Conversation Windows 10 Start button, network volume, battery and action center don't work

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Status
Not open for further replies.
I did all the steps... Maybe theres something wrong with the log? IDK, either way I am scanning the computer right now with Farbar, I will post again when it's done
 
Jérémie said:
Maybe theres something wrong with the log?
Click to expand...


No, I think it is more like something is wrong with the PC. It's ok, no big deal. You most likely did the steps, something may have changed them back. We just need to make sure malware is not at play here. :)
 
Go ahead and remove the programs below with Geek Uninstaller -- Use Force Mode if needed.

Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)
YTD Video Downloader 5.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL)
 
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Exécuté par Quelqu'un (06-01-2017 17:57:37)
Exécuté depuis C:\Users\Quelqu'un\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-18 20:38:18)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3980963936-1557843195-203842877-500 - Administrator - Disabled)
battlecruiser (S-1-5-21-3980963936-1557843195-203842877-1003 - Limited - Enabled) => C:\Users\battlecruiser
DefaultAccount (S-1-5-21-3980963936-1557843195-203842877-503 - Limited - Disabled)
Invité (S-1-5-21-3980963936-1557843195-203842877-501 - Limited - Disabled)
Quelqu'un (S-1-5-21-3980963936-1557843195-203842877-1001 - Administrator - Enabled) => C:\Users\Quelqu'un

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Active Directory Authentication Library for SQL Server (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.270 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Antidote 8 (HKLM-x32\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.05.1877 - Druide informatique inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
Apache Tomcat 8.0.27 (HKLM\...\nbi-tomcat-8.0.27.0.0) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.710 - Broadcom Corporation)
Broforce (HKLM-x32\...\1470490225_is1) (Version: 2.0.0.2 - GOG.com)
Catalyst Control Center Next Localization BR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Ext2Fsd 0.68 (HKLM\...\Ext2Fsd_is1) (Version: 0.68 - Matt Wu)
Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios)
Fable - The Lost Chapters (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Far Manager 3 x64 (HKLM\...\{EA526B11-07F0-4958-9F69-AE8A159383EE}) (Version: 3.0.4774 - Eugene Roshal & Far Group)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version: - )
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kingdom Rush (HKLM-x32\...\S2luZ2RvbVJ1c2g=_is1) (Version: 1 - )
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
Knights of Pen and Paper (HKLM-x32\...\Knights of Pen and Paper_is1) (Version: - Paradox Interactive)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 with Update 2 (HKLM-x32\...\{675a5109-38d6-406c-9e75-d0e922f87a58}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Oracle VM VirtualBox 5.1.2 (HKLM\...\{629314D8-8CB7-45F4-8C48-20EF2E330430}) (Version: 5.1.2 - Oracle Corporation)
OTTTD Deluxe Edition 1.27 (HKLM-x32\...\OTTTD Deluxe Edition 1.27) (Version: 1.27 - Cat-A-Cat)
PlagueInc ver. 1.0.4 (MP.94) (HKLM-x32\...\{CE24C9D7-7DFB-41A9-B6DF-AAE3BA40A56A}_is1) (Version: 1.0.4 (MP.94) - Numantian Games)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
Quake 2 - id Software v3.20 (HKLM-x32\...\Quake 2 - id Software) (Version: v3.20 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
ReiBoot (HKLM-x32\...\ReiBoot) (Version: - Tenorshare, Inc.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4641.1002 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.3104.1200 - Microsoft Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II: Heart of the Swarm (c) Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Startup Sound Changer (HKLM-x32\...\Startup Sound Changer) (Version: 1.0 - hxxp://winreview.ru/)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Torchlight (HKLM-x32\...\GOGPACKTORCHLIGHT_is1) (Version: 2.0.0.12 - GOG.com)
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.29.0 - Microsoft Corporation) Hidden
UBCD4Win 3.60 (HKLM-x32\...\UBCD4Win_is1) (Version: - UBCD4Win Team - Benjamin Burrows)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-4) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)
War2Combat version 4.01 (HKLM-x32\...\War2Combat_is1) (Version: 4.01 - War2 RU Admins)
War2Music version 1.01 (HKLM-x32\...\War2Music_is1) (Version: 1.01 - War2 RU Admins)
Warcraft 3 (HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Warcraft 3) (Version: - )
Waterfox 50.1.0 (x64 en-US) (HKLM\...\Waterfox 50.1.0 (x64 en-US)) (Version: 50.1.0 - Mozilla)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.6.0.8 - Winaero)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinX HD Video Converter Deluxe 5.9.4 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
Workflow Manager Client 1.0 (Version: 2.0.50408.1 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.50408.2 - Microsoft Corporation) Hidden
World of Warships (HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net)
YTD Video Downloader 5.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL) <==== ATTENTION

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {16E03161-855B-4ADB-A58C-8D5CA0B0FBFE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-29] (Adobe Systems Incorporated)
Task: {3B2AEDAC-9A9C-4581-AEAF-515E45C227BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {48CAF313-47C3-40D9-BC58-51DD05389470} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {5EC66713-3A19-4420-B47B-86F08311706F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {652A4EC9-22E8-4D31-820F-4E725660E947} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2016-10-07] (MSFree Inc.)
Task: {7524F6F3-9C4A-47DE-83ED-28443E912CDB} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {7BF2F2EC-ED09-4135-9335-BF620BCB2D21} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Quelqu'un => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {89BC8B7D-1A8E-4C74-B3E6-AD36DBF2AAC8} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-03-22] (Microsoft Corporation)
Task: {8F911436-BC0E-4F51-BC09-97411C5BD1AD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {9B64515B-4396-4B3F-99DA-304E6E778955} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {A69D6F30-4E24-44A0-892B-D433473ED42B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-17] (Acer Incorporated)
Task: {B8CD01D7-F313-4F66-92C9-98A4E9451BFB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {BBC0FF87-D744-4893-831D-BD171251BC74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {DF1DEBC0-8535-4D82-A9A8-DBE476D8A715} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {E5EB1DBD-C18D-4CF7-8E8A-0305691DB3C2} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {E83293C0-83EE-42A1-AE7F-802CD4C7BDF0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {E8A438D0-F362-4301-B112-77B4D097A8D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {EA243AC6-8BB1-485F-92CC-CBBD069F03F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-01] (Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-new-avatar-menu -- "%1"

==================== Modules chargés (Avec liste blanche) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-11-18 15:59 - 2016-11-18 15:59 - 01864384 _____ () C:\Users\Quelqu'un\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-10-07 08:50 - 2016-10-30 11:12 - 08924864 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2010-01-09 19:17 - 2010-01-09 19:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:40 - 2010-01-21 00:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-12-29 07:35 - 2016-12-29 07:35 - 27242584 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\hola.org -> hxxp://hola.org

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2017-01-06 17:10 - 2017-01-06 17:11 - 00000089 _RASH C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Quelqu'un\Pictures\quebec wallpaper.png
DNS Servers: 198.101.242.72 - 23.253.163.53
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu is disabled.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

MSCONFIG\Services: KMSEmulator => 2
MSCONFIG\Services: OpenVPNService => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AgentAntidote64"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Duet Display"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AgentAntidote32"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "VideoPaper"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "ClickfreeMonitor"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "CyberGhost"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{3E1E0254-EF99-4D9C-BA80-2761C83C6D00}] => C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0626610B-E39C-409A-A19C-E4865ED98641}] => C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0F43735D-FD09-457A-8AEB-FCF4638A6664}] => LPort=1688
FirewallRules: [{A2689DA6-1905-45F2-90DE-4695BD140E74}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C9554347-2280-4B53-88EC-72AB5140B112}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BAA45C4F-C677-41C8-8D77-854845901F93}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{81D1E5E1-DAAE-47B9-A884-AC9D8C2637E2}] => C:\Users\Quelqu'un\AppData\Roaming\Vuze Leap\VuzeLeap.exe
FirewallRules: [{AC125902-95C3-4AE2-B51F-1D4B97616A90}] => C:\Users\Quelqu'un\AppData\Roaming\Vuze Leap\VuzeLeap.exe
FirewallRules: [{FFD3A55B-0047-48A1-B780-4E4F124119FB}] => LPort=12292
FirewallRules: [{F1E6E278-0688-469E-8F74-6533A71EB4AF}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{74F610D1-A281-47EA-8AEA-974DF525F707}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{6EDA30C3-56EC-465F-861B-C2891DF1163F}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{A5C2A9EE-2427-485E-9ED4-6599E06D37EA}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{6AEA4017-6C9A-415E-9CB4-BCCB9629BBF8}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{DEBFCFE5-12F4-49EA-A4E7-859EFD48E92D}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{F13B5C71-C53B-47E8-B7B0-9BF73DFC5E3B}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CB5C45BF-6032-4A31-8034-1F1893D42040}] => C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{64DEFF18-3341-4BBE-A660-5BF16F36EA61}] => C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{DEBFCA68-385E-4159-9DDB-285A79DA6F55}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AFD0AAFC-3958-476A-A633-ED2E1BFA949E}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{52036570-7DA9-44DC-B723-A7280AB1F086}] => C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe
FirewallRules: [{6C9BF167-E3AE-4150-BA32-6960C83B2F66}] => C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
FirewallRules: [{BF15E24F-D713-4755-B7AD-F5C5840617B3}] => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE
FirewallRules: [{5968557C-02C9-48C1-BF86-418E296438AD}] => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
FirewallRules: [{60335FE7-CE23-4531-84EE-8A8538301DAA}] => %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{2B166593-0054-4B14-AD22-BA27AA798121}] => LPort=1900
FirewallRules: [{A5BC9DC4-ED69-4ED3-818D-2AE211DF642A}] => LPort=2869
FirewallRules: [{86A1A1FD-1FC9-4897-B00E-CB3101F83C5E}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FE9675AB-3364-4B14-AC77-8B184C7ABE9A}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{240F236A-A310-4D35-B1E0-3F53848B86B6}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{5367BE22-0F30-4CA8-BEE6-61E703168315}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E43CCB56-1FA9-4F90-9443-7A3C2FDD128B}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [UDP Query User{919B6464-A703-437F-9B9C-AB244969B607}C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe] => C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe
FirewallRules: [TCP Query User{98B1F5E4-367E-4C19-88AE-B227E55F46B1}C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe] => C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe
FirewallRules: [{91852648-4E40-4394-ABCD-F9513D462D20}] => %ProgramFiles% (x86)\Castle Crashers\castle.exe
FirewallRules: [UDP Query User{4D8FCC0B-470D-4137-BDDB-AA4A1F96FBA2}C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe] => C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe
FirewallRules: [TCP Query User{CE24A54E-D074-4419-BB0B-818A302963F3}C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe] => C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe
FirewallRules: [{FAFA3443-A6D1-46E2-8C5E-4D5698B118AE}] => %SystemDrive%\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{151A868B-4625-40E8-B207-BF796D8EB2E5}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{B2B93F2B-E47B-4772-B3BE-8102A2FCBAC7}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{1E3629EE-B9D4-4213-8890-58A9542BE06B}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{A1F8ABF5-8FD8-4164-AF02-1478E76EAAC6}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{CF72DB3B-73E1-41BC-90D1-C48BC6BD2B8C}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{85AEA8FE-AB2D-4C7E-B298-350EF2B1B2BE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{105F6DDE-C74D-418C-9407-DDE1E328B474}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9907E2C8-AED5-44C9-9015-1BBA6C14A533}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9218311B-6857-4121-973C-608024531D35}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A422D07E-E465-47D4-B0B4-2D207F0BC204}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7D269628-44BD-45A0-AC71-872222FF8CB2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A69E186-FF6E-4EF0-97AA-B2C377B0B798}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{057B6E28-2CCC-4886-AF60-6AFA163E9911}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B36C9E2-3983-412D-BF1B-080D51524ACA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC5C39B0-AEB7-46AE-8F01-AAB94A4A3057}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AB24DA3C-0D8E-487C-80E4-BDC2E0C5F5D8}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9FE723A9-427E-42CA-A09D-7FE91FC8DBAA}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{07F3CA98-374A-491E-AD9A-D46D76835435}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{88C6FB53-407E-40C6-8F30-9D2F5B094154}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{AD224DC2-BCF0-4BFE-8910-F239903E727F}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [TCP Query User{018D4912-2BB8-46EE-BA07-07220BC8BC84}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe] => C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe
FirewallRules: [UDP Query User{75B31E9E-DAEB-4601-964F-C0A9A71F10DB}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe] => C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe
FirewallRules: [{D33FEC0D-5966-46A0-97FC-852B978DC81F}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{661EF75C-84B6-4772-98C6-2E9B1CA46288}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{1889A894-6227-426B-AF24-96F67422C3E0}] => C:\Program Files (x86)\WarThunder\win64\aces.exe
FirewallRules: [{953F4721-02A1-4163-B4BB-FCA6143AB772}] => C:\Program Files (x86)\WarThunder\win64\aces.exe
FirewallRules: [{CFEB9D65-8137-4CF2-8316-9D863FCFA654}] => C:\Program Files (x86)\WarThunder\win32\bpreport.exe
FirewallRules: [{2C795275-AEEF-4D28-ABE8-1E030081C9C0}] => C:\Program Files (x86)\WarThunder\win32\bpreport.exe
FirewallRules: [{3F77628F-2641-4557-96E2-5AAA14989DB3}] => C:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{5F8E90AE-957A-4C96-BE83-561E97F2FF36}] => C:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{46D54485-C600-4A82-B39A-0B34042E8154}] => C:\WarThunder\run.exe
FirewallRules: [{D49EA5DF-870D-42EA-B4CA-6D3354E2B4BD}] => C:\WarThunder\run.exe
FirewallRules: [{D75C142D-8286-4068-882C-57C99135FFF2}] => C:\Program Files (x86)\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{C671FB5D-C46F-45AA-ADD3-0E893FFFF68D}] => C:\Program Files (x86)\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{6F1945DC-9FEB-468A-A132-73E8397E46D6}] => C:\Program Files (x86)\World_of_Warships\worldofwarships.exe
FirewallRules: [{7B44ED3C-518D-4B7A-A1D4-D099CE521378}] => C:\Program Files (x86)\World_of_Warships\worldofwarships.exe
FirewallRules: [{D40CD0DB-6F04-4FB0-AC8D-604786933AAD}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A2FFCB29-CB06-4B1A-A65D-049C157A9396}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{94E37740-0E3E-4B56-9B52-BA4E64CE6580}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8BCB332F-EEC5-491E-ADD8-FE06CC6B1B7F}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D44DB049-9818-4055-A3DF-6800C2E6BDCC}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{75A3C0DA-A15A-4C1A-9D02-D1C9D11F6D20}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Points de restauration =========================

