Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by JOMLI at 2015-06-18 21:51:55
Running from C:\Users\JOMLI\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-59186770-3328091177-2871084718-500 - Administrator - Disabled)
Invité (S-1-5-21-59186770-3328091177-2871084718-501 - Limited - Enabled)
JOMLI (S-1-5-21-59186770-3328091177-2871084718-1000 - Administrator - Enabled) => C:\Users\JOMLI

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-59186770-3328091177-2871084718-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archiveur WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1730 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DriverPack Solution Updater (HKU\S-1-5-21-59186770-3328091177-2871084718-1000\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution)
Dropbox (HKU\S-1-5-21-59186770-3328091177-2871084718-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
File Identifier (HKLM\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.8 - Sharpened Productions)
File Viewer Lite (HKLM\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.3.2 - Sharpened Productions)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPU Monitor (HKLM\...\VLC Player GPU+11.041.44) (Version: 11.041.44 - GPU Usage) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-59186770-3328091177-2871084718-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
ooVoo (HKLM\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.1008 - ooVoo LLC.)
RealDownloader (Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.1.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-59186770-3328091177-2871084718-1000\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
YAC(Yet Another Cleaner!) (HKLM\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\JOMLI\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\JOMLI\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-59186770-3328091177-2871084718-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01E3F49F-BC3A-4F03-939C-B6057CDF7FC2} - System32\Tasks\{2ABF56E7-51F1-4A6C-B90F-7604483503E5} => pcalua.exe -a "C:\Program Files\Elex-tech\YAC\uninstall.exe"
Task: {04FA47AF-7380-4ED2-B5C3-1B22F51709D0} - \LaunchSignup No Task File <==== ATTENTION
Task: {0FC403D1-4FF0-4D27-A91C-8099A6265F9C} - System32\Tasks\{4FDC5BE5-D949-4C78-9A27-6B2C1115A1A6} => C:\Program Files\ooVoo\ooVoo.exe [2013-10-31] (ooVoo LLC)
Task: {1A601C71-DF9D-4276-A8E4-83E63F5FF967} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {1F8404CC-4421-4154-B631-EC80489EA0CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {242C2DB7-237D-48DB-8F7B-EB2C94AB17F6} - System32\Tasks\{229C84A6-ED85-41ED-9515-0F6C02C9794B} => pcalua.exe -a C:\Users\JOMLI\Downloads\Wirecast_for_YouTube_5.0.3.exe -d C:\Users\JOMLI\Downloads
Task: {2E32C8EA-B696-4F76-84D5-01B84D7116FA} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-59186770-3328091177-2871084718-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {2E836259-85D0-45D8-87D6-F3CD06EB9350} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {43AA8981-EF3F-4712-B517-BEBE164B7889} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52330508-CA3B-489E-9C24-B014233CABA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {6BBD59D7-4A9C-4C21-9FA0-F8AE1A290DD7} - System32\Tasks\7862C8D9-066E-4051-A850-CEFDAE4E2322{D10D8A07-0FA7-4743-A8C5-4FBB4612584D} => C:\Program Files\Shop For Rewards\PrefHelper.exe <==== ATTENTION
Task: {6E613E52-7823-4BD6-9DD2-EB53A225CFB5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-59186770-3328091177-2871084718-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {6FFA6488-F362-4D7E-B9EE-B52B8118618D} - \DealPly No Task File <==== ATTENTION
Task: {862CA623-3993-4FBD-B878-8291FA120060} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {876FB91C-C32B-4D0A-AD72-F3AC9802B546} - System32\Tasks\{E4187771-567A-463E-90E0-F257C8DB8708} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {8822585E-794A-4F55-92C8-211AFC2A4BBE} - System32\Tasks\{9ECDBE78-8D15-4888-B2D3-EB90FD626795} => pcalua.exe -a C:\Users\JOMLI\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=sky
Task: {8D65729F-4388-4AA3-B0F2-5FB5FE8A6BF5} - System32\Tasks\avastBCLRestartS-1-5-21-59186770-3328091177-2871084718-1000 => Chrome.exe 
Task: {94D0A3CE-E6F5-4DE8-B5EA-0F6864E5B945} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {9670BD58-FB97-428A-A129-9EB122555EFA} - System32\Tasks\{4B068560-D764-46F7-A32F-BA347B0A2B00} => Chrome.exe 
Task: {A7C6187D-6A66-450D-8FE9-EA8605DEDB11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {AFE7A8AD-20F1-478E-B4C2-947A1528A341} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-59186770-3328091177-2871084718-1000Core => C:\Users\JOMLI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-09] (Facebook Inc.)
Task: {C8918AE9-1FCA-4747-B254-85B704A0DD99} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {CF7AB7E0-29A1-4FD1-AF20-35C8CC94A8DA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {D2079DF9-CFAF-4699-A416-D4F64F328571} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {D275E84B-F114-4E4F-8D7C-7814EBDC1067} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 
