\{F60421AB-250F-47BE-8660-DFB81D951413} => C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2Editor.exe [2006-05-15] (Digital Illusions CE AB)
Task: {74F9557D-5D27-4135-9255-5623024EAA25} - System32\Tasks\{A0B70D75-45C5-458A-BDED-9D4F0AB53022} => C:\Program Files (x86)\AsiasoftVN\TheGioiBaVuong\BaVuong2\ga2.exe
Task: {790234E9-2571-4CCF-8470-C21783CEFE4B} - System32\Tasks\{F5D1686F-FB4D-42C1-83B8-404F640CADF1} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {7B4F85AE-EA59-4BEC-B189-4543AA6A826E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {869B6B82-046E-4C6A-8BAC-0915A0099D7E} - System32\Tasks\CocCocUpdateTaskUserS-1-5-21-4169419405-2626366916-160398126-1007UA => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\CocCoc\Update\CocCocUpdate.exe [2014-01-20] (Itim Technologies Co., Ltd.)
Task: {91756579-2FCB-4690-8BEE-848D9C5F29E7} - System32\Tasks\HPCustParticipation HP Photosmart 6510 series => C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {9502FF07-AC6C-4D2F-8549-D05D11949ABC} - System32\Tasks\Telerik Control Panel Notifier FAMILIE-LE-NB_Papa => TelerikControlPanelNotifier.exe
Task: {99258B7B-2C6A-490F-824C-2C56D3D658A9} - System32\Tasks\{B78CBE6B-43C7-467D-8ECC-0BA2A7FAAC3F} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {A592CD30-577C-4215-B3C3-1C6EAE49C167} - System32\Tasks\{89ECCF29-090E-4CA0-905C-860432B622B1} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {B730D49D-C36E-4831-94CD-D9F6D1935BBB} - System32\Tasks\{3AACD023-7722-4ED7-AB7F-9BD4F2FA51FD} => C:\Program Files (x86)\The Sir. Community\BattleDirector\BattleDirector.exe
Task: {BBD9947F-9762-4E33-BA5D-B36C38D75E14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16] (Google Inc.)
Task: {BBF560C9-2C10-4B5A-A17E-5770A2C8B313} - System32\Tasks\{593BBC14-B748-4EDA-BD4A-95368FC41E6F} => C:\Program Files (x86)\The Sir. Community\BattleDirector\BattleDirector.exe
Task: {C4175321-C341-44EF-B15C-A3CC9FD577BE} - System32\Tasks\{C6EFE039-88BD-44F2-8C90-6F57CAC3B61C} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {C435DDAC-5331-45BA-9C21-18BB4B850159} - System32\Tasks\{2CDC2B10-FF27-4E91-B3C5-7D8005FD63DF} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {CA93F0B4-8B1F-45AA-BDE5-F49E9DDE8E91} - System32\Tasks\{D7218A5D-2E81-4946-9E96-9F8B93254E4D} => C:\Program Files (x86)\PlayPark\QuyenVuong\ga2.exe [2010-01-14] ()
Task: {DAB6F2CF-9151-4FCC-B498-E37A2C97F2AF} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-08-12] (AVAST Software)
Task: {DC06A566-78A8-41ED-BBD7-CFBA5F467A6F} - System32\Tasks\{3E8EFA57-7A4F-48BE-885B-3E49358CBC14} => C:\Program Files (x86)\Macromedia\Flash 8\Flash.exe [2005-08-31] (Macromedia, Inc.)
Task: {DC0F13C8-13F1-49C9-8D43-CB1E83D76ADF} - System32\Tasks\{387A92AC-BF34-4248-8AB4-3C310797847D} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {E8052F49-2133-45FF-AE28-0B8BA15F7902} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {EB8C6B0F-3D19-4440-8822-4D23664326B1} - System32\Tasks\{D72C7B5E-6957-4E3A-8BF8-9ED773DF1A14} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: {EF2D26AC-0965-44A0-9CE7-4842D2F2E586} - System32\Tasks\CocCocUpdateTaskUserS-1-5-21-4169419405-2626366916-160398126-1007Core => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\CocCoc\Update\CocCocUpdate.exe [2014-01-20] (Itim Technologies Co., Ltd.)
Task: {EFDF17FB-1C37-492E-9AA6-EB10EF0499E8} - System32\Tasks\{43CEBE49-F60A-4FCC-AD63-0294344797D7} => C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\BF2_EditorSetup_v1.3.exe
Task: {F12BE396-F510-4003-BA05-8F0E8F0D34B1} - System32\Tasks\{78175C85-8141-4DD1-A2D5-DEF3FAAB6215} => C:\Program Files (x86)\AsiasoftVN\TheGioiBaVuong\BaVuong2\ga2.exe
Task: {F7289060-1A3E-422B-85DD-66A506B7A966} - System32\Tasks\{0E90ABFC-6C49-4640-9D84-3DD59B942607} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2012-05-25] (Yahoo! Inc.)
Task: {F7DB6933-9CC7-4315-BCCF-7AB8E2F5F7F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16] (Google Inc.)
Task: C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-4169419405-2626366916-160398126-1007Core.job => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\CocCoc\Update\CocCocUpdate.exe
Task: C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-4169419405-2626366916-160398126-1007UA.job => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Local\CocCoc\Update\CocCocUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\Start Registry Reviver for [email protected](logon).job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-25 11:01 - 2013-10-17 22:32 - 00020472 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-12 16:29 - 2014-08-12 16:29 - 00301152 _____ () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2014-08-24 16:25 - 2014-08-24 16:25 - 02801152 _____ () C:\Program Files\Alwil Software\Avast5\defs\14082400\algo.dll
2014-08-25 16:08 - 2014-08-25 16:08 - 02801152 _____ () C:\Program Files\Alwil Software\Avast5\defs\14082500\algo.dll
2012-10-22 16:55 - 2012-10-22 16:55 - 01113600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DMSManager.dll
2012-10-05 17:27 - 2012-10-05 17:27 - 00704000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ContentDirectoryPresenter.dll
2012-08-21 19:06 - 2012-08-21 19:06 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DCMCDP.dll
2012-08-21 19:06 - 2012-08-21 19:06 - 00101376 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\FolderCDP.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\MetadataFramework.dll
2012-08-14 11:13 - 2012-08-14 11:13 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\sqlite3.dll
2012-08-14 11:13 - 2012-08-14 11:13 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\MoodExtractor.dll
2012-08-14 11:43 - 2012-08-14 11:43 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DCMImgExtractor.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AutoChaptering.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libexpat.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoThumb.dll
2012-08-14 11:43 - 2012-08-14 11:43 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avcodec-52.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avutil-50.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avformat-52.dll
2012-08-14 11:43 - 2012-08-14 11:43 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\swscale-0.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AudioExtractor.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00063488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ID3Driver.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\tag.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libThumbnail.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\RichInfoDriver.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoExtractor.dll
2012-10-22 16:55 - 2012-10-22 16:55 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ThumbnailMaker.dll
2012-10-22 16:55 - 2012-10-22 16:55 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ImageMagickWrapper.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00133120 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoMetadataDriver.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libKeyFrame.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\SECMetaDriver.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ImageExtractor.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\photoDriver.dll
2012-08-14 11:43 - 2012-08-14 11:43 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libexif-12.dll.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\TextExtractor.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\Autobackup.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\RosettaAllShare.dll
2012-08-21 11:25 - 2012-08-21 11:25 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_serialization-vc90-mt-1_47.dll
2012-08-21 11:26 - 2012-08-21 11:26 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_date_time-vc90-mt-1_47.dll
2012-08-21 11:25 - 2012-08-21 11:25 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_system-vc90-mt-1_47.dll
2012-08-21 11:26 - 2012-08-21 11:26 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_thread-vc90-mt-1_47.dll
2012-08-14 11:42 - 2012-08-14 11:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\us.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-23 16:04 - 2014-04-23 16:04 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-08-12 16:29 - 2014-08-12 16:29 - 19329904 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2013-05-02 18:54 - 2013-05-02 18:54 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-07-02 18:24 - 2010-03-04 10:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\Users\Papa\Downloads\.DS_Store:AFP_AfpInfo
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: Starter => C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe
MSCONFIG\startupreg: uTorrent => C:\Users\PhanCo.FAMILIE-LE-NB\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
 