07-12-2016 22:17:28 Point de contrôle planifié
16-12-2016 17:11:13 Point de contrôle planifié
28-12-2016 10:56:16 Point de contrôle planifié
01-01-2017 23:08:04 Removed Apple Software Update
05-01-2017 18:01:20 Restore Operation

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (01/06/2017 04:45:15 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 03:15:15 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Détails :
(HRESULT : 0x80040210) (0x80040210)

Error: (01/06/2017 03:10:36 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 12:43:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ZDoom\ZDoom.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.

Error: (01/06/2017 12:40:51 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 12:30:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ZDoom\ZDoom.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.

Error: (01/06/2017 12:25:35 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 12:16:09 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Le fichier spécifié est introuvable.

Error: (01/06/2017 12:16:09 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Le fichier spécifié est introuvable.

Error: (01/06/2017 12:16:09 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Le fichier spécifié est introuvable.


Erreurs système:
=============
Error: (01/06/2017 05:57:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:55:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:53:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:51:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:49:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:47:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:45:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:43:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:41:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 05:39:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.


==================== Infos Mémoire ===========================

Processeur: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Pourcentage de mémoire utilisée: 37%
Mémoire physique - RAM - totale: 7114.26 MB
Mémoire physique - RAM - disponible: 4455.27 MB
Mémoire virtuelle totale: 8266.26 MB
Mémoire virtuelle disponible: 5653.02 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:712.21 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC9A329D)

Partition: GPT.

==================== Fin de Addition.txt ============================




Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Exécuté par Quelqu'un (administrateur) sur PC (06-01-2017 17:56:07)
Exécuté depuis C:\Users\Quelqu'un\Desktop
Profils chargés: Quelqu'un (Profils disponibles: Quelqu'un & battlecruiser)
Platform: Windows 10 Home Version 1607 (X64) Langue: French (Canada)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Waterfox Ltd) C:\Program Files\Waterfox\plugin-container.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\wlrmdr.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 8\Programmes32\AgentAntidote.exe [1220128 2015-09-18] (Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe [1380384 2015-09-18] (Druide informatique inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-05-31] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoWinkeys] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoInstrumentation] 1
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [387072 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [387072 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05ef7c5a-aaf5-4007-a27d-38eb014e8614}: [NameServer] 198.101.242.72,23.253.163.53,25.0.0.1
Tcpip\..\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}: [DhcpNameServer] 10.17.0.1
Tcpip\..\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{39461d4f-e9a6-4516-86b0-6cb9ce9f4ea9}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{77c6b013-46a0-4bb6-89f9-8e7ea791f25e}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{79816788-6263-4ca0-9ac7-68e40a1b3678}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}: [DhcpNameServer] 10.10.10.10
Tcpip\..\Interfaces\{c173450f-f5a5-46db-8693-2cc6eb093a35}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}: [NameServer] 198.101.242.72,23.253.163.53,192.168.1.1
Tcpip\..\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> DefaultScope {7628DB24-0587-48AE-9CE3-B830B02E9BC0} URL =
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> {7628DB24-0587-48AE-9CE3-B830B02E9BC0} URL =
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-10-04] (Oracle Corporation)
BHO: Pas de nom -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Pas de fichier
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-04] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-03] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-03] (Oracle Corporation)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 36kffurb.Default User
FF ProfilePath: C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default [2017-01-06]
FF Homepage: Mozilla\Firefox\Profiles\u676v7ok.default -> file:///C:/Users/Quelqu'un/Documents/Home/New Homepage.html
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> type", 0
FF Extension: (newtab.url) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\@newtaburl.xpi [2016-06-28]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\abb@amazon.com.xpi [2016-06-09]
FF Extension: (Firefox Hotfix) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (Français Language Pack) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2016-06-09]
FF Extension: (Adblock Plus) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-25]
FF ProfilePath: C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User [2017-01-06]
FF Homepage: Mozilla\Firefox\Profiles\36kffurb.Default User -> file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html
FF Extension: (newtab.url) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\@newtaburl.xpi [2016-09-02]
FF Extension: (Shift + Scroll (Horizontal Scrolling)) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\@shift-scroll.xpi [2016-12-22]
FF Extension: (Firebug) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\firebug@software.joehewitt.com.xpi [2016-12-22]
FF Extension: (HideScrollbars) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\Hidescrollbars@ArisT2Noia4dev.xpi [2016-12-22]
FF Extension: (Tamper Data Icon Redux) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\tamperdataiconredux@frizzip.com.xpi [2016-12-22]
FF Extension: (Toggle Proxy) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\toggleproxy@quirkyquipu.co.uk.xpi [2016-10-01]
FF Extension: (uBlock Origin) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\uBlock0@raymondhill.net.xpi [2016-12-19]
FF Extension: (VLC Youtube Shortcut) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\vlc_shortcut@kosan.kosan.xpi [2016-12-06]
FF Extension: (Stylish) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-12-06]
FF Extension: (Tamper Data) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2016-12-22]
FF Extension: (FireFTP) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2016-12-22]
FF Extension: (Fasterfox) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-12-22]
FF Extension: (Web Developer) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-12-22]
FF Extension: (Greasemonkey) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-12-06]
FF Extension: (User Agent Switcher) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-12-21]
FF Extension: (HackBar) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-12-22]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-05-31] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-05-31] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR StartupUrls: Profile 2 -> "file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html"
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Default [2016-12-05]
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-05]
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-29]
CHR Extension: (Google Slides) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-05]
CHR Extension: (Google Docs) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-05]
CHR Extension: (Google Drive) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-05]
CHR Extension: (YouTube) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (uBlock Origin) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-24]
CHR Extension: (Replace New Tab Page) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja [2016-12-05]
CHR Extension: (Tampermonkey) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-06]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2016-12-05]
CHR Extension: (Google Sheets) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-29]
CHR Extension: (Stylish) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-12-06]
CHR Extension: (uBlock Pro) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fmaicbnbcbjgbpecclcnaehmbpjpdane [2016-12-06]
CHR Extension: (Google Docs Offline) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-05]
CHR Extension: (VLC Capture) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\goppbgmjnldonmjemebdmcjfefbgoloh [2016-12-05]
CHR Extension: (NetBeans Connector) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2016-12-07]
CHR Extension: (Ghostery) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-05]
CHR Extension: (Gmail) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-05]
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-06]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <pas de Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <pas de Path/update_url>

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-05-31] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021056 2016-03-03] (Adobe Systems, Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-06] (Advanced Micro Devices) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Windows (R) Win 7 DDK provider)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-11-18] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816 2016-07-09] (www.ext2fsd.com)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
S4 KMSEmulator; C:\ProgramData\KMSAutoS\bin\KMSSS.exe [301056 2015-07-23] (MDL Forum, mod by Ratiborus) [Fichier non signé]
S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [395616 2015-07-17] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-17] (Acer Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Fichier non signé]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-26] (acer)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 TenorshareReibootService; C:\Users\Quelqu'un\Downloads\ReiBoot\TenorshareReibootService.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [307936 2015-08-22] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309270.inf_amd64_47c09dd18e1ee4c5\atikmdag.sys [28729240 2016-12-07] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309270.inf_amd64_47c09dd18e1ee4c5\atikmpag.sys [530328 2016-12-07] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2016-11-02] (Disc Soft Ltd)
R2 Ext2Fsd; C:\WINDOWS\system32\Drivers\Ext2Fsd.sys [799744 2016-07-09] (www.ext2fsd.com)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-12] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-28] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-28] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-28] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-28] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-28] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-28] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-28] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-28] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-07-17] (Acer Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
S3 pwdrvio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-07-17] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121824 2016-07-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195424 2016-07-21] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-01-06 22:19 - 2017-01-06 17:45 - 00158264 _____ C:\Users\Quelqu'un\Desktop\DnsJumper.ini
2017-01-06 17:56 - 2017-01-06 17:57 - 00035655 _____ C:\Users\Quelqu'un\Desktop\FRST.txt
2017-01-06 17:55 - 2017-01-06 17:56 - 00000000 ____D C:\FRST
2017-01-06 17:55 - 2017-01-06 17:55 - 02418176 _____ (Farbar) C:\Users\Quelqu'un\Desktop\FRST64.exe
2017-01-06 17:42 - 2017-01-06 17:44 - 00002278 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-06 17:42 - 2017-01-06 17:42 - 00000867 _____ C:\Users\Quelqu'un\Desktop\CCleaner.lnk
2017-01-06 17:42 - 2017-01-06 17:42 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-06 17:42 - 2017-01-06 17:42 - 00000000 ____D C:\Program Files\CCleaner
2017-01-06 17:41 - 2017-01-06 17:41 - 00710719 _____ C:\Users\Quelqu'un\Downloads\DnsJumper.zip
2017-01-06 17:40 - 2017-01-06 17:40 - 08803648 _____ (Piriform Ltd) C:\Users\Quelqu'un\Downloads\ccsetup525(1).exe
2017-01-06 17:38 - 2017-01-06 17:38 - 08803648 _____ (Piriform Ltd) C:\Users\Quelqu'un\Downloads\ccsetup525.exe
2017-01-06 17:35 - 2017-01-06 17:35 - 00000445 _____ C:\Users\Quelqu'un\Downloads\InternetFlush.zip
2017-01-06 17:11 - 2017-01-06 17:11 - 00353632 _____ C:\Users\Quelqu'un\Downloads\rsthosts_2.0.exe
2017-01-06 17:11 - 2017-01-06 17:11 - 00000653 _____ C:\RstHosts.txt
2017-01-06 17:04 - 2017-01-06 17:04 - 00001081 _____ C:\Users\Quelqu'un\Downloads\Reset_Reregister_Windows_Update_Components.zip
2017-01-06 16:28 - 2017-01-06 17:47 - 00079960 _____ C:\Users\Quelqu'un\Desktop\MTB.txt
2017-01-06 16:27 - 2017-01-06 16:27 - 00892416 _____ (Farbar) C:\Users\Quelqu'un\Desktop\MiniToolBox.exe
2017-01-06 00:16 - 2017-01-06 00:16 - 00000000 ___HD C:\$SysReset
2017-01-05 23:56 - 2017-01-05 23:56 - 00000020 ___SH C:\Users\battlecruiser\ntuser.ini
2017-01-05 23:56 - 2017-01-05 23:56 - 00000000 ____D C:\Users\battlecruiser
2017-01-05 23:56 - 2016-11-18 15:17 - 00000000 ____D C:\Users\battlecruiser\AppData\Local\LogMeIn Hamachi
2017-01-05 23:47 - 2017-01-05 23:47 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\TileDataLayer
2017-01-05 22:20 - 2017-01-05 22:20 - 06293184 _____ (Piriform Ltd) C:\Users\Quelqu'un\Downloads\spsetup130.exe
2017-01-05 22:20 - 2017-01-05 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-01-05 22:20 - 2017-01-05 22:20 - 00000000 ____D C:\Program Files\Speccy
2017-01-05 19:03 - 2017-01-06 01:07 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-01-05 17:58 - 2017-01-05 18:51 - 00000000 ____D C:\WINDOWS\FlightingTemp
2017-01-04 22:38 - 2017-01-04 22:39 - 00001494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broforce.lnk
2017-01-04 18:55 - 2017-01-06 17:45 - 00988721 _____ (www.sordum.org) C:\Users\Quelqu'un\Desktop\DnsJumper.exe
2016-12-29 23:28 - 2017-01-04 16:26 - 00000332 _____ C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job
2016-12-29 08:44 - 2016-12-29 08:44 - 00001955 _____ C:\Users\Quelqu'un\Downloads\tpprogweb.css
2016-12-29 07:35 - 2017-01-06 17:44 - 00003104 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-29 07:35 - 2017-01-06 17:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-28 22:01 - 2016-12-28 22:01 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2016-12-28 11:36 - 2016-12-28 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-28 10:21 - 2016-12-28 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2016-12-28 10:20 - 2016-12-28 11:39 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\Users\Default.migrated\ntuser.dat{0631da61-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\Users\Default.migrated\ntuser.dat{0631da61-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\ProgramData\ntuser.dat{0631da5a-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\ProgramData\ntuser.dat{0631da5a-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00065536 ___SH C:\Users\Default.migrated\ntuser.dat{0631da61-cd10-11e6-9df4-b88687c92a1a}.TM.blf
2016-12-28 10:19 - 2016-12-28 10:19 - 00065536 ___SH C:\ProgramData\ntuser.dat{0631da5a-cd10-11e6-9df4-b88687c92a1a}.TM.blf
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 ___SH C:\Users\Default.migrated\ntuser.dat.LOG1
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 ___SH C:\ProgramData\ntuser.dat.LOG1
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 _____ C:\Users\Default.migrated\ntuser.dat
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 _____ C:\ProgramData\ntuser.dat
2016-12-28 10:19 - 2016-12-28 10:19 - 00000000 ___SH C:\Users\Default.migrated\ntuser.dat.LOG2
2016-12-28 10:19 - 2016-12-28 10:19 - 00000000 ___SH C:\ProgramData\ntuser.dat.LOG2
2016-12-24 06:41 - 2016-12-24 08:15 - 00000000 ____D C:\Users\Quelqu'un\Documents\Convoy
2016-12-24 06:41 - 2016-12-24 06:41 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Steam
2016-12-24 03:46 - 2016-12-24 03:46 - 00000000 ____D C:\ProgramData\StartupSoundChanger
2016-12-24 03:46 - 2016-12-24 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Sound Changer
2016-12-24 03:46 - 2016-12-24 03:46 - 00000000 ____D C:\Program Files (x86)\Startup Sound Changer
2016-12-24 03:45 - 2016-12-24 03:45 - 00112614 _____ C:\Users\Quelqu'un\Downloads\StartupSoundChanger1.0.zip
2016-12-21 20:57 - 2017-01-06 16:43 - 00000234 _____ C:\Users\Quelqu'un\Desktop\New Text Document.txt
2016-12-21 03:09 - 2016-12-21 03:09 - 04499193 _____ C:\Users\Quelqu'un\Downloads\cover_photo_661664_1458447912.jpg
2016-12-21 03:04 - 2016-12-21 03:04 - 01644806 _____ C:\Users\Quelqu'un\Downloads\Blue-Smoke-Abstract-Desktop-Background.jpg
2016-12-20 19:55 - 2016-12-21 00:13 - 888308826 _____ C:\Users\Quelqu'un\Downloads\Ghost Rider Spirit of Vengeance 2011 Dual Audio Hindi www.9xmovies.net 720p BRRip.mkv
2016-12-19 23:43 - 2016-12-19 23:43 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Facebook
2016-12-19 22:11 - 2016-12-19 22:11 - 00000000 ____D C:\Users\Quelqu'un\AppData\LocalLow\AMD
2016-12-19 15:05 - 2016-12-19 15:15 - 84760721 _____ C:\Users\Quelqu'un\Downloads\FTLS_v020.zip
2016-12-19 01:50 - 2017-01-05 18:51 - 00000000 ____D C:\Program Files\FTL Faster Than Light
2016-12-19 01:50 - 2016-12-19 01:50 - 00001362 _____ C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTL‎.lnk
2016-12-18 04:19 - 2016-12-18 04:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-12-13 19:16 - 2016-12-19 01:31 - 00000000 ____D C:\Users\Quelqu'un\Documents\NeocoreGames
2016-12-12 19:58 - 2016-12-12 19:58 - 02746659 _____ C:\Users\Quelqu'un\Downloads\JonTron & The Gregory Brothers - SDGAF.mp3
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Microsoft_Corporation
2016-12-12 12:26 - 2016-12-12 12:26 - 01219374 _____ C:\Users\Quelqu'un\Downloads\FF1_Victory.mp3
2016-12-12 02:37 - 2016-12-12 02:37 - 04290880 _____ C:\Users\Quelqu'un\Downloads\ALL THE WAY - Jacksepticeye Songify Remix by Schmoyoho.mp3
2016-12-11 23:08 - 2016-12-12 20:04 - 00001683 _____ C:\Users\Quelqu'un\Downloads\Being in Love is Like being on Drugs.txt
2016-12-11 16:29 - 2016-12-11 16:29 - 02679535 _____ C:\Users\Quelqu'un\Downloads\JonTron & The Gregory Brothers - Being in Love Is Like Being on Drugs.mp3
2016-12-10 17:36 - 2017-01-05 19:14 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-10 17:36 - 2017-01-05 19:13 - 724642561 _____ C:\WINDOWS\MEMORY.DMP
2016-12-10 17:36 - 2016-12-10 17:37 - 00418316 _____ C:\WINDOWS\Minidump\121016-26406-01.dmp
2016-12-09 15:49 - 2016-12-09 15:50 - 03294464 _____ C:\Users\Quelqu'un\Downloads\John Lennon - Happy Christmas.mp3
2016-12-09 15:42 - 2016-12-09 15:43 - 87699042 _____ C:\Users\Quelqu'un\Downloads\Love Is Like Drugs - ft. JonTron _ Mike Diva (Full Version).mp4
2016-12-09 15:22 - 2016-12-09 15:22 - 09511628 _____ C:\Users\Quelqu'un\Downloads\Songify This - CAN'T HUG EVERY CAT (now on iTunes) -- a song about loving cats.mp4
2016-12-09 14:01 - 2016-12-09 14:02 - 56833576 _____ C:\Users\Quelqu'un\Downloads\The Sinister Reason Weed is Illegal.mp4
2016-12-09 13:48 - 2016-12-09 13:48 - 59454603 _____ C:\Users\Quelqu'un\Downloads\The Terrifying Cost of Free” Websites.mp4
2016-12-09 12:52 - 2016-12-09 13:29 - 856539818 _____ C:\Users\Quelqu'un\Downloads\Guts_and_Glory_v0.3.3_Windows.zip
2016-12-08 22:14 - 2016-12-08 22:15 - 02617928 _____ C:\Users\Quelqu'un\Downloads\Ivan Rebroff - Cossack Patrol.mp3
2016-12-08 22:09 - 2016-12-08 22:15 - 04543360 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Polyushka Polye.mp3
2016-12-08 22:07 - 2016-12-08 22:15 - 02628147 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir The Red Army Is the Strongest..mp3
2016-12-08 22:06 - 2016-12-08 22:15 - 06975936 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Korobeiniki..mp3
2016-12-08 21:59 - 2016-12-08 22:15 - 06497792 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir- Kalinka..mp3
2016-12-08 21:58 - 2016-12-08 22:15 - 03225984 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Smuglianka..mp3
2016-12-08 21:58 - 2016-12-08 22:15 - 02506368 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Katusha.mp3
2016-12-08 21:44 - 2016-12-08 22:14 - 03393920 _____ C:\Users\Quelqu'un\Downloads\Emmenez moi Charles Aznavour Paroles.mp3
2016-12-08 21:35 - 2016-12-08 22:15 - 04698816 _____ C:\Users\Quelqu'un\Downloads\Roger Whittaker Mon Pays Bleu.mp3
2016-12-08 21:32 - 2016-12-08 22:15 - 03033442 _____ C:\Users\Quelqu'un\Downloads\Roger Whittaker Mistral 1969.mp3
2016-12-08 19:09 - 2016-12-08 19:09 - 00001270 _____ C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II.lnk
2016-12-08 18:59 - 2016-12-08 18:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-08 18:35 - 2016-12-12 15:43 - 00000000 ____D C:\Program Files\Diablo II
2016-12-07 17:33 - 2016-12-07 17:33 - 00276376 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00168856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00143768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00138136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00117656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00922512 _____ (AMD) C:\WINDOWS\system32\coinst_16.50.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00290712 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-12-07 17:32 - 2016-12-07 17:32 - 00284056 _____ C:\WINDOWS\system32\GameManager64.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00277912 _____ C:\WINDOWS\system32\clinfo.exe
2016-12-07 17:32 - 2016-12-07 17:32 - 00248728 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00242072 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00126360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00029080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00029080 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00539544 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00467352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00298904 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00239000 _____ C:\WINDOWS\system32\atieah64.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00216984 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00211864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00185240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00149504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00145872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00119192 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00110488 _____ C:\WINDOWS\system32\atidxx64.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00098200 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 02495896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 02178968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 01015704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 01015704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 00411032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-12-07 17:30 - 2016-12-07 17:30 - 00068504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 09945496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 08082328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00121240 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00112024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00108440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00096152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00853912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00688024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00091544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00075160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-12-07 17:27 - 2016-12-07 17:27 - 00256920 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-12-07 17:27 - 2016-12-07 17:27 - 00229784 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-12-07 17:23 - 2016-12-07 17:23 - 00119736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-12-07 17:23 - 2016-12-07 17:23 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00474984 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00151448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00135280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00124920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00119736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00112960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-12-07 11:42 - 2016-12-15 17:09 - 00000000 ___RD C:\Users\Quelqu'un\Documents\NetBeansProjects
2016-12-07 02:53 - 2016-12-07 02:53 - 00154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-12-07 02:53 - 2016-12-07 02:53 - 00119856 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-12-07 02:53 - 2016-12-07 02:53 - 00115984 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-12-07 02:52 - 2016-12-07 02:52 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-12-07 02:52 - 2016-12-07 02:52 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-12-07 02:52 - 2016-12-07 02:52 - 00776464 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-12-07 02:52 - 2016-12-07 02:52 - 00776464 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-12-07 02:52 - 2016-12-07 02:52 - 00019391 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-12-07 02:52 - 2016-12-07 02:52 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-12-07 02:52 - 2016-12-07 02:52 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-01-06 17:44 - 2016-12-05 15:24 - 00003574 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-06 17:44 - 2016-12-05 15:24 - 00003350 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-06 17:44 - 2016-11-18 15:28 - 00002890 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-01-06 17:44 - 2016-11-18 15:28 - 00002814 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-PC-Quelqu'un
2017-01-06 17:44 - 2016-11-18 15:28 - 00002648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-01-06 17:41 - 2016-06-09 21:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-06 16:48 - 2016-11-24 18:06 - 00000000 ____D C:\Users\Quelqu'un\AppData\LocalLow\Mozilla
2017-01-06 16:45 - 2016-11-18 15:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-06 16:44 - 2016-11-18 14:40 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-06 16:44 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-06 15:38 - 2016-06-13 20:14 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\vlc
2017-01-06 15:34 - 2016-11-18 14:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-06 15:14 - 2016-11-18 14:44 - 02404426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-06 15:14 - 2016-07-16 17:40 - 00969820 _____ C:\WINDOWS\system32\perfh00C.dat
2017-01-06 15:14 - 2016-07-16 17:40 - 00225874 _____ C:\WINDOWS\system32\perfc00C.dat
2017-01-06 15:13 - 2016-06-09 10:23 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Adobe
2017-01-06 01:02 - 2016-10-01 21:42 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\tor
2017-01-06 00:14 - 2016-11-18 14:44 - 00000000 ____D C:\Users\Quelqu'un
2017-01-06 00:13 - 2016-10-25 16:22 - 00000000 ____D C:\WINDOWS\pss
2017-01-06 00:01 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-05 23:03 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-05 21:03 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\Media
2017-01-05 20:52 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 20:47 - 2016-06-09 06:05 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Packages
2017-01-05 20:46 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-05 19:41 - 2016-09-01 10:28 - 00000000 ____D C:\Program Files\Waterfox
2017-01-05 19:03 - 2016-06-09 10:56 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\ElevatedDiagnostics
2017-01-05 18:51 - 2016-11-07 15:32 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Azureus
2017-01-05 18:51 - 2016-10-07 10:31 - 00000000 ____D C:\ProgramData\KMSAutoS
2017-01-05 18:51 - 2016-07-23 13:13 - 00000000 ____D C:\Program Files\Broforce
2017-01-05 18:51 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-05 18:51 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-05 18:51 - 2016-06-20 19:38 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Winamp
2017-01-05 18:43 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\registration
2017-01-05 15:39 - 2016-11-28 23:05 - 00000600 _____ C:\Users\Quelqu'un\AppData\Roaming\winscp.rnd
2017-01-04 22:17 - 2016-11-07 15:35 - 00000000 ___RD C:\Users\Quelqu'un\Documents\Vuze Downloads
2017-01-04 01:46 - 2016-11-18 14:35 - 05036400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-02 00:07 - 2016-11-18 14:40 - 00000000 ____D C:\Program Files\AMD
2016-12-30 03:20 - 2016-06-09 06:05 - 00000000 ___RD C:\Users\Quelqu'un\Pictures
2016-12-29 23:13 - 2016-06-09 06:05 - 00000000 ___RD C:\Users\Quelqu'un\Videos
2016-12-29 07:35 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-29 07:35 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-29 07:02 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\drivers
2016-12-28 23:55 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-28 21:59 - 2016-06-09 21:50 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-28 21:58 - 2016-09-12 23:03 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-28 21:58 - 2015-06-16 20:56 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-28 21:54 - 2016-11-18 18:59 - 00042458 _____ C:\WINDOWS\PFRO.log
2016-12-28 11:36 - 2016-06-09 21:50 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-12-28 11:35 - 2016-04-27 00:38 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT
2016-12-28 10:21 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-28 10:20 - 2016-07-16 01:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-12-28 10:20 - 2016-07-16 01:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-28 10:19 - 2016-07-16 06:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-28 10:19 - 2016-07-16 06:47 - 00000000 ___HD C:\ProgramData
2016-12-28 10:19 - 2015-10-30 01:28 - 00000000 ____D C:\Users\Default.migrated
2016-12-24 18:39 - 2016-06-19 21:24 - 00000000 ____D C:\War2Combat
2016-12-24 06:41 - 2016-11-18 14:44 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming
2016-12-24 06:41 - 2016-06-09 06:05 - 00000000 ___RD C:\Users\Quelqu'un\Documents
2016-12-22 16:18 - 2015-09-03 04:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-21 21:45 - 2016-06-28 11:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-21 21:35 - 2016-06-09 18:32 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Skype
2016-12-21 20:50 - 2016-10-05 19:56 - 00195126 _____ C:\Users\Quelqu'un\Downloads\useragents.xml
2016-12-19 23:48 - 2016-06-09 06:06 - 00000000 ___RD C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-19 22:11 - 2016-06-09 06:05 - 00000000 ____D C:\Users\Quelqu'un\AppData\LocalLow
2016-12-19 03:41 - 2016-06-12 10:02 - 00000000 ____D C:\Users\Quelqu'un\Documents\My Games
2016-12-18 04:18 - 2016-10-01 16:50 - 00000000 ____D C:\Program Files (x86)\AMD
2016-12-18 04:15 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-18 04:08 - 2016-11-16 10:41 - 00000000 ____D C:\AMD
2016-12-15 17:05 - 2016-09-28 16:04 - 00000000 ___RD C:\Users\Quelqu'un\Documents\Visual Studio 2015
2016-12-15 13:57 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-11 23:36 - 2016-10-25 17:00 - 00000000 ___RD C:\Users\Quelqu'un\Documents\Important
2016-12-10 03:38 - 2016-12-05 15:25 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-08 20:43 - 2016-06-25 02:14 - 00000000 ___SD C:\Users\Quelqu'un\Documents\Home
2016-12-08 18:58 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-08 18:58 - 2016-07-16 01:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-08 18:58 - 2016-06-09 08:47 - 00140922 _____ C:\WINDOWS\DirectX.log
2016-12-07 17:30 - 2015-08-23 20:25 - 01355672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll

==================== Fichiers à la racine de certains dossiers =======

2016-07-06 15:05 - 2016-07-06 15:08 - 0000820 _____ () C:\Users\Quelqu'un\AppData\Roaming\MPQEditor.ini
2016-11-28 23:05 - 2017-01-05 15:39 - 0000600 _____ () C:\Users\Quelqu'un\AppData\Roaming\winscp.rnd
2016-08-15 17:20 - 2016-08-15 17:20 - 0001472 _____ () C:\Users\Quelqu'un\AppData\Local\recently-used.xbel
2016-08-15 10:45 - 2016-08-15 10:45 - 0007595 _____ () C:\Users\Quelqu'un\AppData\Local\Resmon.ResmonCfg
2016-11-18 14:41 - 2016-11-18 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-07 05:49 - 2017-01-05 22:48 - 0019535 _____ () C:\ProgramData\empty.ico

Certains fichiers dans TEMP:
====================
C:\Users\Quelqu'un\AppData\Local\Temp\Hola-Setup-x64-1.21.641.exe
C:\Users\Quelqu'un\AppData\Local\Temp\i4jdel0.exe
C:\Users\Quelqu'un\AppData\Local\Temp\i4jdel1.exe
C:\Users\Quelqu'un\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-01-03 20:22

==================== Fin de FRST.txt ============================
 
I'd like to have these logs in English please.
Right Click on FRST64 and rename the FRST file to frst64english.exe
Please then re-run the scan and post the FRST and Addition.txt logs.
Make sure and still run the program as Administrator.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Quelqu'un (administrator) on PC (06-01-2017 18:49:33)
Running from C:\Users\Quelqu'un\Desktop
Loaded Profiles: Quelqu'un (Available Profiles: Quelqu'un & battlecruiser)
Platform: Windows 10 Home Version 1607 (X64) Language: French (Canada)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Waterfox Ltd) C:\Program Files\Waterfox\plugin-container.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\wlrmdr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Farbar) C:\Users\Quelqu'un\Desktop\frst64english.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 8\Programmes32\AgentAntidote.exe [1220128 2015-09-18] (Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe [1380384 2015-09-18] (Druide informatique inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-05-31] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoWinkeys] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoInstrumentation] 1
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [387072 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [387072 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05ef7c5a-aaf5-4007-a27d-38eb014e8614}: [NameServer] 198.101.242.72,23.253.163.53,25.0.0.1
Tcpip\..\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}: [DhcpNameServer] 10.17.0.1
Tcpip\..\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{39461d4f-e9a6-4516-86b0-6cb9ce9f4ea9}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{77c6b013-46a0-4bb6-89f9-8e7ea791f25e}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{79816788-6263-4ca0-9ac7-68e40a1b3678}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}: [DhcpNameServer] 10.10.10.10
Tcpip\..\Interfaces\{c173450f-f5a5-46db-8693-2cc6eb093a35}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}: [NameServer] 198.101.242.72,23.253.163.53,192.168.1.1
Tcpip\..\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> DefaultScope {7628DB24-0587-48AE-9CE3-B830B02E9BC0} URL =
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> {7628DB24-0587-48AE-9CE3-B830B02E9BC0} URL =
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-10-04] (Oracle Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-04] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-03] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-03] (Oracle Corporation)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 36kffurb.Default User
FF ProfilePath: C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default [2017-01-06]
FF Homepage: Mozilla\Firefox\Profiles\u676v7ok.default -> file:///C:/Users/Quelqu'un/Documents/Home/New Homepage.html
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> type", 0
FF Extension: (newtab.url) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\@newtaburl.xpi [2016-06-28]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\abb@amazon.com.xpi [2016-06-09]
FF Extension: (Firefox Hotfix) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (Français Language Pack) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2016-06-09]
FF Extension: (Adblock Plus) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-25]
FF ProfilePath: C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User [2017-01-06]
FF Homepage: Mozilla\Firefox\Profiles\36kffurb.Default User -> file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html
FF Extension: (newtab.url) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\@newtaburl.xpi [2016-09-02]
FF Extension: (Shift + Scroll (Horizontal Scrolling)) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\@shift-scroll.xpi [2016-12-22]
FF Extension: (Firebug) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\firebug@software.joehewitt.com.xpi [2016-12-22]
FF Extension: (HideScrollbars) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\Hidescrollbars@ArisT2Noia4dev.xpi [2016-12-22]
FF Extension: (Tamper Data Icon Redux) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\tamperdataiconredux@frizzip.com.xpi [2016-12-22]
FF Extension: (Toggle Proxy) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\toggleproxy@quirkyquipu.co.uk.xpi [2016-10-01]
FF Extension: (uBlock Origin) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\uBlock0@raymondhill.net.xpi [2016-12-19]
FF Extension: (VLC Youtube Shortcut) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\vlc_shortcut@kosan.kosan.xpi [2016-12-06]
FF Extension: (Stylish) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-12-06]
FF Extension: (Tamper Data) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2016-12-22]
FF Extension: (FireFTP) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2016-12-22]
FF Extension: (Fasterfox) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-12-22]
FF Extension: (Web Developer) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-12-22]
FF Extension: (Greasemonkey) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-12-06]
FF Extension: (User Agent Switcher) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-12-21]
FF Extension: (HackBar) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-12-22]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-05-31] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-05-31] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR StartupUrls: Profile 2 -> "file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html"
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Default [2016-12-05]
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-05]
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-29]
CHR Extension: (Google Slides) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-05]
CHR Extension: (Google Docs) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-05]
CHR Extension: (Google Drive) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-05]
CHR Extension: (YouTube) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (uBlock Origin) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-24]
CHR Extension: (Replace New Tab Page) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja [2016-12-05]
CHR Extension: (Tampermonkey) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-06]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2016-12-05]
CHR Extension: (Google Sheets) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-29]
CHR Extension: (Stylish) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-12-06]
CHR Extension: (uBlock Pro) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fmaicbnbcbjgbpecclcnaehmbpjpdane [2016-12-06]
CHR Extension: (Google Docs Offline) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-05]
CHR Extension: (VLC Capture) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\goppbgmjnldonmjemebdmcjfefbgoloh [2016-12-05]
CHR Extension: (NetBeans Connector) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2016-12-07]
CHR Extension: (Ghostery) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-05]
CHR Extension: (Gmail) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-05]
CHR Profile: C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-06]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-05-31] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021056 2016-03-03] (Adobe Systems, Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-06] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Windows (R) Win 7 DDK provider)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-11-18] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816 2016-07-09] (www.ext2fsd.com)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 KMSEmulator; C:\ProgramData\KMSAutoS\bin\KMSSS.exe [301056 2015-07-23] (MDL Forum, mod by Ratiborus) [File not signed]
S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [395616 2015-07-17] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-17] (Acer Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-26] (acer)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 TenorshareReibootService; C:\Users\Quelqu'un\Downloads\ReiBoot\TenorshareReibootService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [307936 2015-08-22] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309270.inf_amd64_47c09dd18e1ee4c5\atikmdag.sys [28729240 2016-12-07] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309270.inf_amd64_47c09dd18e1ee4c5\atikmpag.sys [530328 2016-12-07] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2016-11-02] (Disc Soft Ltd)
R2 Ext2Fsd; C:\WINDOWS\system32\Drivers\Ext2Fsd.sys [799744 2016-07-09] (www.ext2fsd.com)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-12] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-28] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-28] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-28] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-28] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-28] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-28] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-28] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-28] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-07-17] (Acer Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
S3 pwdrvio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-07-17] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121824 2016-07-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195424 2016-07-21] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-06 22:19 - 2017-01-06 17:45 - 00158264 _____ C:\Users\Quelqu'un\Desktop\DnsJumper.ini
2017-01-06 17:57 - 2017-01-06 18:48 - 00059460 _____ C:\Users\Quelqu'un\Desktop\Addition.txt
2017-01-06 17:56 - 2017-01-06 18:49 - 00035481 _____ C:\Users\Quelqu'un\Desktop\FRST.txt
2017-01-06 17:55 - 2017-01-06 18:49 - 00000000 ____D C:\FRST
2017-01-06 17:55 - 2017-01-06 17:55 - 02418176 _____ (Farbar) C:\Users\Quelqu'un\Desktop\frst64english.exe
2017-01-06 17:42 - 2017-01-06 17:44 - 00002278 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-06 17:42 - 2017-01-06 17:42 - 00000867 _____ C:\Users\Quelqu'un\Desktop\CCleaner.lnk
2017-01-06 17:42 - 2017-01-06 17:42 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-01-06 17:42 - 2017-01-06 17:42 - 00000000 ____D C:\Program Files\CCleaner
2017-01-06 17:41 - 2017-01-06 17:41 - 00710719 _____ C:\Users\Quelqu'un\Downloads\DnsJumper.zip
2017-01-06 17:40 - 2017-01-06 17:40 - 08803648 _____ (Piriform Ltd) C:\Users\Quelqu'un\Downloads\ccsetup525(1).exe
2017-01-06 17:38 - 2017-01-06 17:38 - 08803648 _____ (Piriform Ltd) C:\Users\Quelqu'un\Downloads\ccsetup525.exe
2017-01-06 17:35 - 2017-01-06 17:35 - 00000445 _____ C:\Users\Quelqu'un\Downloads\InternetFlush.zip
2017-01-06 17:11 - 2017-01-06 17:11 - 00353632 _____ C:\Users\Quelqu'un\Downloads\rsthosts_2.0.exe
2017-01-06 17:11 - 2017-01-06 17:11 - 00000653 _____ C:\RstHosts.txt
2017-01-06 17:04 - 2017-01-06 17:04 - 00001081 _____ C:\Users\Quelqu'un\Downloads\Reset_Reregister_Windows_Update_Components.zip
2017-01-06 16:28 - 2017-01-06 17:47 - 00079960 _____ C:\Users\Quelqu'un\Desktop\MTB.txt
2017-01-06 16:27 - 2017-01-06 16:27 - 00892416 _____ (Farbar) C:\Users\Quelqu'un\Desktop\MiniToolBox.exe
2017-01-06 00:16 - 2017-01-06 00:16 - 00000000 ___HD C:\$SysReset
2017-01-05 23:56 - 2017-01-05 23:56 - 00000020 ___SH C:\Users\battlecruiser\ntuser.ini
2017-01-05 23:56 - 2017-01-05 23:56 - 00000000 ____D C:\Users\battlecruiser
2017-01-05 23:56 - 2016-11-18 15:17 - 00000000 ____D C:\Users\battlecruiser\AppData\Local\LogMeIn Hamachi
2017-01-05 23:47 - 2017-01-05 23:47 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\TileDataLayer
2017-01-05 22:20 - 2017-01-05 22:20 - 06293184 _____ (Piriform Ltd) C:\Users\Quelqu'un\Downloads\spsetup130.exe
2017-01-05 22:20 - 2017-01-05 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-01-05 22:20 - 2017-01-05 22:20 - 00000000 ____D C:\Program Files\Speccy
2017-01-05 19:03 - 2017-01-06 01:07 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-01-05 17:58 - 2017-01-05 18:51 - 00000000 ____D C:\WINDOWS\FlightingTemp
2017-01-04 22:38 - 2017-01-04 22:39 - 00001494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broforce.lnk
2017-01-04 18:55 - 2017-01-06 17:45 - 00988721 _____ (www.sordum.org) C:\Users\Quelqu'un\Desktop\DnsJumper.exe
2016-12-29 23:28 - 2017-01-04 16:26 - 00000332 _____ C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job
2016-12-29 08:44 - 2016-12-29 08:44 - 00001955 _____ C:\Users\Quelqu'un\Downloads\tpprogweb.css
2016-12-29 07:35 - 2017-01-06 17:44 - 00003104 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-29 07:35 - 2017-01-06 17:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-28 22:01 - 2016-12-28 22:01 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-12-28 21:59 - 2016-12-28 21:59 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2016-12-28 11:36 - 2016-12-28 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-28 10:21 - 2016-12-28 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2016-12-28 10:20 - 2016-12-28 11:39 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\Users\Default.migrated\ntuser.dat{0631da61-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\Users\Default.migrated\ntuser.dat{0631da61-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\ProgramData\ntuser.dat{0631da5a-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00524288 ___SH C:\ProgramData\ntuser.dat{0631da5a-cd10-11e6-9df4-b88687c92a1a}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 10:19 - 2016-12-28 10:19 - 00065536 ___SH C:\Users\Default.migrated\ntuser.dat{0631da61-cd10-11e6-9df4-b88687c92a1a}.TM.blf
2016-12-28 10:19 - 2016-12-28 10:19 - 00065536 ___SH C:\ProgramData\ntuser.dat{0631da5a-cd10-11e6-9df4-b88687c92a1a}.TM.blf
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 ___SH C:\Users\Default.migrated\ntuser.dat.LOG1
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 ___SH C:\ProgramData\ntuser.dat.LOG1
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 _____ C:\Users\Default.migrated\ntuser.dat
2016-12-28 10:19 - 2016-12-28 10:19 - 00008192 _____ C:\ProgramData\ntuser.dat
2016-12-28 10:19 - 2016-12-28 10:19 - 00000000 ___SH C:\Users\Default.migrated\ntuser.dat.LOG2
2016-12-28 10:19 - 2016-12-28 10:19 - 00000000 ___SH C:\ProgramData\ntuser.dat.LOG2
2016-12-24 06:41 - 2016-12-24 08:15 - 00000000 ____D C:\Users\Quelqu'un\Documents\Convoy
2016-12-24 06:41 - 2016-12-24 06:41 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Steam
2016-12-24 03:46 - 2016-12-24 03:46 - 00000000 ____D C:\ProgramData\StartupSoundChanger
2016-12-24 03:46 - 2016-12-24 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Sound Changer
2016-12-24 03:46 - 2016-12-24 03:46 - 00000000 ____D C:\Program Files (x86)\Startup Sound Changer
2016-12-24 03:45 - 2016-12-24 03:45 - 00112614 _____ C:\Users\Quelqu'un\Downloads\StartupSoundChanger1.0.zip
2016-12-21 20:57 - 2017-01-06 16:43 - 00000234 _____ C:\Users\Quelqu'un\Desktop\New Text Document.txt
2016-12-21 03:09 - 2016-12-21 03:09 - 04499193 _____ C:\Users\Quelqu'un\Downloads\cover_photo_661664_1458447912.jpg
2016-12-21 03:04 - 2016-12-21 03:04 - 01644806 _____ C:\Users\Quelqu'un\Downloads\Blue-Smoke-Abstract-Desktop-Background.jpg
2016-12-20 19:55 - 2016-12-21 00:13 - 888308826 _____ C:\Users\Quelqu'un\Downloads\Ghost Rider Spirit of Vengeance 2011 Dual Audio Hindi www.9xmovies.net 720p BRRip.mkv
2016-12-19 23:43 - 2016-12-19 23:43 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Facebook
2016-12-19 22:11 - 2016-12-19 22:11 - 00000000 ____D C:\Users\Quelqu'un\AppData\LocalLow\AMD
2016-12-19 15:05 - 2016-12-19 15:15 - 84760721 _____ C:\Users\Quelqu'un\Downloads\FTLS_v020.zip
2016-12-19 01:50 - 2017-01-05 18:51 - 00000000 ____D C:\Program Files\FTL Faster Than Light
2016-12-19 01:50 - 2016-12-19 01:50 - 00001362 _____ C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTL‎.lnk
2016-12-18 04:19 - 2016-12-18 04:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-12-13 19:16 - 2016-12-19 01:31 - 00000000 ____D C:\Users\Quelqu'un\Documents\NeocoreGames
2016-12-12 19:58 - 2016-12-12 19:58 - 02746659 _____ C:\Users\Quelqu'un\Downloads\JonTron & The Gregory Brothers - SDGAF.mp3
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Microsoft_Corporation
2016-12-12 12:26 - 2016-12-12 12:26 - 01219374 _____ C:\Users\Quelqu'un\Downloads\FF1_Victory.mp3
2016-12-12 02:37 - 2016-12-12 02:37 - 04290880 _____ C:\Users\Quelqu'un\Downloads\ALL THE WAY - Jacksepticeye Songify Remix by Schmoyoho.mp3
2016-12-11 23:08 - 2016-12-12 20:04 - 00001683 _____ C:\Users\Quelqu'un\Downloads\Being in Love is Like being on Drugs.txt
2016-12-11 16:29 - 2016-12-11 16:29 - 02679535 _____ C:\Users\Quelqu'un\Downloads\JonTron & The Gregory Brothers - Being in Love Is Like Being on Drugs.mp3
2016-12-10 17:36 - 2017-01-05 19:14 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-10 17:36 - 2017-01-05 19:13 - 724642561 _____ C:\WINDOWS\MEMORY.DMP
2016-12-10 17:36 - 2016-12-10 17:37 - 00418316 _____ C:\WINDOWS\Minidump\121016-26406-01.dmp
2016-12-09 15:49 - 2016-12-09 15:50 - 03294464 _____ C:\Users\Quelqu'un\Downloads\John Lennon - Happy Christmas.mp3
2016-12-09 15:42 - 2016-12-09 15:43 - 87699042 _____ C:\Users\Quelqu'un\Downloads\Love Is Like Drugs - ft. JonTron _ Mike Diva (Full Version).mp4
2016-12-09 15:22 - 2016-12-09 15:22 - 09511628 _____ C:\Users\Quelqu'un\Downloads\Songify This - CAN'T HUG EVERY CAT (now on iTunes) -- a song about loving cats.mp4
2016-12-09 14:01 - 2016-12-09 14:02 - 56833576 _____ C:\Users\Quelqu'un\Downloads\The Sinister Reason Weed is Illegal.mp4
2016-12-09 13:48 - 2016-12-09 13:48 - 59454603 _____ C:\Users\Quelqu'un\Downloads\The Terrifying Cost of Free” Websites.mp4
2016-12-09 12:52 - 2016-12-09 13:29 - 856539818 _____ C:\Users\Quelqu'un\Downloads\Guts_and_Glory_v0.3.3_Windows.zip
2016-12-08 22:14 - 2016-12-08 22:15 - 02617928 _____ C:\Users\Quelqu'un\Downloads\Ivan Rebroff - Cossack Patrol.mp3
2016-12-08 22:09 - 2016-12-08 22:15 - 04543360 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Polyushka Polye.mp3
2016-12-08 22:07 - 2016-12-08 22:15 - 02628147 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir The Red Army Is the Strongest..mp3
2016-12-08 22:06 - 2016-12-08 22:15 - 06975936 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Korobeiniki..mp3
2016-12-08 21:59 - 2016-12-08 22:15 - 06497792 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir- Kalinka..mp3
2016-12-08 21:58 - 2016-12-08 22:15 - 03225984 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Smuglianka..mp3
2016-12-08 21:58 - 2016-12-08 22:15 - 02506368 _____ C:\Users\Quelqu'un\Downloads\Red Army Choir Katusha.mp3
2016-12-08 21:44 - 2016-12-08 22:14 - 03393920 _____ C:\Users\Quelqu'un\Downloads\Emmenez moi Charles Aznavour Paroles.mp3
2016-12-08 21:35 - 2016-12-08 22:15 - 04698816 _____ C:\Users\Quelqu'un\Downloads\Roger Whittaker Mon Pays Bleu.mp3
2016-12-08 21:32 - 2016-12-08 22:15 - 03033442 _____ C:\Users\Quelqu'un\Downloads\Roger Whittaker Mistral 1969.mp3
2016-12-08 19:09 - 2016-12-08 19:09 - 00001270 _____ C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II.lnk
2016-12-08 18:59 - 2016-12-08 18:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-08 18:35 - 2016-12-12 15:43 - 00000000 ____D C:\Program Files\Diablo II
2016-12-07 17:33 - 2016-12-07 17:33 - 00276376 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00168856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00143768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00138136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-12-07 17:33 - 2016-12-07 17:33 - 00117656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00922512 _____ (AMD) C:\WINDOWS\system32\coinst_16.50.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00290712 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-12-07 17:32 - 2016-12-07 17:32 - 00284056 _____ C:\WINDOWS\system32\GameManager64.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00277912 _____ C:\WINDOWS\system32\clinfo.exe
2016-12-07 17:32 - 2016-12-07 17:32 - 00248728 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00242072 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00126360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00029080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-12-07 17:32 - 2016-12-07 17:32 - 00029080 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00539544 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00467352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00298904 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00239000 _____ C:\WINDOWS\system32\atieah64.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00216984 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-12-07 17:31 - 2016-12-07 17:31 - 00211864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00185240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00149504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00145872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00119192 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00110488 _____ C:\WINDOWS\system32\atidxx64.dll
2016-12-07 17:31 - 2016-12-07 17:31 - 00098200 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 02495896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 02178968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 01015704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 01015704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-12-07 17:30 - 2016-12-07 17:30 - 00411032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-12-07 17:30 - 2016-12-07 17:30 - 00068504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 09945496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 08082328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00121240 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00112024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00108440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-12-07 17:29 - 2016-12-07 17:29 - 00096152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00853912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00688024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00091544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-12-07 17:28 - 2016-12-07 17:28 - 00075160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-12-07 17:27 - 2016-12-07 17:27 - 00256920 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-12-07 17:27 - 2016-12-07 17:27 - 00229784 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-12-07 17:23 - 2016-12-07 17:23 - 00119736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-12-07 17:23 - 2016-12-07 17:23 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00474984 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00151448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00135280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00124920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00119736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00112960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-12-07 17:22 - 2016-12-07 17:22 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-12-07 11:42 - 2016-12-15 17:09 - 00000000 ___RD C:\Users\Quelqu'un\Documents\NetBeansProjects
2016-12-07 02:53 - 2016-12-07 02:53 - 00154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-12-07 02:53 - 2016-12-07 02:53 - 00119856 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-12-07 02:53 - 2016-12-07 02:53 - 00115984 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-12-07 02:52 - 2016-12-07 02:52 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-12-07 02:52 - 2016-12-07 02:52 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-12-07 02:52 - 2016-12-07 02:52 - 00776464 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-12-07 02:52 - 2016-12-07 02:52 - 00776464 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-12-07 02:52 - 2016-12-07 02:52 - 00019391 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-12-07 02:52 - 2016-12-07 02:52 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-12-07 02:52 - 2016-12-07 02:52 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-06 18:44 - 2016-11-18 14:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-06 18:10 - 2016-06-09 21:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-06 17:44 - 2016-12-05 15:24 - 00003574 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-06 17:44 - 2016-12-05 15:24 - 00003350 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-06 17:44 - 2016-11-18 15:28 - 00002890 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-01-06 17:44 - 2016-11-18 15:28 - 00002814 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-PC-Quelqu'un
2017-01-06 17:44 - 2016-11-18 15:28 - 00002648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-01-06 16:48 - 2016-11-24 18:06 - 00000000 ____D C:\Users\Quelqu'un\AppData\LocalLow\Mozilla
2017-01-06 16:45 - 2016-11-18 15:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-06 16:44 - 2016-11-18 14:40 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-06 16:44 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-06 15:38 - 2016-06-13 20:14 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\vlc
2017-01-06 15:14 - 2016-11-18 14:44 - 02404426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-06 15:14 - 2016-07-16 17:40 - 00969820 _____ C:\WINDOWS\system32\perfh00C.dat
2017-01-06 15:14 - 2016-07-16 17:40 - 00225874 _____ C:\WINDOWS\system32\perfc00C.dat
2017-01-06 15:13 - 2016-06-09 10:23 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Adobe
2017-01-06 01:02 - 2016-10-01 21:42 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\tor
2017-01-06 00:14 - 2016-11-18 14:44 - 00000000 ____D C:\Users\Quelqu'un
2017-01-06 00:13 - 2016-10-25 16:22 - 00000000 ____D C:\WINDOWS\pss
2017-01-06 00:01 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-05 23:03 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-05 21:03 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\Media
2017-01-05 20:52 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 20:47 - 2016-06-09 06:05 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\Packages
2017-01-05 20:46 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-05 19:41 - 2016-09-01 10:28 - 00000000 ____D C:\Program Files\Waterfox
2017-01-05 19:03 - 2016-06-09 10:56 - 00000000 ____D C:\Users\Quelqu'un\AppData\Local\ElevatedDiagnostics
2017-01-05 18:51 - 2016-11-07 15:32 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Azureus
2017-01-05 18:51 - 2016-10-07 10:31 - 00000000 ____D C:\ProgramData\KMSAutoS
2017-01-05 18:51 - 2016-07-23 13:13 - 00000000 ____D C:\Program Files\Broforce
2017-01-05 18:51 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-05 18:51 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-05 18:51 - 2016-06-20 19:38 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Winamp
2017-01-05 18:43 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\registration
2017-01-05 15:39 - 2016-11-28 23:05 - 00000600 _____ C:\Users\Quelqu'un\AppData\Roaming\winscp.rnd
2017-01-04 22:17 - 2016-11-07 15:35 - 00000000 ___RD C:\Users\Quelqu'un\Documents\Vuze Downloads
2017-01-04 01:46 - 2016-11-18 14:35 - 05036400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-02 00:07 - 2016-11-18 14:40 - 00000000 ____D C:\Program Files\AMD
2016-12-30 03:20 - 2016-06-09 06:05 - 00000000 ___RD C:\Users\Quelqu'un\Pictures
2016-12-29 23:13 - 2016-06-09 06:05 - 00000000 ___RD C:\Users\Quelqu'un\Videos
2016-12-29 07:35 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-29 07:35 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-29 07:02 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\drivers
2016-12-28 23:55 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-28 21:59 - 2016-06-09 21:50 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-28 21:58 - 2016-09-12 23:03 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-28 21:58 - 2015-06-16 20:56 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-28 21:54 - 2016-11-18 18:59 - 00042458 _____ C:\WINDOWS\PFRO.log
2016-12-28 11:36 - 2016-06-09 21:50 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-12-28 11:35 - 2016-04-27 00:38 - 00524288 ___SH C:\Users\Administrateur\NTUSER.DAT
2016-12-28 10:21 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-28 10:20 - 2016-07-16 01:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-12-28 10:20 - 2016-07-16 01:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-28 10:19 - 2016-07-16 06:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-28 10:19 - 2016-07-16 06:47 - 00000000 ___HD C:\ProgramData
2016-12-28 10:19 - 2015-10-30 01:28 - 00000000 ____D C:\Users\Default.migrated
2016-12-24 18:39 - 2016-06-19 21:24 - 00000000 ____D C:\War2Combat
2016-12-24 06:41 - 2016-11-18 14:44 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming
2016-12-24 06:41 - 2016-06-09 06:05 - 00000000 ___RD C:\Users\Quelqu'un\Documents
2016-12-22 16:18 - 2015-09-03 04:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-21 21:45 - 2016-06-28 11:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-21 21:35 - 2016-06-09 18:32 - 00000000 ____D C:\Users\Quelqu'un\AppData\Roaming\Skype
2016-12-21 20:50 - 2016-10-05 19:56 - 00195126 _____ C:\Users\Quelqu'un\Downloads\useragents.xml
2016-12-19 23:48 - 2016-06-09 06:06 - 00000000 ___RD C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-19 22:11 - 2016-06-09 06:05 - 00000000 ____D C:\Users\Quelqu'un\AppData\LocalLow
2016-12-19 03:41 - 2016-06-12 10:02 - 00000000 ____D C:\Users\Quelqu'un\Documents\My Games
2016-12-18 04:18 - 2016-10-01 16:50 - 00000000 ____D C:\Program Files (x86)\AMD
2016-12-18 04:15 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-18 04:08 - 2016-11-16 10:41 - 00000000 ____D C:\AMD
2016-12-15 17:05 - 2016-09-28 16:04 - 00000000 ___RD C:\Users\Quelqu'un\Documents\Visual Studio 2015
2016-12-15 13:57 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-11 23:36 - 2016-10-25 17:00 - 00000000 ___RD C:\Users\Quelqu'un\Documents\Important
2016-12-10 03:38 - 2016-12-05 15:25 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-08 20:43 - 2016-06-25 02:14 - 00000000 ___SD C:\Users\Quelqu'un\Documents\Home
2016-12-08 18:58 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-08 18:58 - 2016-07-16 01:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-08 18:58 - 2016-06-09 08:47 - 00140922 _____ C:\WINDOWS\DirectX.log
2016-12-07 17:30 - 2015-08-23 20:25 - 01355672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll

==================== Files in the root of some directories =======

2016-07-06 15:05 - 2016-07-06 15:08 - 0000820 _____ () C:\Users\Quelqu'un\AppData\Roaming\MPQEditor.ini
2016-11-28 23:05 - 2017-01-05 15:39 - 0000600 _____ () C:\Users\Quelqu'un\AppData\Roaming\winscp.rnd
2016-08-15 17:20 - 2016-08-15 17:20 - 0001472 _____ () C:\Users\Quelqu'un\AppData\Local\recently-used.xbel
2016-08-15 10:45 - 2016-08-15 10:45 - 0007595 _____ () C:\Users\Quelqu'un\AppData\Local\Resmon.ResmonCfg
2016-11-18 14:41 - 2016-11-18 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-07 05:49 - 2017-01-05 22:48 - 0019535 _____ () C:\ProgramData\empty.ico

Some files in TEMP:
====================
C:\Users\Quelqu'un\AppData\Local\Temp\Hola-Setup-x64-1.21.641.exe
C:\Users\Quelqu'un\AppData\Local\Temp\i4jdel0.exe
C:\Users\Quelqu'un\AppData\Local\Temp\i4jdel1.exe
C:\Users\Quelqu'un\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-03 20:22




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Quelqu'un (06-01-2017 18:50:24)
Running from C:\Users\Quelqu'un\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-18 20:38:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-3980963936-1557843195-203842877-500 - Administrator - Disabled)
battlecruiser (S-1-5-21-3980963936-1557843195-203842877-1003 - Limited - Enabled) => C:\Users\battlecruiser
DefaultAccount (S-1-5-21-3980963936-1557843195-203842877-503 - Limited - Disabled)
Invité (S-1-5-21-3980963936-1557843195-203842877-501 - Limited - Disabled)
Quelqu'un (S-1-5-21-3980963936-1557843195-203842877-1001 - Administrator - Enabled) => C:\Users\Quelqu'un

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Active Directory Authentication Library for SQL Server (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.270 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Antidote 8 (HKLM-x32\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.05.1877 - Druide informatique inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
Apache Tomcat 8.0.27 (HKLM\...\nbi-tomcat-8.0.27.0.0) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.710 - Broadcom Corporation)
Broforce (HKLM-x32\...\1470490225_is1) (Version: 2.0.0.2 - GOG.com)
Catalyst Control Center Next Localization BR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Ext2Fsd 0.68 (HKLM\...\Ext2Fsd_is1) (Version: 0.68 - Matt Wu)
Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios)
Fable - The Lost Chapters (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Far Manager 3 x64 (HKLM\...\{EA526B11-07F0-4958-9F69-AE8A159383EE}) (Version: 3.0.4774 - Eugene Roshal & Far Group)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version: - )
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kingdom Rush (HKLM-x32\...\S2luZ2RvbVJ1c2g=_is1) (Version: 1 - )
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
Knights of Pen and Paper (HKLM-x32\...\Knights of Pen and Paper_is1) (Version: - Paradox Interactive)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 with Update 2 (HKLM-x32\...\{675a5109-38d6-406c-9e75-d0e922f87a58}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Oracle VM VirtualBox 5.1.2 (HKLM\...\{629314D8-8CB7-45F4-8C48-20EF2E330430}) (Version: 5.1.2 - Oracle Corporation)
OTTTD Deluxe Edition 1.27 (HKLM-x32\...\OTTTD Deluxe Edition 1.27) (Version: 1.27 - Cat-A-Cat)
PlagueInc ver. 1.0.4 (MP.94) (HKLM-x32\...\{CE24C9D7-7DFB-41A9-B6DF-AAE3BA40A56A}_is1) (Version: 1.0.4 (MP.94) - Numantian Games)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
Quake 2 - id Software v3.20 (HKLM-x32\...\Quake 2 - id Software) (Version: v3.20 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
ReiBoot (HKLM-x32\...\ReiBoot) (Version: - Tenorshare, Inc.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4641.1002 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.3104.1200 - Microsoft Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II: Heart of the Swarm (c) Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Startup Sound Changer (HKLM-x32\...\Startup Sound Changer) (Version: 1.0 - hxxp://winreview.ru/)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Torchlight (HKLM-x32\...\GOGPACKTORCHLIGHT_is1) (Version: 2.0.0.12 - GOG.com)
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.29.0 - Microsoft Corporation) Hidden
UBCD4Win 3.60 (HKLM-x32\...\UBCD4Win_is1) (Version: - UBCD4Win Team - Benjamin Burrows)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-4) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)
War2Combat version 4.01 (HKLM-x32\...\War2Combat_is1) (Version: 4.01 - War2 RU Admins)
War2Music version 1.01 (HKLM-x32\...\War2Music_is1) (Version: 1.01 - War2 RU Admins)
Warcraft 3 (HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Warcraft 3) (Version: - )
Waterfox 50.1.0 (x64 en-US) (HKLM\...\Waterfox 50.1.0 (x64 en-US)) (Version: 50.1.0 - Mozilla)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.6.0.8 - Winaero)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinX HD Video Converter Deluxe 5.9.4 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
Workflow Manager Client 1.0 (Version: 2.0.50408.1 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.50408.2 - Microsoft Corporation) Hidden
World of Warships (HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net)
YTD Video Downloader 5.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3980963936-1557843195-203842877-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16E03161-855B-4ADB-A58C-8D5CA0B0FBFE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-29] (Adobe Systems Incorporated)
Task: {3B2AEDAC-9A9C-4581-AEAF-515E45C227BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {48CAF313-47C3-40D9-BC58-51DD05389470} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {5EC66713-3A19-4420-B47B-86F08311706F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {652A4EC9-22E8-4D31-820F-4E725660E947} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2016-10-07] (MSFree Inc.)
Task: {7524F6F3-9C4A-47DE-83ED-28443E912CDB} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {7BF2F2EC-ED09-4135-9335-BF620BCB2D21} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Quelqu'un => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {89BC8B7D-1A8E-4C74-B3E6-AD36DBF2AAC8} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-03-22] (Microsoft Corporation)
Task: {8F911436-BC0E-4F51-BC09-97411C5BD1AD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {9B64515B-4396-4B3F-99DA-304E6E778955} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {A69D6F30-4E24-44A0-892B-D433473ED42B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-17] (Acer Incorporated)
Task: {B8CD01D7-F313-4F66-92C9-98A4E9451BFB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BBC0FF87-D744-4893-831D-BD171251BC74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {DF1DEBC0-8535-4D82-A9A8-DBE476D8A715} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {E5EB1DBD-C18D-4CF7-8E8A-0305691DB3C2} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {E83293C0-83EE-42A1-AE7F-802CD4C7BDF0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {E8A438D0-F362-4301-B112-77B4D097A8D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {EA243AC6-8BB1-485F-92CC-CBBD069F03F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-01] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-new-avatar-menu -- "%1"

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-11-18 15:59 - 2016-11-18 15:59 - 01864384 _____ () C:\Users\Quelqu'un\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-10-07 08:50 - 2016-10-30 11:12 - 08924864 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2010-01-09 19:17 - 2010-01-09 19:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:40 - 2010-01-21 00:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-12-29 07:35 - 2016-12-29 07:35 - 27242584 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-18 14:25 - 2016-11-18 14:25 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\hola.org -> hxxp://hola.org

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-01-06 17:10 - 2017-01-06 17:11 - 00000089 _RASH C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Quelqu'un\Pictures\quebec wallpaper.png
DNS Servers: 198.101.242.72 - 23.253.163.53
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: KMSEmulator => 2
MSCONFIG\Services: OpenVPNService => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AgentAntidote64"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Duet Display"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AgentAntidote32"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "VideoPaper"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "ClickfreeMonitor"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\StartupApproved\Run: => "CyberGhost"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{3E1E0254-EF99-4D9C-BA80-2761C83C6D00}] => C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0626610B-E39C-409A-A19C-E4865ED98641}] => C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0F43735D-FD09-457A-8AEB-FCF4638A6664}] => LPort=1688
FirewallRules: [{A2689DA6-1905-45F2-90DE-4695BD140E74}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C9554347-2280-4B53-88EC-72AB5140B112}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BAA45C4F-C677-41C8-8D77-854845901F93}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{81D1E5E1-DAAE-47B9-A884-AC9D8C2637E2}] => C:\Users\Quelqu'un\AppData\Roaming\Vuze Leap\VuzeLeap.exe
FirewallRules: [{AC125902-95C3-4AE2-B51F-1D4B97616A90}] => C:\Users\Quelqu'un\AppData\Roaming\Vuze Leap\VuzeLeap.exe
FirewallRules: [{FFD3A55B-0047-48A1-B780-4E4F124119FB}] => LPort=12292
FirewallRules: [{F1E6E278-0688-469E-8F74-6533A71EB4AF}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{74F610D1-A281-47EA-8AEA-974DF525F707}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{6EDA30C3-56EC-465F-861B-C2891DF1163F}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{A5C2A9EE-2427-485E-9ED4-6599E06D37EA}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{6AEA4017-6C9A-415E-9CB4-BCCB9629BBF8}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{DEBFCFE5-12F4-49EA-A4E7-859EFD48E92D}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{F13B5C71-C53B-47E8-B7B0-9BF73DFC5E3B}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CB5C45BF-6032-4A31-8034-1F1893D42040}] => C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{64DEFF18-3341-4BBE-A660-5BF16F36EA61}] => C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{DEBFCA68-385E-4159-9DDB-285A79DA6F55}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AFD0AAFC-3958-476A-A633-ED2E1BFA949E}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{52036570-7DA9-44DC-B723-A7280AB1F086}] => C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe
FirewallRules: [{6C9BF167-E3AE-4150-BA32-6960C83B2F66}] => C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
FirewallRules: [{BF15E24F-D713-4755-B7AD-F5C5840617B3}] => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE
FirewallRules: [{5968557C-02C9-48C1-BF86-418E296438AD}] => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
FirewallRules: [{60335FE7-CE23-4531-84EE-8A8538301DAA}] => %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{2B166593-0054-4B14-AD22-BA27AA798121}] => LPort=1900
FirewallRules: [{A5BC9DC4-ED69-4ED3-818D-2AE211DF642A}] => LPort=2869
FirewallRules: [{86A1A1FD-1FC9-4897-B00E-CB3101F83C5E}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FE9675AB-3364-4B14-AC77-8B184C7ABE9A}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{240F236A-A310-4D35-B1E0-3F53848B86B6}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{5367BE22-0F30-4CA8-BEE6-61E703168315}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E43CCB56-1FA9-4F90-9443-7A3C2FDD128B}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [UDP Query User{919B6464-A703-437F-9B9C-AB244969B607}C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe] => C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe
FirewallRules: [TCP Query User{98B1F5E4-367E-4C19-88AE-B227E55F46B1}C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe] => C:\program files (x86)\age of empire ii\age of empire ii - the conquerors.exe
FirewallRules: [{91852648-4E40-4394-ABCD-F9513D462D20}] => %ProgramFiles% (x86)\Castle Crashers\castle.exe
FirewallRules: [UDP Query User{4D8FCC0B-470D-4137-BDDB-AA4A1F96FBA2}C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe] => C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe
FirewallRules: [TCP Query User{CE24A54E-D074-4419-BB0B-818A302963F3}C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe] => C:\users\quelqu'un\desktop\igg-castlecrashers.v2.6\castle.exe
FirewallRules: [{FAFA3443-A6D1-46E2-8C5E-4D5698B118AE}] => %SystemDrive%\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{151A868B-4625-40E8-B207-BF796D8EB2E5}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{B2B93F2B-E47B-4772-B3BE-8102A2FCBAC7}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{1E3629EE-B9D4-4213-8890-58A9542BE06B}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{A1F8ABF5-8FD8-4164-AF02-1478E76EAAC6}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{CF72DB3B-73E1-41BC-90D1-C48BC6BD2B8C}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{85AEA8FE-AB2D-4C7E-B298-350EF2B1B2BE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{105F6DDE-C74D-418C-9407-DDE1E328B474}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9907E2C8-AED5-44C9-9015-1BBA6C14A533}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9218311B-6857-4121-973C-608024531D35}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A422D07E-E465-47D4-B0B4-2D207F0BC204}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7D269628-44BD-45A0-AC71-872222FF8CB2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A69E186-FF6E-4EF0-97AA-B2C377B0B798}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{057B6E28-2CCC-4886-AF60-6AFA163E9911}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B36C9E2-3983-412D-BF1B-080D51524ACA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC5C39B0-AEB7-46AE-8F01-AAB94A4A3057}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AB24DA3C-0D8E-487C-80E4-BDC2E0C5F5D8}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9FE723A9-427E-42CA-A09D-7FE91FC8DBAA}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{07F3CA98-374A-491E-AD9A-D46D76835435}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{88C6FB53-407E-40C6-8F30-9D2F5B094154}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{AD224DC2-BCF0-4BFE-8910-F239903E727F}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [TCP Query User{018D4912-2BB8-46EE-BA07-07220BC8BC84}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe] => C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe
FirewallRules: [UDP Query User{75B31E9E-DAEB-4601-964F-C0A9A71F10DB}C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe] => C:\program files (x86)\robot entertainment\orcs must die!\build\release\orcsmustdie.exe
FirewallRules: [{D33FEC0D-5966-46A0-97FC-852B978DC81F}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{661EF75C-84B6-4772-98C6-2E9B1CA46288}] => C:\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{1889A894-6227-426B-AF24-96F67422C3E0}] => C:\Program Files (x86)\WarThunder\win64\aces.exe
FirewallRules: [{953F4721-02A1-4163-B4BB-FCA6143AB772}] => C:\Program Files (x86)\WarThunder\win64\aces.exe
FirewallRules: [{CFEB9D65-8137-4CF2-8316-9D863FCFA654}] => C:\Program Files (x86)\WarThunder\win32\bpreport.exe
FirewallRules: [{2C795275-AEEF-4D28-ABE8-1E030081C9C0}] => C:\Program Files (x86)\WarThunder\win32\bpreport.exe
FirewallRules: [{3F77628F-2641-4557-96E2-5AAA14989DB3}] => C:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{5F8E90AE-957A-4C96-BE83-561E97F2FF36}] => C:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{46D54485-C600-4A82-B39A-0B34042E8154}] => C:\WarThunder\run.exe
FirewallRules: [{D49EA5DF-870D-42EA-B4CA-6D3354E2B4BD}] => C:\WarThunder\run.exe
FirewallRules: [{D75C142D-8286-4068-882C-57C99135FFF2}] => C:\Program Files (x86)\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{C671FB5D-C46F-45AA-ADD3-0E893FFFF68D}] => C:\Program Files (x86)\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{6F1945DC-9FEB-468A-A132-73E8397E46D6}] => C:\Program Files (x86)\World_of_Warships\worldofwarships.exe
FirewallRules: [{7B44ED3C-518D-4B7A-A1D4-D099CE521378}] => C:\Program Files (x86)\World_of_Warships\worldofwarships.exe
FirewallRules: [{D40CD0DB-6F04-4FB0-AC8D-604786933AAD}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A2FFCB29-CB06-4B1A-A65D-049C157A9396}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{94E37740-0E3E-4B56-9B52-BA4E64CE6580}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8BCB332F-EEC5-491E-ADD8-FE06CC6B1B7F}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D44DB049-9818-4055-A3DF-6800C2E6BDCC}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{75A3C0DA-A15A-4C1A-9D02-D1C9D11F6D20}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-12-2016 17:11:13 Point de contrôle planifié
28-12-2016 10:56:16 Point de contrôle planifié
01-01-2017 23:08:04 Removed Apple Software Update
05-01-2017 18:01:20 Restore Operation

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2017 06:17:34 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Détails :
(HRESULT : 0x80040210) (0x80040210)

Error: (01/06/2017 04:45:15 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 03:15:15 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Détails :
(HRESULT : 0x80040210) (0x80040210)

Error: (01/06/2017 03:10:36 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 12:43:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ZDoom\ZDoom.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.

Error: (01/06/2017 12:40:51 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 12:30:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ZDoom\ZDoom.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.

Error: (01/06/2017 12:25:35 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/06/2017 12:16:09 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Le fichier spécifié est introuvable.

Error: (01/06/2017 12:16:09 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Le fichier spécifié est introuvable.


System errors:
=============
Error: (01/06/2017 06:35:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:22 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2017 06:26:20 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user PC\Quelqu'un SID (S-1-5-21-3980963936-1557843195-203842877-1001) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.


==================== Memory info ===========================

Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 39%
Total physical RAM: 7114.26 MB
Available physical RAM: 4324.17 MB
Total Virtual: 8266.26 MB
Available Virtual: 5529.29 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:710.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC9A329D)

Partition: GPT.

==================== End of Addition.txt ============================

==================== End of FRST.txt ============================
 
Zemana Deep Scan.

  • Right click on Zemana and run as admin.
  • Click the Cog/Sproket Wheel, at the top right of Zemana
  • Select Advanced - I have read the warning and wish to proceed.
  • Place a tick next to Detect Suspicious (Root CA) Certificates.
  • Then click the house icon in Zemana.
  • Then hit your start button at the lower left hand corner of your desktop.
  • Then left click on Computer.
  • Drag Local Disk C: Into the area of Zemana that reads Drag and drop files here to scan them.
  • bOVO6lY.png
  • Once the scan has completed click graph icon on the top right of the programs User interface.
  • Double click to open the latest log-file.
  • Copy it to your clipboard.
  • Post the log here in your next reply.


JRT Scan.


Please download Junkware Removal Tool and save it on your desktop.



  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Adware Removal Tool Scan.

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png


Hit Ok.

sYFsqHx.png


Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
I have Kaspersky Internet Security, which is a professional anti-virus. My Pc is most likely clean and if it's not, those programs won't scan better than Kaspersky, so they wont find out, can we please get to the next step
 
Jérémie said:
I have Kaspersky Internet Security, which is a professional anti-virus.
Click to expand...

There is a need to run these tools. After seeing your logs the assessment was made to run those tools.

It is thinking like that which has gotten you where you are right now. Just because you have a paid antivirus, it does not mean your machine is bullet proof.

FRST Fix.


Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

since the problem is clearly in the O.S., if I restore from a restore point that was made a month (approx) ago, will it make the OS work like it did before or will it only change my programs?
 
I think you should go ahead and run the fix, within the fix is the solution.
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Quelqu'un (06-01-2017 20:09:01) Run:1
Running from C:\Users\Quelqu'un\Desktop
Loaded Profiles: Quelqu'un (Available Profiles: Quelqu'un & battlecruiser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoWinkeys] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\...\Policies\Explorer: [NoInstrumentation] 1
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05ef7c5a-aaf5-4007-a27d-38eb014e8614}: [NameServer] 198.101.242.72,23.253.163.53,25.0.0.1
Tcpip\..\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}: [DhcpNameServer] 10.17.0.1
Tcpip\..\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{39461d4f-e9a6-4516-86b0-6cb9ce9f4ea9}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{77c6b013-46a0-4bb6-89f9-8e7ea791f25e}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{79816788-6263-4ca0-9ac7-68e40a1b3678}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}: [DhcpNameServer] 10.10.10.10
Tcpip\..\Interfaces\{c173450f-f5a5-46db-8693-2cc6eb093a35}: [NameServer] 198.101.242.72,23.253.163.53
Tcpip\..\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}: [NameServer] 198.101.242.72,23.253.163.53,192.168.1.1
Tcpip\..\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}: [DhcpNameServer] 192.168.1.1
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> DefaultScope {7628DB24-0587-48AE-9CE3-B830B02E9BC0} URL =
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> {7628DB24-0587-48AE-9CE3-B830B02E9BC0} URL =
SearchScopes: HKU\S-1-5-21-3980963936-1557843195-203842877-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://cf.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-10-04] (Oracle Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\SYSTEM32\mscoree.dll [2016-07-16] (Microsoft Corporation)
FF Homepage: Mozilla\Firefox\Profiles\u676v7ok.default -> file:///C:/Users/Quelqu'un/Documents/Home/New Homepage.html
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl_port", 4444
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> type", 0
FF Extension: (newtab.url) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\@newtaburl.xpi [2016-06-28]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\abb@amazon.com.xpi [2016-06-09]
FF Extension: (Adblock Plus) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-25]
FF Extension: (newtab.url) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\@newtaburl.xpi [2016-09-02]
FF Extension: (HackBar) - C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-12-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
CHR StartupUrls: Profile 2 -> "file:///C:/Users/Quelqu'un/Documents/Home/Homepage.html"
CHR Extension: (YouTube) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2016-12-05]
CHR HKLM\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <no Path/update_url>
S4 TenorshareReibootService; C:\Users\Quelqu'un\Downloads\ReiBoot\TenorshareReibootService.exe [X]
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]
2017-01-05 18:51 - 2016-10-07 10:31 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-07-06 15:05 - 2016-07-06 15:08 - 0000820 _____ () C:\Users\Quelqu'un\AppData\Roaming\MPQEditor.ini
2016-11-28 23:05 - 2017-01-05 15:39 - 0000600 _____ () C:\Users\Quelqu'un\AppData\Roaming\winscp.rnd
2016-08-15 17:20 - 2016-08-15 17:20 - 0001472 _____ () C:\Users\Quelqu'un\AppData\Local\recently-used.xbel
2016-08-15 10:45 - 2016-08-15 10:45 - 0007595 _____ () C:\Users\Quelqu'un\AppData\Local\Resmon.ResmonCfg
2016-11-18 14:41 - 2016-11-18 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-07 05:49 - 2017-01-05 22:48 - 0019535 _____ () C:\ProgramData\empty.ico
Task: {652A4EC9-22E8-4D31-820F-4E725660E947} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2016-10-07] (MSFree Inc.)
Task: {7524F6F3-9C4A-47DE-83ED-28443E912CDB} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {A69D6F30-4E24-44A0-892B-D433473ED42B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-17] (Acer Incorporated)
Task: {B8CD01D7-F313-4F66-92C9-98A4E9451BFB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E83293C0-83EE-42A1-AE7F-802CD4C7BDF0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
C:\Program Files\Acer\User Experience Improvement Program
ShortcutWithArgument: C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-new-avatar-menu -- "%1"
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
GroupPolicy: Restriction <======= ATTENTION
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
S4 KMSEmulator; C:\ProgramData\KMSAutoS\bin\KMSSS.exe [301056 2015-07-23] (MDL Forum, mod by Ratiborus) [File not signed]
2017-01-05 18:51 - 2016-10-07 10:31 - 00000000 ____D C:\ProgramData\KMSAutoS
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
YTD Video Downloader 5.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL) <==== ATTENTION
Task: {B8CD01D7-F313-4F66-92C9-98A4E9451BFB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B8CD01D7-F313-4F66-92C9-98A4E9451BFB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {652A4EC9-22E8-4D31-820F-4E725660E947} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2016-10-07] (MSFree Inc.)
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
reboot:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoPreviewPane => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWinkeys => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCANetwork => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAVolume => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{05ef7c5a-aaf5-4007-a27d-38eb014e8614}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1e857cd1-da1f-4ef5-bf7a-348a2afe1988}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{360f2aa3-d847-493b-95c3-e7ed0bddc2b2}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{39461d4f-e9a6-4516-86b0-6cb9ce9f4ea9}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{77c6b013-46a0-4bb6-89f9-8e7ea791f25e}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{79816788-6263-4ca0-9ac7-68e40a1b3678}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9fc13bb4-5466-4402-a923-c247d0df61e4}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c173450f-f5a5-46db-8693-2cc6eb093a35}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d8485dc9-462b-4d4b-b356-c770f8ee2a2c}\\DhcpNameServer => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => key removed successfully
HKCR\CLSID\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => key removed successfully
HKCR\Wow6432Node\CLSID\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => key not found.
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7628DB24-0587-48AE-9CE3-B830B02E9BC0} => key removed successfully
HKCR\CLSID\{7628DB24-0587-48AE-9CE3-B830B02E9BC0} => key not found.
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => key removed successfully
HKCR\CLSID\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => key removed successfully
HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a666-2bd8835eb6ce} => value removed successfully
HKCR\CLSID\{d2bf470e-ed1c-487f-a666-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a777-2bd8835eb6ce} => value removed successfully
HKCR\CLSID\{d2bf470e-ed1c-487f-a777-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} => value removed successfully
HKCR\CLSID\{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a300-2bd8835eb6ce} => value removed successfully
HKCR\CLSID\{d2bf470e-ed1c-487f-a300-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a666-2bd8835eb6ce} => value removed successfully
HKCR\Wow6432Node\CLSID\{d2bf470e-ed1c-487f-a666-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a777-2bd8835eb6ce} => value removed successfully
HKCR\Wow6432Node\CLSID\{d2bf470e-ed1c-487f-a777-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} => value removed successfully
HKCR\Wow6432Node\CLSID\{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a300-2bd8835eb6ce} => value removed successfully
HKCR\Wow6432Node\CLSID\{d2bf470e-ed1c-487f-a300-2bd8835eb6ce} => key not found.
Firefox "homepage" removed successfully
Firefox Proxy settings were reset.
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ftp_port", 4444 => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http", "127.0.0.1" => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> http_port", 4444 => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks", "127.0.0.1" => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> socks_port", 4444 => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl", "127.0.0.1" => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> ssl_port", 4444 => not found
FF NetworkProxy: Mozilla\Firefox\Profiles\u676v7ok.default -> type", 0 => not found
C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\@newtaburl.xpi => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\abb@amazon.com.xpi => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\u676v7ok.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\@newtaburl.xpi => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\Mozilla\Firefox\Profiles\36kffurb.Default User\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi => path removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF} => value removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => not found.
Chrome StartupUrls => removed successfully
C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo => moved successfully
C:\Users\Quelqu'un\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\pfcgjlglddicjopgimohdcbmabacamll => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfcgjlglddicjopgimohdcbmabacamll => key removed successfully
HKLM\System\CurrentControlSet\Services\TenorshareReibootService => key removed successfully
TenorshareReibootService => service removed successfully
HKLM\System\CurrentControlSet\Services\klids => key could not remove, key could be protected
C:\ProgramData\KMSAutoS => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\MPQEditor.ini => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\winscp.rnd => moved successfully
C:\Users\Quelqu'un\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Quelqu'un\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\empty.ico => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{652A4EC9-22E8-4D31-820F-4E725660E947} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652A4EC9-22E8-4D31-820F-4E725660E947} => key removed successfully
C:\WINDOWS\System32\Tasks\KMSAutoNet => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7524F6F3-9C4A-47DE-83ED-28443E912CDB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7524F6F3-9C4A-47DE-83ED-28443E912CDB} => key removed successfully
C:\WINDOWS\System32\Tasks\FUBTrackingByPLD => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FUBTrackingByPLD => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A69D6F30-4E24-44A0-892B-D433473ED42B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A69D6F30-4E24-44A0-892B-D433473ED42B} => key removed successfully
C:\WINDOWS\System32\Tasks\Quick Access => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8CD01D7-F313-4F66-92C9-98A4E9451BFB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CD01D7-F313-4F66-92C9-98A4E9451BFB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E83293C0-83EE-42A1-AE7F-802CD4C7BDF0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E83293C0-83EE-42A1-AE7F-802CD4C7BDF0} => key removed successfully
C:\WINDOWS\System32\Tasks\UbtFrameworkService => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService => key removed successfully
C:\Program Files\Acer\User Experience Improvement Program => moved successfully
C:\Users\Quelqu'un\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsNetHood => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => key not found.
HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => key not found.
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => key removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\System\CurrentControlSet\Services\KMSEmulator => key removed successfully
KMSEmulator => service removed successfully
"C:\ProgramData\KMSAutoS" => not found.
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) => Error: No automatic fix found for this entry.
YTD Video Downloader 5.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CD01D7-F313-4F66-92C9-98A4E9451BFB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CD01D7-F313-4F66-92C9-98A4E9451BFB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652A4EC9-22E8-4D31-820F-4E725660E947} => key not found.
C:\WINDOWS\System32\Tasks\KMSAutoNet => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet => key not found.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3980963936-1557843195-203842877-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state Off =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Route, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Connexion au r‚seau local* 3 while it has its media disconnected.
No operation can be performed on Connexion au r‚seau local* 5 while it has its media disconnected.
No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Ethernet 3 while it has its media disconnected.
No operation can be performed on Ethernet 4 while it has its media disconnected.
No operation can be performed on Ethernet 5 while it has its media disconnected.
No operation can be performed on Connexion r‚seau Bluetooth while it has its media disconnected.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Connexion au r‚seau local* 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Connexion au r‚seau local* 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::a495:2271:fa60:dcb9%20
Default Gateway . . . . . . . . . :

Ethernet adapter Connexion r‚seau Bluetooth:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Connexion au r‚seau local* 3 while it has its media disconnected.
No operation can be performed on Connexion au r‚seau local* 5 while it has its media disconnected.
No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Ethernet 3 while it has its media disconnected.
No operation can be performed on Ethernet 4 while it has its media disconnected.
No operation can be performed on Ethernet 5 while it has its media disconnected.
No operation can be performed on Connexion r‚seau Bluetooth while it has its media disconnected.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Connexion au r‚seau local* 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Connexion au r‚seau local* 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::a495:2271:fa60:dcb9%20
IPv4 Address. . . . . . . . . . . : 192.168.1.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

Ethernet adapter Connexion r‚seau Bluetooth:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

========= End of CMD: =========


========= netsh int ipv4 reset =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Route, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52145232 B
Java, Flash, Steam htmlcache => 244406856 B
Windows/system/drivers => 23359943 B
Edge => 10839703 B
Chrome => 423377427 B
Firefox => 78354257 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 928742 B
NetworkService => 0 B
Quelqu'un => 5013784555 B
battlecruiser => 0 B

RecycleBin => 257702 B
EmptyTemp: => 5.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:11:28 ====
 
I do not think that a system restore point will work since, it was disabled.

I think the best course of action is for you to run the other tools, then we will repair the OS with the windows all in one repair tool. You are not out of the hot water yet, I suspect there is still malware on this machine.
 
So, go ahead and run the other tools that I posted.
Once I am certain that you are clear of malware then we will attempt to fix the error.
Trying to fix it at this point may just lead back to the same errors.
 
Status
Not open for further replies.
Top Bottom