Task: {EC9F1CC8-5701-451F-9FA8-CBD07DE4E4E7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-59186770-3328091177-2871084718-1000UA => C:\Users\JOMLI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-09] (Facebook Inc.)
Task: {F6D8414C-B956-4026-B4BF-0B285906A1D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\7862C8D9-066E-4051-A850-CEFDAE4E2322{D10D8A07-0FA7-4743-A8C5-4FBB4612584D}.job => C:\Program Files\Shop For Rewards\PrefHelper.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-59186770-3328091177-2871084718-1000Core.job => C:\Users\JOMLI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-59186770-3328091177-2871084718-1000UA.job => C:\Users\JOMLI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-05 12:45 - 2014-08-05 12:45 - 00301152 _____ () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2015-06-18 16:00 - 2015-06-18 16:00 - 02952704 _____ () C:\Program Files\Alwil Software\Avast5\defs\15061800\algo.dll
2015-06-18 21:19 - 2015-06-18 21:19 - 02952704 _____ () C:\Program Files\Alwil Software\Avast5\defs\15061801\algo.dll
2014-08-05 12:45 - 2014-08-05 12:45 - 19329904 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-10-17 18:57 - 2015-06-10 10:50 - 80035536 _____ () C:\Users\JOMLI\AppData\Local\Viber\Viber.exe
2015-05-30 15:58 - 2015-02-25 10:21 - 01507328 _____ () C:\Users\JOMLI\AppData\Local\Viber\libGLESv2.dll
2015-05-30 15:58 - 2015-06-10 10:19 - 00100864 _____ () C:\Users\JOMLI\AppData\Local\Viber\qfacebook.dll
2015-05-30 15:58 - 2015-06-10 10:19 - 00171008 _____ () C:\Users\JOMLI\AppData\Local\Viber\exif.dll
2015-05-30 15:58 - 2015-02-25 10:21 - 00063488 _____ () C:\Users\JOMLI\AppData\Local\Viber\libEGL.dll
2015-05-30 15:58 - 2015-02-25 10:36 - 00010240 _____ () C:\Users\JOMLI\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
2013-09-13 21:51 - 2013-09-13 21:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 21:51 - 2013-09-13 21:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-16 05:07 - 2013-04-16 05:07 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-28 14:44 - 2014-10-22 07:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 14:44 - 2014-10-22 07:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 14:44 - 2014-10-22 07:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 14:44 - 2014-10-22 07:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2015-06-18 02:27 - 2015-06-18 02:27 - 00332800 _____ () C:\Users\JOMLI\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ctb.dll
2014-10-28 14:44 - 2014-10-22 07:05 - 14902600 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-59186770-3328091177-2871084718-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JOMLI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DrvUpdater => C:\Users\JOMLI\AppData\Roaming\DRPSu\DrvUpdater.exe /hide
MSCONFIG\startupreg: Facebook Update => "C:\Users\JOMLI\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: uTorrent => "C:\Users\JOMLI\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F36DFF31-F3D6-43DB-82C8-A03D2622F64D}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{63CB8541-37F7-4F73-A187-E632099B6E61}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{D7BD95F0-E19A-4E35-95BE-3E5D8F1F9D66}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{4194EC56-4C28-4087-BDE2-1B4C5ED32C74}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{53658D70-A0B2-4790-8F5C-0E427CA16701}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{E5FC2E01-319B-4726-87A0-C694439D314F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{B771E987-00AA-423E-873D-F5C36C905462}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [{C7B7D643-69E8-4260-BDA7-90EBB62B6458}] => (Allow) C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0A56A076-41C6-4FB3-A79C-B3AF711BE3CA}] => (Allow) C:\Users\JOMLI\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{65CF60AE-8E9E-424A-B04D-698B7A07611B}] => (Allow) C:\Users\JOMLI\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{9192852E-5662-49B9-B302-C8E680840C8C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{F8184DB0-6671-4666-B916-4845C415D37B}] => (Allow) C:\Users\JOMLI\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C0DAA3B9-8950-4B10-AE7B-F00F4A08DC33}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{46090ED0-714B-4179-AFC9-8586C9FAF659}] => (Allow) LPort=2869
FirewallRules: [{8EF35B2F-B033-4AFE-8D78-D34ECB2B09E6}] => (Allow) LPort=1900
FirewallRules: [{BA127D6F-963B-4943-B318-4CADC126AC87}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0FDD9D6C-75FA-4486-A72B-332FB5C41F42}] => (Allow) C:\Program Files\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe
FirewallRules: [{E4884633-A22F-4F78-8B13-3180FC9A05D8}] => (Allow) C:\Program Files\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe
FirewallRules: [{AB4BB80D-C3F5-493B-909B-190D1156F94D}] => (Allow) C:\Users\JOMLI\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DDD1C081-E38E-494E-AF1B-D0166C070801}] => (Allow) C:\Users\JOMLI\AppData\Roaming\uTorrent\uTorrent.exe

