Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014 Ran by mamour at 2014-12-18 15:35:54 Running from C:\Users\mamour\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0519.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) Advanced System Protector (HKLM-x32\...\Advanced System Protector_is1) (Version: 2.1.1000.10225 - Systweak Software) <==== ATTENTION Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden avast! Pro Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation) Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.) clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden clear.fi (x32 Version: 1.0.1720.00 - CyberLink Corp.) Hidden clear.fi (x32 Version: 9.0.7709 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated) Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc) Dropbox (HKU\S-1-5-21-1345095244-3741764637-3583907111-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.) EBP (HKLM-x32\...\EBP Comptabilité 2013_is1) (Version: EBP 2013 - EBP) ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.) Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.0 - Ellora Assets Corporation) Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galeria fotogràfica (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HP Deskjet 2050 J510 series Aide (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden jZip (HKU\S-1-5-21-1345095244-3741764637-3583907111-1001\...\jZip) (Version: 2.0.0.135386 - Bandoo Media Inc) <==== ATTENTION Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.) Logiciel de base du périphérique HP Deskjet 2050 J510 series (HKLM\...\{B7F83103-C83C-4081-B9B7-50FC6A6F929E}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) Ma-Config.com (HKLM-x32\...\{1B19A54C-3692-4D12-BFD9-1362DD34CE78}) (Version: 5.2.018 - Cybelsoft) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Famille et Étudiant 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1345095244-3741764637-3583907111-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox (3.5.19) (HKLM-x32\...\Mozilla Firefox (3.5.19)) (Version: 3.5.19 (fr) - Mozilla) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom) MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - ) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden NVIDIA Graphics Driver 268.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.00 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Phpnuke Downloader Zuma Deluxe (HKLM-x32\...\Phpnuke Downloader Zuma Deluxe) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Snap.Do (HKLM-x32\...\{D08D2971-64C8-43FA-B251-E0BBBE9E87E3}) (Version: 11.42.1.16270 - ReSoft Ltd.) <==== ATTENTION Snap.Do Engine (HKU\S-1-5-21-1345095244-3741764637-3583907111-1001\...\{0d67ab75-c70f-419a-88f6-edfdda4a1f84}) (Version: 11.42.1.16270 - ReSoft Ltd.) <==== ATTENTION Systweak PhotoStudio 2.1 (HKLM-x32\...\PhotoStudio_4281508C_4DA1_4d4e_81EB_725D55EC30DC_is1) (Version: 2.1.2954.85 - Systweak Inc.) TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nom de votre société) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Torch (HKU\S-1-5-21-1345095244-3741764637-3583907111-1001\...\Torch) (Version: 36.0.0.8253 - Torch Media, Inc) <==== ATTENTION Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden TuneUp Utilities 2014 (fr-FR) (x32 Version: 14.0.1000.93 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.93 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.93 - TuneUp Software) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vodafone Mobile Connect Lite (HKLM-x32\...\{7CA72235-27FF-4B4F-BC71-957C4CC390A4}) (Version: 9.4.5.19167 - Vodafone) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman) Zuma (HKLM-x32\...\Zuma) (Version: - PopCap Games) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Zuma Deluxe 1.0 (HKLM-x32\...\Zuma Deluxe 1.0) (Version: - ) Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 16.4.3505.0912 - Корпорация Майкрософт) Hidden Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden معرض الصور (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden 影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\mamour\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\mamour\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\mamour\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\mamour\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\mamour\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mamour\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mamour\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mamour\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1345095244-3741764637-3583907111-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mamour\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ==================== Restore Points ========================= 01-10-2014 12:54:04 Windows Update 01-10-2014 13:07:55 Windows Update 30-10-2014 05:50:24 Windows Update 03-11-2014 14:16:44 Windows Update 03-11-2014 15:25:15 Windows Update 08-11-2014 13:51:40 Windows Update 19-11-2014 11:21:25 Tuneup Pro mer., nov. 19, 14 11:21 18-12-2014 14:18:19 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {097911EC-E853-403F-B2D5-80BFCAEB41EB} - System32\Tasks\{4010D7DD-B229-468E-A0F8-CF6D65DAC4A7} => pcalua.exe -a C:\Users\mamour\Downloads\ZHPDiag2(4).exe -d C:\Users\mamour\Downloads Task: {0C439E1B-EA17-4276-AD26-27C66DAAD5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.) Task: {0E99762B-8E3E-46E9-ABCE-DB8F1C79AF21} - \Advanced System Protector_startup No Task File <==== ATTENTION Task: {326717C7-4CC3-4523-9002-37EC8635E412} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {3B169C6C-75E3-45E9-BD6B-CEF4F2DA2F72} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {3D0C3982-7EF1-49FE-A4BB-46831DEEFAE0} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-06-18] (Acer) Task: {45FC5233-6A94-41B6-B835-42AD9043772F} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {5359A80B-37F0-483F-8074-6BB8F7D2DD74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.) Task: {56B97835-CF76-4DD7-B084-1E0AAB4F45D9} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated) Task: {642424C5-8230-4C54-8A5F-E8B61A92B548} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {65886FC5-8685-4E98-9785-221399A111E9} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-05-08] (Adobe Systems Incorporated) Task: {777DDB82-0818-4727-9E43-4F63F4A02831} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\Advanced System Protector\AspManager.exe <==== ATTENTION Task: {7FF2439D-1AC6-41D2-89AE-7E831D6722D8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe Task: {8B658BDC-8B57-4629-8A5F-AB5139807C48} - System32\Tasks\{585CEEDA-2DD1-4F89-8B37-B711EBBBF7D3} => pcalua.exe -a C:\Users\mamour\Downloads\ZHPDiag2.exe -d C:\Users\mamour\Downloads Task: {8C2FD6E3-AB1A-43F6-B4E5-8A6120CD8D8C} - System32\Tasks\{154C48FD-3E75-4D7E-B8DD-9987BDB63DD4} => pcalua.exe -a C:\Users\mamour\Downloads\ZHPDiag2(3).exe -d C:\Users\mamour\Downloads Task: {B2AC131C-4BC3-4295-BD58-2BD7B6D1DE66} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink) Task: {D3E7AAD6-9919-4C20-AE11-2CF58FB3122F} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {D6F27B7A-F1C6-4546-ADEB-C440AD8578A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-22] (AVAST Software) Task: {E59CC42A-FCE5-4049-85E4-3563E7548449} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-08] (Adobe Systems Incorporated) Task: {FE94A615-B4C7-4674-B49F-1E6D2733E0A1} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-08-12 10:01 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-10-15 02:48 - 2014-12-07 12:35 - 00123672 ____N () C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe 2013-08-30 09:34 - 2013-08-30 09:34 - 00757048 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2014-11-08 13:53 - 2014-12-04 10:08 - 00065696 ____N () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2014-11-08 13:53 - 2014-12-04 10:08 - 00092320 ____N () C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll 2014-11-08 13:53 - 2014-12-04 10:08 - 01105408 ____N () C:\Program Files (x86)\Elex-tech\YAC\isafechlp.dll 2014-11-08 13:53 - 2014-10-27 04:02 - 00176976 ____N () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2014-11-08 13:53 - 2014-10-27 04:02 - 00087744 ____N () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2014-07-22 07:43 - 2014-07-22 07:43 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-12-18 13:08 - 2014-12-18 13:08 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121800\algo.dll 2011-05-20 19:13 - 2011-05-20 19:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2014-07-22 07:43 - 2014-07-22 07:43 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2014-11-19 10:54 - 2014-11-19 10:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll 2011-08-12 09:21 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\mamour\Downloads\FW Alerte météo Belgique.eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\FW_ Au cas où!.eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\invitation.eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\No Subject (1).eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\No Subject.eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\RE.eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\réservation Amberloup.eml:OECustomProperty AlternateDataStreams: C:\Users\mamour\Downloads\Votre_facture_Belgacom_du_26_03_14_portant_le_numéro_6415334364.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrateur (S-1-5-21-1345095244-3741764637-3583907111-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-1345095244-3741764637-3583907111-1003 - Limited - Enabled) Invité (S-1-5-21-1345095244-3741764637-3583907111-501 - Limited - Disabled) mamour (S-1-5-21-1345095244-3741764637-3583907111-1001 - Administrator - Enabled) => C:\Users\mamour UpdatusUser (S-1-5-21-1345095244-3741764637-3583907111-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: TuneUpUtilitiesDrv Description: TuneUpUtilitiesDrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: TuneUpUtilitiesDrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (12/18/2014 03:35:55 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. Error: (12/18/2014 03:35:24 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. Error: (12/18/2014 03:34:57 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. Error: (12/18/2014 02:47:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante mbam.exe, version : 1.0.1.711, horodatage : 0x542b53ec Nom du module défaillant : ntdll.dll, version : 6.1.7601.18247, horodatage : 0x521ea8e7 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00066fbb ID du processus défaillant : 0x1ea4 Heure de début de l’application défaillante : 0xmbam.exe0 Chemin d’accès de l’application défaillante : mbam.exe1 Chemin d’accès du module défaillant: mbam.exe2 ID de rapport : mbam.exe3 Error: (12/18/2014 02:47:34 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. Error: (12/18/2014 02:20:44 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. Error: (12/18/2014 02:20:44 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. Error: (12/18/2014 02:19:37 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. Syntaxe XML non valide. System errors: ============= Error: (12/18/2014 02:20:24 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions: ========================= Error: (12/18/2014 03:35:55 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 Error: (12/18/2014 03:35:24 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 Error: (12/18/2014 03:34:57 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 Error: (12/18/2014 02:47:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.1.711542b53ecntdll.dll6.1.7601.18247521ea8e7c000000500066fbb1ea401d01ac57335d89dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Windows\SysWOW64\ntdll.dll6c185728-86bc-11e4-bd9b-b870f4f88076 Error: (12/18/2014 02:47:34 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 Error: (12/18/2014 02:20:44 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 Error: (12/18/2014 02:20:44 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 Error: (12/18/2014 02:19:37 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\mamour\Downloads\setup(2).exeC:\Users\mamour\Downloads\setup(2).exe0 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz Percentage of memory in use: 34% Total physical RAM: 8043.86 MB Available physical RAM: 5229.84 MB Total Pagefile: 16085.9 MB Available Pagefile: 13051.13 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:563.71 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 52FE1B44) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================