==================== Faulty Device Manager Devices =============
 
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/25/2014 04:14:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 17.8.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 
Prozess-ID: 11b0
 
Startzeit: 01cfc044eebe85da
 
Endzeit: 0
 
Anwendungspfad: C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST64.exe
 
Berichts-ID: 384fb7cb-2c38-11e4-889c-60eb69562f4e
 
Error: (08/25/2014 04:07:46 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0
 
Error: (08/25/2014 04:07:46 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0
 
Error: (08/24/2014 05:46:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 
Prozess-ID: 18d0
 
Startzeit: 01cfbf889ed05282
 
Endzeit: 4
 
Anwendungspfad: C:\PROGRA~1\MICROS~2\Office14\OUTLOOK.EXE
 
Berichts-ID: e25ee6e9-2b7b-11e4-b75b-60eb69562f4e
 
Error: (08/24/2014 04:23:21 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0
 
Error: (08/24/2014 04:23:21 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0
 
Error: (08/24/2014 11:22:24 AM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0
 
Error: (08/24/2014 11:22:24 AM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0
 
Error: (08/23/2014 07:25:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12574
 
Error: (08/23/2014 07:25:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12574
 
 
System errors:
=============
Error: (08/25/2014 04:11:13 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Intel® Management & Security Application User Notification Service" ist von folgendem Dienst abhängig: LMS. Dieser Dienst ist eventuell nicht installiert.
 
Error: (08/25/2014 04:09:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer9 erreicht.
 
Error: (08/25/2014 04:08:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd
 
Error: (08/25/2014 04:08:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%13
 
Error: (08/25/2014 04:08:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PnkBstrA" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2
 
Error: (08/25/2014 04:07:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2
 
Error: (08/25/2014 04:07:16 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.
 