==================== Faulty Device Manager Devices =============

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: YAC Kit Driver
Description: YAC Kit Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iSafeKrnlKit
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: YAC Ring3 Driver
Description: YAC Ring3 Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iSafeKrnlR3
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2015 09:08:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2015 04:29:10 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Impossible de créer le point de restauration planifié. Informations supplémentaires : (0x80042308).

Error: (06/18/2015 04:29:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80042308).

Error: (06/18/2015 04:28:39 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Erreur du service de cliché instantané des volumes : le volume/disque n’est pas connecté ou est introuvable.
Contexte de l’erreur : DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000B8,0x00560038,004CCEE0,0,004CBED8,4096,[0]).


Opération :
   Traitement de PostFinalCommitSnapshots

Contexte :
   Contexte d’exécution: System Provider

Error: (06/18/2015 04:00:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2015 10:30:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2015 07:12:07 AM) (Source: Google Update) (EventID: 20) (User: JOMLI-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (06/18/2015 06:21:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2015 02:16:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/17/2015 10:12:06 PM) (Source: Google Update) (EventID: 20) (User: JOMLI-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s


System errors:
=============
Error: (06/18/2015 09:08:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : 
iSafeKrnl
iSafeKrnlKit
iSafeKrnlR3

Error: (06/18/2015 09:08:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (06/18/2015 09:08:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (06/18/2015 09:08:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT)
Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local.

Error: (06/18/2015 09:07:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service YAC Service n’a pas pu démarrer en raison de l’erreur : 
%%5

Error: (06/18/2015 04:33:23 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Les clichés instantanés C: ont été annulés à cause d’une défaillance d’E/S sur le volume C:.

Error: (06/18/2015 04:32:50 PM) (Source: atapi) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0.

Error: (06/18/2015 04:32:50 PM) (Source: atapi) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0.

Error: (06/18/2015 04:32:50 PM) (Source: atapi) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0.

Error: (06/18/2015 04:32:50 PM) (Source: atapi) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0.


Microsoft Office:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz
Percentage of memory in use: 91%
Total physical RAM: 2008.88 MB
Available physical RAM: 174.25 MB
Total Pagefile: 4017.76 MB
Available Pagefile: 1438.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1868.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:8.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:74.52 GB) (Free:4.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: A0F1E785)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== End of log ============================