start::
closeprocesses:
createrestorepoint:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier 
Task: {166B5AA6-7C25-40CB-B718-C59328E6AA16} - System32\Tasks\watchdog2 => C:\Windows\System32\Drivers\UMDF\run2.bat [2016-07-27] () <==== ATTENTION 
Task: {4E231248-27FD-4C76-9623-19B31801F027} - System32\Tasks\App Explorer => C:\Users\Emilie\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-12-21] (SweetLabs, Inc) <==== ATTENTION 
FirewallRules: [{79E22BB6-72E8-4988-82FF-44BC918A15F5}] => (Allow) C:\Users\Emilie\AppData\Local\Chromium\Application\chrome.exe 
Task: {47ED7574-12B0-47C7-B649-4B8BAB15FCDB} - System32\Tasks\Opera scheduled Autoupdate 1513509147 => C:\Users\Emilie\AppData\Local\Programs\Opera\launcher.exe 
FirewallRules: [{79E22BB6-72E8-4988-82FF-44BC918A15F5}] => (Allow) C:\Users\Emilie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{6FD00404-1B4F-40DC-AF95-73C04989C0B9}] => (Allow) C:\Users\Emilie\AppData\Local\Programs\Opera\49.0.2725.64\opera.exe 
FirewallRules: [{97F08B35-5F91-42D9-B872-563C4C6D4127}] => (Allow) C:\Users\Emilie\AppData\Local\Programs\Opera\50.0.2762.58\opera.exe 
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION 
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0 
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727531\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727641\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727672\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3561835723-314565346-1352406597-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727703\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3561835723-314565346-1352406597-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727703\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3561835723-314565346-1352406597-1001\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3561835723-314565346-1352406597-1001\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3561835723-314565346-1352406597-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727750\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [4848952 2017-09-30] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3561835723-314565346-1352406597-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.surf-live.com/ 
HKU\S-1-5-21-3561835723-314565346-1352406597-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727750\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.surf-live.com/ 
SearchScopes: HKLM -> DefaultScope {758CA542-442C-4E3E-B5A7-88FE33DED815} URL =
SearchScopes: HKLM-x32 -> DefaultScope {758CA542-442C-4E3E-B5A7-88FE33DED815} URL =
SearchScopes: HKU\S-1-5-21-3561835723-314565346-1352406597-1001 -> DefaultScope {E0CFC9BD-7D0B-4D09-8715-5E018AA285AC} URL =
SearchScopes: HKU\S-1-5-21-3561835723-314565346-1352406597-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01152018142727750 -> DefaultScope {E0CFC9BD-7D0B-4D09-8715-5E018AA285AC} URL = 
FF Homepage: Mozilla\Firefox\Profiles\yq6xu3ql.default -> hxxp://www.surf-live.com/
FF NewTab: Mozilla\Firefox\Profiles\yq6xu3ql.default -> about:newtab 
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-06-24] [Legacy] 
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx 
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx 
2018-01-15 14:27 - 2017-12-04 20:52 - 000000000 ____D C:\Program Files\ByteFence 
deletekey: HKLM\SOFTWARE\ByteFence
deletekey: HKCU\SOFTWARE\ByteFence
deletekey: HKCU\SOFTWARE\Chromium
deletekey: HKCU\SOFTWARE\efixmypc.com
deletekey: HKCU\SOFTWARE\Host App Service
2017-12-17 12:12 - 2018-01-15 22:50 - 000003634 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1513509147
2017-12-17 12:12 - 2017-12-17 12:12 - 000000000 ____D C:\Users\Emilie\AppData\Roaming\Opera Software
2017-12-17 12:12 - 2017-12-17 12:12 - 000000000 ____D C:\Users\Emilie\AppData\Local\Opera Software
2017-12-17 12:11 - 2018-01-15 14:26 - 000000000 ____D C:\Users\Emilie\AppData\Roaming\efixmypc.com
2017-12-17 12:11 - 2018-01-15 14:26 - 000000000 ____D C:\ProgramData\efixmypc.com 
emptytemp:
end::