Error: (08/24/2014 04:27:02 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Intel® Management & Security Application User Notification Service" ist von folgendem Dienst abhängig: LMS. Dieser Dienst ist eventuell nicht installiert.
 
Error: (08/24/2014 04:23:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd
 
Error: (08/24/2014 04:23:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet: 
%%13
 
 
Microsoft Office Sessions:
=========================
Error: (08/25/2014 04:14:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe17.8.2014.011b001cfc044eebe85da0C:\Users\PhanCo.FAMILIE-LE-NB\Desktop\FRST64.exe384fb7cb-2c38-11e4-889c-60eb69562f4e
 
Error: (08/25/2014 04:07:46 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0
 
Error: (08/25/2014 04:07:46 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0
 
Error: (08/24/2014 05:46:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7113.500018d001cfbf889ed052824C:\PROGRA~1\MICROS~2\Office14\OUTLOOK.EXEe25ee6e9-2b7b-11e4-b75b-60eb69562f4e
 
Error: (08/24/2014 04:23:21 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0
 
Error: (08/24/2014 04:23:21 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0
 
Error: (08/24/2014 11:22:24 AM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0
 
Error: (08/24/2014 11:22:24 AM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0
 
Error: (08/23/2014 07:25:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12574
 
Error: (08/23/2014 07:25:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12574
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-11 20:49:26.988
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-24 22:11:54.648
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 21:19:16.160
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 20:49:06.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 19:43:07.577
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 15:30:03.076
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 15:06:46.399
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 14:42:01.277
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-13 14:01:43.744
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
  Date: 2014-06-10 23:42:11.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 54%
Total physical RAM: 3766.69 MB
Available physical RAM: 1720.45 MB
Total Pagefile: 7531.51 MB
Available Pagefile: 4868.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:685.54 GB) (Free:268.59 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 348EEB9E)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=685.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Just some orphans remaining so might as well tidy those up.. How is the computer behaving now ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-22 21:49 - 2014-06-22 17:46 - 00000000 ____D () C:\Users\Papa\AppData\Local\26869
2014-08-22 21:49 - 2014-02-16 15:50 - 00000000 ____D () C:\Users\Papa\AppData\Local\DM
2014-08-22 21:49 - 2013-08-18 20:40 - 00000000 ____D () C:\Program Files (x86)\SaveShare
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: .webnavi -> {71748560-AA80-4469-9C1D-29A66233974C} => C:\Users\Papa\AppData\Roaming\webnavi\nvi.dll No File
SearchScopes: HKCU - {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = http://www.bigseekpr...q={searchTerms}
SearchScopes: HKCU - {57238BE3-743E-4BE5-9F23-6AE7B33571A8} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKLM-x32 - {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = http://www.bigseekpr...q={searchTerms}
Task: C:\Windows\Tasks\Start Registry Reviver for [email protected](logon).job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#21
langvu900

langvu900

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Hello there, here is the Fixlog.txt. Thanks.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03

Ran by Papa at 2014-08-26 16:27:02 Run:2
Running from C:\Users\PhanCo.FAMILIE-LE-NB\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
2014-08-22 21:49 - 2014-06-22 17:46 - 00000000 ____D () C:\Users\Papa\AppData\Local\26869
2014-08-22 21:49 - 2014-02-16 15:50 - 00000000 ____D () C:\Users\Papa\AppData\Local\DM
2014-08-22 21:49 - 2013-08-18 20:40 - 00000000 ____D () C:\Program Files (x86)\SaveShare
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: .webnavi -> {71748560-AA80-4469-9C1D-29A66233974C} => C:\Users\Papa\AppData\Roaming\webnavi\nvi.dll No File
SearchScopes: HKCU - {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = http://www.bigseekpr...q={searchTerms}
SearchScopes: HKCU - {57238BE3-743E-4BE5-9F23-6AE7B33571A8} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKLM-x32 - {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = http://www.bigseekpr...q={searchTerms}
Task: C:\Windows\Tasks\Start Registry Reviver for [email protected](logon).job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
C:\Users\Papa\AppData\Local\26869 => Moved successfully.
C:\Users\Papa\AppData\Local\DM => Moved successfully.
C:\Program Files (x86)\SaveShare => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1" => Key not found.
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2" => Key not found.
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3" => Key not found.
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1" => Key not found.
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2" => Key not found.
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3" => Key not found.
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.webnavi" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{71748560-AA80-4469-9C1D-29A66233974C}" => Key deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}" => Key deleted successfully.
"HKCR\CLSID\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{57238BE3-743E-4BE5-9F23-6AE7B33571A8}" => Key deleted successfully.
"HKCR\CLSID\{57238BE3-743E-4BE5-9F23-6AE7B33571A8}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}" => Key not found.
C:\Windows\Tasks\Start Registry Reviver for [email protected](logon).job => Moved successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 426.5 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
All looks good now

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#23
langvu900

langvu900

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Thank you so much!!! I will try my best to protect my computer. And of course i will tell others if they get in problems. Thanks again! :spoton:  :D  :laughing:  :heart:  :happy:  :)  :cheers:  :notworthy:  :woot:  :thumbsup:

Bye!


  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: razor1911, sim city 5, infection

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP