Inactive 1 year old laptop extremely slow, taking 10 minute to boot

Status
Not open for further replies.

ImmmCanadian

TS Rookie
Hi guys!

Thanks for the help, currently it has been 1 year since I bought this laptop and it was really fine with boot times etc before I started to install things. I have had multiple issues with malware, trojans, and viruses in the past which I solved but now they are coming back. Booting up is so bad it black screens due to the fact of how it takes to long to load, and on boot cmd.exe opens up and says Acess denied.

Thanks!
 

Broni

Malware Annihilator
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/topics/updated-4-step-viruses-spyware-malware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 

ImmmCanadian

TS Rookie
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Exécuté par Noah (administrateur) sur LAPTOP-SS12IVD9 (28-01-2018 00:25:17)
Exécuté depuis C:\Users\Noah\Downloads
Profils chargés: Noah (Profils disponibles: Noah)
Platform: Windows 10 Home Version 1703 15063.786 (X64) Langue: French (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool:

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Users\Noah\Desktop\Wallpaper.Engine.Build.1.0.700\bin\wallpaperservice32_c.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TunnelBear) C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Users\Noah\Desktop\Wallpaper.Engine.Build.1.0.700\wallpaper32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\Noah\AppData\Local\Discord\app-0.0.299\Discord.exe
(Discord Inc.) C:\Users\Noah\AppData\Local\Discord\app-0.0.299\Discord.exe
(Discord Inc.) C:\Users\Noah\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Noah\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Noah\AppData\Local\Discord\app-0.0.300\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\remsh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-05-31] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16695816 2016-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1462792 2016-08-19] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.)
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\Run: [Discord] => C:\Users\Noah\AppData\Local\Discord\app-0.0.299\Discord.exe [57954808 2017-12-11] (Discord Inc.)
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Noah\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment)
Startup: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-05-01]
ShortcutTarget: Twitch.lnk -> C:\Users\Noah\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: 0.0.0.0 telemetry.malwarebytes.com
Tcpip\Parameters: [DhcpNameServer] 212.166.211.1 62.81.29.254
Tcpip\..\Interfaces\{01fb1adc-aec6-43e7-9e60-9b3342253daa}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{18f2d898-fc11-4739-a414-887c8682d51b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7a4f4c50-f7dd-4a3b-905c-fce65ca24633}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{d4db830a-e481-4ef4-82d6-a79c0ffecd3d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{d4db830a-e481-4ef4-82d6-a79c0ffecd3d}: [DhcpNameServer] 212.166.211.1 62.81.29.254
Tcpip\..\Interfaces\{e3ac8cf5-d649-4f60-915d-17852e4a8e26}: [DhcpNameServer] 212.166.211.1 62.81.29.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> DefaultScope {4529518C-D5E7-4BCD-999F-0D1384054C7B} URL =
SearchScopes: HKLM-x32 -> DefaultScope {4529518C-D5E7-4BCD-999F-0D1384054C7B} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-10] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-13] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: q4lmgnoz.default
FF ProfilePath: C:\Users\Noah\AppData\Roaming\Mozilla\Firefox\Profiles\q4lmgnoz.default [2017-07-29]
FF Homepage: Mozilla\Firefox\Profiles\q4lmgnoz.default -> hxxps://www.malwarebytes.org/restorebrowser/_btrnt_17_13&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Des%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyCyDtAtAtDtCtAtC0A0D0B0E0B0CyEtN0D0Tzu0StCzytCyCtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyB0C0CyE0EyB0DzytGtDzy0E0BtG0D0AtDtBtGyC0F0FtDtG0Bzy0E0FtC0FtCtAyCtC0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyByCtAyEzz0FyEtG0E0BtBtDtGyEtCtCtCtG0B0E0DyDtG0DyB0F0AtC0EtCtCyD0D0CtC2QtN0A0LzuyE%26cr%3D1811615777%26a%3Dwncy_btrnt_17_13%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
FF NewTab: Mozilla\Firefox\Profiles\q4lmgnoz.default -> about:newtab
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Noah\AppData\Roaming\Mozilla\Firefox\Profiles\q4lmgnoz.default\Extensions\abb-acer@amazon.com [2016-12-25] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Users\Noah\AppData\Roaming\Mozilla\Firefox\Profiles\q4lmgnoz.default\Extensions\langpack-en-US@firefox.mozilla.org [2016-12-25] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Noah\AppData\Roaming\Mozilla\Firefox\Profiles\q4lmgnoz.default\Extensions\partnerdefaults@mozilla.com [2016-12-25] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-05-05] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2016-05-05] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-05-05] [Legacy]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-07] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR StartupUrls: Default -> "chrome://newtab/"
CHR Profile: C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default [2018-01-28]
CHR Extension: (Slides) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-25]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2018-01-22]
CHR Extension: (YouTube) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-25]
CHR Extension: (Adblock Plus) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Sheets) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-25]
CHR Extension: (AdBlock) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-01-28]
CHR Extension: (Search) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\haadhckgdeckdelhfnjobdfhdmofjfgk [2017-04-02]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2017-11-17]
CHR Extension: (Grammarly for Chrome) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-01-27]
CHR Extension: (Kaspersky Protection) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-07-07]
CHR Extension: (Search Manager) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2018-01-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\Noah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-11-26] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278616 2017-03-20] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2016-12-25] (EasyAntiCheat Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-05-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Fichier non signé]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26608 2016-07-12] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-16] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe [426416 2017-07-07] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-28] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [Fichier non signé]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-05-23] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-05-23] (Acer Incorporated)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [38272 2016-12-16] (TunnelBear)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
R2 Wallpaper Engine Service; C:\Users\Noah\Desktop\Wallpaper.Engine.Build.1.0.700\bin\wallpaperservice32_c.exe [25600 2017-04-27] () [Fichier non signé]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-12] (Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-12] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2016-12-22] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86240 2016-12-27] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [206528 2017-07-07] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [522736 2017-07-07] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1052352 2017-07-07] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-04-18] (AO Kaspersky Lab)
R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-07-07] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-08-01] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-07-07] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-07-07] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-07-07] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-04-18] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199360 2017-07-07] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-05-23] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-11-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2018-01-25] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2018-01-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2018-01-25] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2018-01-27] (Malwarebytes)
R1 MpKsl81b2618a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D5225402-43BA-4160-B982-FA19DC4ADBDF}\MpKsl81b2618a.sys [58120 2018-01-22] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2c4bd92aa476af37\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-28] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-05-23] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57448 2015-10-22] (Synaptics Incorporated)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2016-10-17] (The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-04-21] (The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-12] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-12] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-01-28 00:25 - 2018-01-28 00:29 - 000029744 _____ C:\Users\Noah\Downloads\FRST.txt
2018-01-28 00:25 - 2018-01-28 00:25 - 000000000 ____D C:\Users\Noah\Downloads\FRST-OlderVersion
2018-01-28 00:24 - 2018-01-28 00:25 - 002393088 _____ (Farbar) C:\Users\Noah\Downloads\FRST64.exe
2018-01-28 00:24 - 2018-01-28 00:25 - 000000000 ____D C:\FRST
2018-01-25 11:16 - 2018-01-25 11:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-21 01:58 - 2018-01-21 01:59 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-12 09:35 - 2018-01-25 12:31 - 000000000 ____D C:\Program Files\rempl
2018-01-12 09:33 - 2018-01-12 09:33 - 001304707 _____ C:\Users\Noah\Downloads\M13 Spanish B SL paper 1 text booklet.pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-01-28 00:24 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-28 00:23 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-01-28 00:22 - 2016-12-26 04:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-28 00:19 - 2017-04-29 00:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-27 01:52 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-27 01:37 - 2017-04-19 20:11 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-27 00:47 - 2017-04-29 00:27 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C26129E8-D9C7-41E2-BF1E-60AAF243D98E}
2018-01-27 00:26 - 2017-07-07 17:29 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-01-27 00:26 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-27 00:14 - 2017-07-07 11:27 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-25 12:33 - 2017-08-11 17:57 - 000000000 ____D C:\Users\Noah\AppData\Roaming\discord
2018-01-25 11:33 - 2017-08-11 17:56 - 000000000 ____D C:\Users\Noah\AppData\Local\Discord
2018-01-25 11:17 - 2016-12-25 10:15 - 000000000 __SHD C:\Users\Noah\IntelGraphicsProfiles
2018-01-25 11:16 - 2017-07-07 11:27 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-01-25 11:16 - 2017-07-07 11:27 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-25 11:16 - 2017-07-07 11:27 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-25 11:15 - 2017-04-29 00:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-25 11:15 - 2017-04-29 00:00 - 000381952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-25 11:14 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-25 11:12 - 2017-04-29 00:07 - 000000000 ____D C:\Users\Noah
2018-01-23 00:10 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-23 00:10 - 2017-01-01 21:33 - 000000000 ____D C:\Program Files (x86)\Gyazo
2018-01-23 00:09 - 2017-04-29 00:27 - 000003540 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-01-23 00:09 - 2017-04-29 00:27 - 000003404 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2018-01-23 00:06 - 2016-09-12 15:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-22 23:27 - 2016-12-25 11:15 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-17 14:22 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration
2018-01-17 14:18 - 2017-04-29 00:35 - 000043818 _____ C:\WINDOWS\diagwrn.xml
2018-01-17 14:18 - 2017-04-29 00:35 - 000043818 _____ C:\WINDOWS\diagerr.xml
2018-01-17 10:47 - 2016-12-25 11:29 - 000000000 ____D C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-01-11 13:38 - 2016-12-25 16:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-11 13:01 - 2017-10-11 17:31 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-11 13:01 - 2016-12-25 16:22 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-11 09:23 - 2017-07-27 17:28 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3764114906-1958053506-3616233963-1001
2018-01-11 09:23 - 2016-12-25 10:20 - 000002368 _____ C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-11 09:23 - 2016-12-25 10:20 - 000000000 ___RD C:\Users\Noah\OneDrive
2018-01-09 12:49 - 2017-11-20 10:00 - 000000000 ____D C:\Users\Noah\Desktop\Java Programming
2017-12-30 01:48 - 2016-12-25 20:11 - 000000000 ____D C:\Program Files (x86)\Overwatch
2017-12-30 01:48 - 2016-12-25 19:48 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-12-30 01:43 - 2016-12-25 19:50 - 000000000 ____D C:\Users\Noah\AppData\Local\Battle.net

==================== Fichiers à la racine de certains dossiers =======

2017-04-29 11:55 - 2017-07-02 06:37 - 000000259 _____ () C:\Users\Noah\AppData\Roaming\WB.CFG

Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\{12B44EF6-0BE9-6ED2-28E2-7142A554CC69}.job


Certains fichiers dans TEMP:
====================
2017-09-01 17:35 - 2017-09-01 17:35 - 000017408 _____ (Red Hat®, Inc.) C:\Users\Noah\AppData\Local\Temp\jansi-32-3228091945960979070.dll
2017-05-04 20:21 - 2017-05-04 20:21 - 000058368 ____N () C:\Users\Noah\AppData\Local\Temp\jshortcut-6047776920638461567.dll
2017-06-02 17:25 - 2017-12-13 21:00 - 058818504 _____ (Skype Technologies S.A.) C:\Users\Noah\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-12-14 16:59

==================== Fin de FRST.txt ============================
 

Broni

Malware Annihilator
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Exécuté par Noah (28-01-2018 00:32:58)
Exécuté depuis C:\Users\Noah\Downloads
Windows 10 Home Version 1703 15063.786 (X64) (2017-04-28 23:39:37)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3764114906-1958053506-3616233963-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3764114906-1958053506-3616233963-503 - Limited - Disabled)
Invité (S-1-5-21-3764114906-1958053506-3616233963-501 - Limited - Disabled)
Noah (S-1-5-21-3764114906-1958053506-3616233963-1001 - Administrator - Enabled) => C:\Users\Noah

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-48a530bf-e0d2-4546-8ca9-330e01d1ed94) (Version: 3.0.2.118 - WildTangent) Hidden
A3Launcher version 0.1.5.0 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.5.0 - Maca134)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3021 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3004 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
ArmA3Sync 1.5.80 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.80 - The [S.o.E] team)
AutoHotkey 1.1.24.04 (HKLM\...\AutoHotkey) (Version: 1.1.24.04 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Breach & Clear (HKLM-x32\...\660082a1-5d0f-40d5-8f8c-828b87ab55c4) (Version: - Gambitious Digital Entertainment)
Crossout Launcher 1.0.3.18 (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\CrossOutLauncher_is1) (Version: - )
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.0.14.0 - Dashlane SAS)
Discord (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.77 - Riot Games, Inc.)
Home Makeover (HKLM-x32\...\WTA-365bbc02-f8be-42a4-9d5b-abf6f80ab673) (Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_10.0.26.0396) (Version: 10.0.26.0396 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): 3D Scan (HKLM-x32\...\{3E33B740-1D73-11E6-843C-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Blob/Contour Extraction (HKLM-x32\...\{3E6834C0-1D73-11E6-872D-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core (HKLM-x32\...\{4BAB7070-1D73-11E6-8844-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (HKLM-x32\...\{676C639E-1D73-11E6-BF2F-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Enhanced Photography And Videography (HKLM-x32\...\{3F2235F0-1D73-11E6-9252-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Object Tracking (HKLM-x32\...\{4A70A680-1D73-11E6-85F1-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Scene Perception (HKLM-x32\...\{6DB82CD1-1D73-11E6-9501-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): TouchlessController (HKLM-x32\...\{8414D0A1-1D73-11E6-87F2-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): TouchlessController: Models (HKLM-x32\...\{723EED70-1D73-11E6-9495-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): User Segmentation (HKLM-x32\...\{51040000-1D73-11E6-A45D-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Utilities (HKLM-x32\...\{4ED86D70-1D73-11E6-9148-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 8 Update 151 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180151}) (Version: 8.0.1510.12 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-1eb7bcbe-d7ae-4c84-b301-409878b1952c) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-70d2f668-a65b-4fab-80fc-b76c09de7465) (Version: 3.0.2.118 - WildTangent) Hidden
join.me (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\JoinMe) (Version: 3.1.0.4367 - LogMeIn, Inc.)
Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Magic Academy (HKLM-x32\...\WTA-afbd2202-2653-4b86-9eab-e98c5437c6d6) (Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.8.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.43 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
osu! (HKLM-x32\...\{4cee7a47-a368-4184-aa86-0434e8319306}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Path of Building version 1.4.59 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.59 - Openarl)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-1c8e44d1-2249-482a-839e-fd2aadf099a5) (Version: 3.0.2.59 - WildTangent) Hidden
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Roblox Player for Noah (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Rory's Restaurant (HKLM-x32\...\WTA-0f3dd366-b9f5-4c36-98b1-11bf976c544f) (Version: 3.0.2.126 - WildTangent) Hidden
Ruby 2.2.6-p396 (HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\{F4249FFD-42CD-4404-9534-170D074544F4}_is1) (Version: 2.2.6-p396 - RubyInstaller Team)
Runefall (HKLM-x32\...\WTA-06d0ffa3-2868-4619-be80-8538fb874a1e) (Version: 3.0.2.126 - WildTangent) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.0 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
TunnelBear (HKLM-x32\...\{1FD610E3-CE7E-4E4B-9978-E3E569D66E19}) (Version: 3.0.34.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{434c0622-6083-418a-85f1-122060c7fe55}) (Version: 3.0.34.0 - TunnelBear)
Twitch (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 32.1 - Ubisoft)
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Warframe (HKLM-x32\...\{5D8870B3-C5A0-4701-98B1-FF50C3952FE5}) (Version: 1.0.0 - Digital Extremes)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.12 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-07-07] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-07-07] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-07-07] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-28] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-07-07] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0481BC6E-5635-4CA5-9A47-AC5F661D507F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-01-20] ()
Task: {12830A5C-523C-4C85-9E5B-F062F7BBCD1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-12] (Microsoft Corporation)
Task: {148473CA-1F2D-4BBF-9FF8-52D8A8DCCCB2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-28] (NVIDIA Corporation)
Task: {1B2D3D03-9423-4DD5-BB97-3D6652C31AC5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] (Microsoft Corporation)
Task: {2788B0BA-89FF-4EA9-9BC4-EF8E2B074CB3} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {2D959417-F17D-447F-9366-738DFE8BB06C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-05-23] (Acer Incorporated)
Task: {2EA8D33F-08D8-4FB7-987A-0F684153B8EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {2FA311A8-089F-4566-9D28-6F11149C1A0A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {33848C97-8CF2-4661-8D4A-F7435C66B0EE} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {355F852A-7001-4393-A65A-7457F7E17AF9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-01-20] ()
Task: {3DF28DA5-B1B5-4219-AEF2-6764EBECCB86} - System32\Tasks\ibr1EGlkATpP => ibr1eglkatpp.exe
Task: {41DF6C4F-78C6-4861-8A95-31B6E4C0AE04} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {555EBE00-FE90-40DF-A930-A9ABEBE167FD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-28] (NVIDIA Corporation)
Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated)
Task: {5B99A680-47BE-42FF-8B60-0556846E24B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] (Microsoft Corporation)
Task: {6243C53A-9902-4D4F-B75E-DC3B5E6639B8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-28] (NVIDIA Corporation)
Task: {65C45EDF-9552-4B47-BD42-7E5C54A9DAB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-12] (Microsoft Corporation)
Task: {7EC3D87A-08AA-4DEB-908B-243868BE38E1} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {8060F9F3-A676-41AD-A688-1982F2AE6C6C} - System32\Tasks\{2C998EAF-6E6B-4770-B60B-368FBA0EF117} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/abandoninstall?page=tsInstall
Task: {82F098A9-6940-4BA7-ABC7-68893968D65F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-28] (NVIDIA Corporation)
Task: {830BD4B6-72A8-4787-AFAE-38EF977014F9} - \{12B44EF6-0BE9-6ED2-28E2-7142A554CC69} -> Pas de fichier <==== ATTENTION
Task: {957D62C4-4001-481D-A065-DF4E6FE6798A} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
Task: {A9960C88-E135-464C-BD60-D87288D9D255} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-05-23] (Acer Incorporated)
Task: {B0A1AD74-05A7-4252-8130-70601E0180A2} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {B60BB8C9-11DB-4183-8815-596D603639DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-12] (Microsoft Corporation)
Task: {B866411A-907D-46CF-9DAC-EE1843FB53F2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-28] (NVIDIA Corporation)
Task: {BFA71B8C-D3EE-4AE4-956B-6914EC2A5E2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {CFAC53AB-4B1A-4B20-92ED-15A09D206048} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {D5DC5D7C-F917-4910-99FD-7F9A476D2993} - System32\Tasks\S-1-5-21-3764114906-1958053506-3616233963-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-02] (Microsoft Corporation)
Task: {D8AE578C-6C2B-4D6F-B870-9FC1A6CDFC03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-28] (NVIDIA Corporation)
Task: {D97B8086-1CF0-4B17-B21D-684C5607DA5F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-28] (NVIDIA Corporation)
Task: {DB625B80-3F65-4B68-831B-0E22324B8822} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-12] (Microsoft Corporation)
Task: {E28D7D70-5F9A-4819-90B5-C2819368534A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-01-20] ()
Task: {E9EC3D0E-978A-4D83-80BA-B4CB29F09CCC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {F5C5936D-E65D-4822-AF64-6B6980DA94E2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-28] (NVIDIA Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\{12B44EF6-0BE9-6ED2-28E2-7142A554CC69}.job => C:\Users\Noah\AppData\Roaming\12B44E~1\Updane.exe <==== ATTENTION

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


Shortcut: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.6-p396\Interactive Ruby.lnk -> C:\Ruby22\bin\irb.bat ()

ShortcutWithArgument: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.6-p396\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby22\bin\setrbvars.bat

==================== Modules chargés (Avec liste blanche) ==============

2016-07-12 19:55 - 2016-07-12 19:55 - 001299952 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2.dll
2017-09-22 16:09 - 2017-11-28 02:56 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-09 16:34 - 2017-04-27 16:55 - 000025600 _____ () C:\Users\Noah\Desktop\Wallpaper.Engine.Build.1.0.700\bin\wallpaperservice32_c.exe
2017-07-07 11:26 - 2017-06-27 11:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-09 16:35 - 2017-04-27 16:55 - 000735232 _____ () C:\Users\Noah\Desktop\Wallpaper.Engine.Build.1.0.700\wallpaper32.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-01-20 19:50 - 2016-01-20 19:50 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2017-02-06 22:42 - 2017-02-01 10:47 - 002459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:42 - 2017-02-01 10:47 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2018-01-11 15:12 - 2018-01-11 15:12 - 031240192 _____ () C:\Users\Noah\AppData\Local\Google\Chrome\User Data\PepperFlash\28.0.0.137\pepflashplayer.dll
2018-01-23 00:00 - 2018-01-23 00:04 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-23 00:00 - 2018-01-23 00:04 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-23 00:00 - 2018-01-23 00:04 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 23:11 - 2018-01-03 23:13 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-23 00:00 - 2018-01-23 00:03 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-03-18 21:59 - 2017-03-20 06:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-22 16:09 - 2017-11-28 02:56 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-11-13 09:27 - 2017-11-13 09:27 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-16 20:50 - 2016-05-16 20:50 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-07-07 17:32 - 2017-08-23 01:07 - 001105704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll
2017-12-12 20:45 - 2017-12-11 10:54 - 001893880 _____ () C:\Users\Noah\AppData\Local\Discord\app-0.0.299\ffmpeg.dll
2017-12-12 20:45 - 2017-12-11 10:54 - 001938424 _____ () C:\Users\Noah\AppData\Local\Discord\app-0.0.299\libglesv2.dll
2017-12-12 20:45 - 2017-12-11 10:54 - 000095736 _____ () C:\Users\Noah\AppData\Local\Discord\app-0.0.299\libegl.dll
2018-01-25 11:34 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Noah\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-25 11:34 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Noah\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-25 11:34 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Noah\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-25 12:32 - 2018-01-25 12:32 - 009804280 _____ () \\?\C:\Users\Noah\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-25 12:32 - 2018-01-25 12:32 - 001505784 _____ () \\?\C:\Users\Noah\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-25 12:32 - 2018-01-25 12:32 - 000513016 _____ () \\?\C:\Users\Noah\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-25 12:32 - 2018-01-25 12:32 - 002662904 _____ () \\?\C:\Users\Noah\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-25 12:32 - 2018-01-25 12:32 - 001517048 _____ () \\?\C:\Users\Noah\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2017-09-22 16:09 - 2017-11-28 02:56 - 066906560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\amazon.es -> hxxps://amazon.es

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2017-04-02 16:50 - 2017-07-07 11:25 - 000000188 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 telemetry.malwarebytes.com

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 212.166.211.1 - 62.81.29.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
 

Broni

Malware Annihilator
==================== MSCONFIG/TASK MANAGER éléments désactivés ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-3764114906-1958053506-3616233963-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [UDP Query User{24665167-12F7-43C0-8BDB-6030C93F20F5}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{7C4160A7-6C3C-4316-BA8F-0D92CCA4C0F4}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [{9F399EE0-953F-4A64-8AF2-DAE5ED683565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{45F3D129-40CC-449A-9357-73C4156896E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{B12B4161-DA28-4857-B7B7-D26F77683887}] => (Allow) C:\Users\Noah\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4278E54B-26D2-4794-9E8D-3AE2F76F219E}] => (Allow) C:\Users\Noah\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6CBB378E-431C-4A82-B769-BDD82E644EB5}] => (Allow) C:\Users\Noah\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1DFCC9C7-187E-4B27-99EE-73251473541A}] => (Allow) C:\Users\Noah\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{71CA19BF-78BC-453B-AA06-7901A90405F9}] => (Allow) C:\Users\Noah\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{92AE91DD-CC27-4598-A06B-84393649EBEA}] => (Allow) C:\Users\Noah\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{25E1A470-9E3A-45DA-8D32-E598364EECD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A4B9DC16-AB22-45B9-B1A7-8043F1603C2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{2265E822-B4F2-4B11-9F18-1D780B294C85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EEF54022-65ED-4F45-AB13-069B6B3E3551}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C7BAF487-F8DF-46DA-8D70-8380B226C6B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C9A74A61-8697-4910-945D-0B6AE439F54E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{47E87E48-5716-4D9F-9EBE-075CEB24CAFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{CB6EB1BA-AE74-49B8-927A-1D6165EC5BE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{8824EB2A-110E-4A18-BBB3-9DDAFD61FD49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{3F36273F-005A-4126-8B8B-A50C6A65E9E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{AD309300-9E4B-4278-AF48-D396CFEEA11B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{C5D9C4F9-EC87-490B-9AF6-E9044ACA0FA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{3AB0BC13-7E53-400A-BBB4-F6D3BBC7BCFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{07C902DF-CDCF-4CF8-B754-FB6A35FC092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E2D359EA-DFD3-447E-8EDD-1FE19937308C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{31755DBB-DB9D-4C25-97C6-3C4A472BCAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foxhole Prototype\War.exe
FirewallRules: [{8139365D-111E-4359-B72C-5B0923F47E3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foxhole Prototype\War.exe
FirewallRules: [{5885212C-9E2A-436F-BD66-E0DBFB01798E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C35B053-0376-4B18-BE87-98ECC0964784}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E7171E90-6D8C-47E8-9C77-E1BBE2ECB2E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A76AF19C-95BD-4659-B2FE-B5E2E23C6E3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{4FBCDDD8-C04A-4986-BD2B-DC00A2443DE1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{78B9D49C-ECF2-4D85-B090-3E9A79E801DA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{59B91EBD-0718-4E7A-BABB-FD0A0E10A253}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DA010BB5-44A5-4A25-80A1-9C9BD2090158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{212C10E5-42BC-4DD6-927C-055E7FA3FFBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FC71FF99-F8CE-47C0-9D8B-898A7FDBE2F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DC9DC4FC-BFED-4BF7-A018-AB204B1B7740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{56AFBEFE-93B6-4BC4-B952-82061E393912}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F93BAB5E-083B-4368-B1DB-F51DADA1E46C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E199CDD4-91DD-4339-8EF4-363218EE3816}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8ACAE431-284D-4162-8E71-5930EA76B4D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{67BAA0C1-87FA-4BC2-B760-51D59F2F16CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AE3695CC-62E2-44AF-80BE-EE82A731852E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{15F7C231-B1C3-4973-BDAC-88A1F807119D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{F9F98A55-C8EF-4A3F-BF78-76C07DD8D45A}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{BDBAB5FE-C324-4D3A-9FC9-FC650D736858}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{B3CB7C8A-3F72-4529-9410-ED4BD1499E2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{26FD2CD9-F5BA-47BA-AF8A-26F8F4245CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D1BE429-74C4-4712-8E08-0099F32A9F3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{F1890E8F-9CE1-4D3C-8534-E8084E6AA805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{E58D8719-F827-47FB-9741-331CC46A0469}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A481E52E-2B7D-4EF9-BF58-C295257D999D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9C3981D6-B86C-470C-95A4-1632398CCC00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3D2EE520-F060-4214-BC5B-18D544F99458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6EAE6495-7E03-4DE8-8793-EB005AE1999E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{730CD275-11F9-4286-82B3-69C29AEF9ACA}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{B60B1EDC-8140-4E98-B512-E6DA237122A7}C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe
FirewallRules: [UDP Query User{6F6E9616-51C8-47F1-B0E1-B0F3C3117226}C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe
FirewallRules: [{4ADA67BD-66F6-482F-9B9A-B74BCB6E8396}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{36DF75DE-7656-4CA9-BA90-EAF10319CA6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{9B22E659-EA08-4F3F-B8C0-7216E93DB53C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{CCA15709-65A6-430C-8838-17F2D95720AD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{B4E561FD-6C55-4C4E-9C8D-0213999768A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BCA385F8-B114-4C7D-A602-13D3F5F5F5C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4AAF114-B8A5-44C0-BE92-D832E178FFDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{427E1792-498C-4C34-83E6-D18AD405766D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5568E5D5-682B-47E3-B100-AEA94FEE508C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C7A8F9AE-8B97-405C-A47B-D66628FBF38E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C13748AE-D2DE-4613-9AB9-D61F68E49D78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6FC738E3-D9AE-45AE-A6D1-71EC110FFB9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3C08A5E-0EDF-4C1D-ADF6-0AE2D27B751A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{857A4741-C810-4FE2-ACA4-BB68B7F08EC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{284EFE00-0BF5-495A-8732-2D31BBE8AF88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E0217B6-4CD2-4469-A0BC-5E65D548EA14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{5A42C62A-1F11-4930-8D77-B4CE98F5382A}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{87615A74-62BD-4F00-9308-0C9AC2339060}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [{0EB6C955-6C0A-4442-BE09-03D007EE1BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{08F6702A-73DA-4FFD-8937-D47177A7A205}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{518F5E75-B457-4F4F-B1EA-20A11FA17AC4}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{75A97878-981C-4039-9319-045BDDA3506C}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{B34D23D9-CAC0-48E9-97DE-F8650C3C8960}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{5641738E-DB78-4C8C-B5B6-E340DAE40E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{51F69952-E590-490D-A1E0-E1E9D938E3F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{72B51C4E-C588-462D-8CAC-032432B71519}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{768E9F2A-9BDF-4AA9-A696-B2E578AE302F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A94E29B5-9022-406C-9BAE-47A0979D9806}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{DFD25766-711D-431F-B9BD-13B76200F248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{CFA50108-A3CA-4870-9E12-E55524A70775}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [TCP Query User{A3625AB4-E80B-4684-AB23-4FCF945891A4}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{1CFF248B-8F72-4530-9B60-9E29D46B9A63}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{C2C1F471-B3AD-480E-9114-685710275ED0}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{8D375666-2B1E-498B-92B7-0592DFFE562F}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [{61E3825D-88B4-4862-8DA4-A4764B8FA6D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9867A47A-6285-4F4B-9933-AA71EE863CAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{40A979DE-A978-4826-869D-476AA6003B8C}C:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{0BFE7AE1-FE26-422E-A85B-82B2FBA0D902}C:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [{C6E00445-93D5-444E-81BF-DDE15E35C008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{2ACF140F-18C1-4414-B4D0-1B9B80660EFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{FA539D6B-7DE5-495D-8C0D-94E04E6B7679}C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix.exe
FirewallRules: [UDP Query User{378F87C9-0CF5-4DFC-B9A7-C63E554BDA46}C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix.exe
FirewallRules: [{2BEB41A8-A34D-4FCB-8330-565343ECD8D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{DD8F4C8E-BB6F-4744-9C54-556EFAA54BFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{38A0594B-4705-4F0E-A546-0A7812668E40}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7C82A846-A577-4EB1-BB65-42D9B7CCEC0B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{87FFEF5A-62A4-4226-B620-B253BDB31BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{12148670-C04C-422A-87DA-AC0215D60037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{4D9258BE-FEE3-4078-83FC-E3322D5E391A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe
FirewallRules: [{85A77C9A-C9A2-4660-A077-769362C598E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe
FirewallRules: [TCP Query User{7CBDA20D-4CEA-4726-92E7-215F5661B1EA}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{218CC484-FED8-43F2-8516-6D7689938AF5}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{4F99FCD6-1D42-429F-9CB5-26EB82B41452}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{814F36CF-0896-47BC-858B-787A595AE314}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F6881169-22D6-456A-A59A-E2698106108A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{746ED4D8-1E23-46E5-9AE7-F5FDE9F8FD02}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{0519D765-5F50-4587-B0F2-77627630FEF9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{CD1BBB78-0858-45AE-945C-E70F19C2D901}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{50CABEB7-CD30-480A-A88C-D627D2715FF6}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{C4A479B9-000D-4212-B13A-AEE4CB4F7CC1}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{939680BA-18E7-41E0-A574-2739FC5A6B1E}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{7261234D-6A91-4BF8-A769-ABDFE1A1EF23}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{E7156E9C-2DDA-4EF0-B668-02FA1FA23064}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{C32BDAD2-7A4E-4B69-81D4-5A51A65D23F8}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{71A7DDC7-88AE-4466-ADF9-32B817263FFD}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{BE7B2939-59BE-45D5-9F9C-01E1F59CA1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAID World War II Beta\raid_win64_d3d9_release.exe
FirewallRules: [{A3E605A4-C48E-442C-9599-19B7FC396C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAID World War II Beta\raid_win64_d3d9_release.exe
FirewallRules: [TCP Query User{3DC79573-F3FC-4D24-ACBC-616ACE8D5D89}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{A4676DF7-1D15-4CD3-98EA-31B3A1A55BB3}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{458799EF-7D5D-4C6A-8AE4-07CFB615DB28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{3CC1612E-7E2D-47DA-87EC-7EFB37CE75AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{A02402DE-9646-465C-8790-212DCE01777B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{1A550263-D132-472C-A89B-16E7B663E5F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{7D111878-B6D8-4F58-9C8C-F522330BB2A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{67DA91F7-A369-48A0-A772-1938553C63B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F7D09F99-4C38-496E-96E6-FC4ABBBCA94E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD8F82E0-CF18-4E8D-B8C3-BAAD6763C414}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EF9702C5-1F45-4474-8D3A-D006BF224564}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{B68DCFB3-C81E-41CC-8A6B-4D6250F8F5FC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{5597DFBC-5185-41DE-A8A0-84DA7DC94F40}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.exe
FirewallRules: [{54835E9D-112D-4B01-A36F-1302E3B02545}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{A9C61C23-07EA-4EB2-A21C-4D7E6EADA658}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.exe
FirewallRules: [{75A1D407-8B22-423C-AAFA-01BCECC8EA3E}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{04FEF6C1-BDFC-4BA6-AC09-83A5CF944F00}] => (Allow) C:\Users\Noah\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{03839527-7D2C-48E9-A92D-FC8B6D5E10D4}] => (Allow) C:\Users\Noah\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{B793EBAD-B015-4D33-ADD8-76A4DF23E42E}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.exe
FirewallRules: [{54CE81AE-6DBE-45A2-8D91-A4DFE4A166AE}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{E500C91C-909F-4291-84FC-2DD919920372}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.exe
FirewallRules: [{8E0FE2C5-9737-4E4F-A731-6B228A827969}] => (Allow) C:\Users\Noah\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{D07E9905-B041-40B8-B015-89D5A36E7409}] => (Allow) C:\Users\Noah\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{DD0E1A06-E76B-49D9-8E77-D2BD9B4592BC}] => (Allow) C:\Users\Noah\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{6120E3CF-9DAC-4A0E-9EA3-5F96DA6B6BB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{13334FF0-909E-4B4A-B8C9-FFB9101F82FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{54096216-1469-4051-8BD1-26C3C02A752F}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{A80480C1-FF21-48E4-8A7B-E2F7ECA78A8B}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{4DA0A3E4-6918-4143-BFD2-ADD7A3D9A895}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{8CFBD8D1-6FF5-48BC-929E-F1692AC83115}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{8025A5A5-0016-4DD8-BC5D-06191A790B28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{DFC6B3F5-5E3C-47C2-BD55-B3EB59F260E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{907D78E2-1335-4487-B7E7-19DA744F7B2E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1F3214B4-47FF-4591-A035-1C0C5D7A5F21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C9FFF950-B5BE-434F-8A6E-B0228225A8FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{E5DFD91E-E495-4A4C-A4F5-EA3BBC412E2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{307336B9-7A41-4878-8EF7-58C3CA8E6AAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitArenaFree\ClientLauncherG.exe
FirewallRules: [{CCC3AFE4-A7FD-4EB5-9B18-EA339F1B26D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitArenaFree\ClientLauncherG.exe
FirewallRules: [TCP Query User{4100D560-AEA0-4E82-AE21-BAAA1AD3057A}C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe
FirewallRules: [UDP Query User{BC11A82E-B6CE-4FC3-A759-D8207C9CBC29}C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe
FirewallRules: [TCP Query User{52F9F1DB-65DD-4C08-A65A-2C4DBD1CDC5B}C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe
FirewallRules: [UDP Query User{B58E6ADF-99BA-40AF-9A66-CDC7B461A5FD}C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\8bitarenafree\clientg.exe
FirewallRules: [{66580346-5B10-43C9-9687-CB08804A769C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F25A5F1A-F7F6-450D-8477-79AF0025EC1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{658C80C0-B30D-4BC9-BBC4-33D1673C4873}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CS2D\CS2D.exe
FirewallRules: [{9ECDDDCD-8E93-4AFF-9B13-9E436AC321A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CS2D\CS2D.exe
FirewallRules: [TCP Query User{1E79FD05-944E-41BF-BAEB-37A43ECFE583}C:\program files (x86)\steam\steamapps\common\8bitarenafree\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\8bitarenafree\instanceserverg.exe
FirewallRules: [UDP Query User{F0FC3E2D-339E-4866-9185-7DAB1A155F07}C:\program files (x86)\steam\steamapps\common\8bitarenafree\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\8bitarenafree\instanceserverg.exe
FirewallRules: [{90603BCE-581F-4D0F-94BA-967435B1CFA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{001F4D07-52B8-4557-92F2-A15F61D7529E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{648A8A7A-7462-44FF-BCE1-305A8C58B4A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{80DDC1CF-1720-415A-9D02-4F9A920DC1FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{6D501ADC-5F21-4E1F-8B90-98BD40F00D51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{BDCA5AE9-B206-4006-BD70-6A7F18D01212}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{57335FC5-E151-47C8-9BAD-CE2A6E4409AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{CD64ED86-3E5C-45A8-B0B1-B5EDB98BBA35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [TCP Query User{E93F888C-C844-42F1-ABF9-28F2AE5E72EE}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [UDP Query User{D0173100-0C73-4A15-B4E3-7A9A6F4DF536}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{6365F232-387F-4ECD-85C8-E641A7D4117C}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [UDP Query User{39A70F10-FD4E-4917-B2FB-B52C35AFA7FB}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{B545B3BE-3376-4B92-83BC-82410C0052C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2E9AEAE2-4E40-48CB-89AB-61701DE8037B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{213E580F-2E8D-4A1B-A12A-EA5B0DCD3141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{69F029BF-7D22-481C-88A5-22B55FBE72AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{14378483-28AC-4133-A987-2D442CB44E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{9C98EA02-EC88-45F4-B118-791CA3B84A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{57ED2B3B-F043-4E75-B35E-9473997AC280}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{18FCD88C-4167-4604-9962-CC5C3A99231D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{4EDC4065-C427-4B05-A979-552A998CBC32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{DAB0E0D9-F7FE-47A2-BBB2-478D722BFA98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3B47639E-52A4-4D15-AEB7-A24CA27F7585}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Points de restauration =========================

11-01-2018 12:57:50 Windows Update
16-01-2018 11:27:44 Windows Update
22-01-2018 00:53:34 Windows Update

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (01/27/2018 02:11:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3797

Error: (01/27/2018 02:11:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3797

Error: (01/27/2018 02:11:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/25/2018 01:49:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3797

Error: (01/25/2018 01:49:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3797

Error: (01/25/2018 01:49:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/25/2018 01:48:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (01/25/2018 01:48:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (01/25/2018 01:48:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (01/25/2018 01:48:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong


Erreurs système:
=============
Error: (01/28/2018 12:20:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/27/2018 12:41:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows Defender antimalware platform - KB4052623 (Version 4.12.17007.18011).

Error: (01/27/2018 12:09:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 01:38:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 12:32:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (01/25/2018 12:32:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (01/25/2018 12:32:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (01/25/2018 12:31:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (01/25/2018 12:31:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (01/25/2018 12:31:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.


CodeIntegrity:
===================================
Date: 2018-01-25 12:40:00.452
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-25 12:40:00.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-23 00:10:02.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-23 00:10:02.520
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-22 23:33:35.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-22 23:33:35.830
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-21 01:59:13.047
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-21 01:59:13.030
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-21 01:32:09.112
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-01-21 01:32:09.103
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Pourcentage de mémoire utilisée: 82%
Mémoire physique - RAM - totale: 8060.13 MB
Mémoire physique - RAM - disponible: 1382.69 MB
Mémoire virtuelle totale: 13692.13 MB
Mémoire virtuelle disponible: 4660.51 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:214.15 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 93AAF86E)

Partition: GPT.

==================== Fin de Addition.txt ============================
 

Broni

Malware Annihilator
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
Status
Not open for further replies.