Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Exécuté par BPS (2018-09-11 16:57:10)
Exécuté depuis C:\Users\BPS\Desktop
Windows 10 Pro Version 1803 (X64) (2018-05-16 17:52:53)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3602446010-1169429360-3888294295-500 - Administrator - Disabled)
BPS (S-1-5-21-3602446010-1169429360-3888294295-1001 - Administrator - Enabled) => C:\Users\BPS
DefaultAccount (S-1-5-21-3602446010-1169429360-3888294295-503 - Limited - Disabled)
Invité (S-1-5-21-3602446010-1169429360-3888294295-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3602446010-1169429360-3888294295-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
C MF385-1 Series Scanner (HKLM-x32\...\InstallShield_{65F6C930-68EF-40F4-A39F-42A286837F7E}) (Version: - )
C MF385-1 Series Scanner (Version: 1.00.0000 - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Generic Universal PS (HKLM\...\Generic Universal PS) (Version: - Generic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.17 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MFP-Printer Utility MF385-1 Series (HKLM\...\MFP-Printer Utility MF385-1 Series Installer) (Version: - MFP-Printer Utility)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3602446010-1169429360-3888294295-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320631\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164421351\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447773\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165028267\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Word 2000 (HKLM-x32\...\{0017040C-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 fr)) (Version: 52.9.1 - Mozilla)
PHOTOfunSTUDIO 9.2 AE (HKLM-x32\...\{84F0A157-75D1-45C7-A209-EDFAB5C85F24}) (Version: 9.02.513 - Panasonic Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
SugarSync (HKLM-x32\...\SugarSync) (Version: 3.8.1.10.146697 - SugarSync, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3602446010-1169429360-3888294295-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\BPS\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3602446010-1169429360-3888294295-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\BPS\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3602446010-1169429360-3888294295-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\BPS\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3602446010-1169429360-3888294295-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\BPS\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3602446010-1169429360-3888294295-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\BPS\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3602446010-1169429360-3888294295-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\BPS\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe (Microsoft Corporation)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {01336691-7BD4-4C60-87A4-376FF4D83CEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {11E69B01-13BE-42ED-B6F5-9637E95E3B32} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {147ED2E0-2D57-4645-9419-AAD5C12E5762} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3602446010-1169429360-3888294295-1001 => C:\Users\BPS\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-19] (Mega Limited)
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-05-20] (Microsoft Corporation)
Task: {24559B72-FB09-4727-9663-59D8DADFC864} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2ED4B4A9-E7B6-4B17-929C-861A20EB5D9B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {334AE187-7698-4E55-ABC8-EFBC164B4ADE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {42D8C6C8-EF4C-43D8-86D8-407795F2E964} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4BB3C060-52D9-46E8-8162-A341BCE7BE2E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {4C58FEA1-4A12-4D9B-86DC-D8E68411391F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {5072ED11-B2C8-4348-930D-4981017AC8FD} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5A07A093-DF36-4DD6-AED8-B2E9DD969E77} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {5FC778EF-E29A-4548-9F2E-0CB12EDBBB2E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-05-20] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {83D02A40-0E7E-48C3-A3F0-1E5FABB9C553} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {86D84134-0948-4902-8442-159DCFC24E0A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-05] (Avira Operations GmbH & Co. KG)
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {8F3A102B-F05E-46B4-8889-3733CC24F5ED} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)
Task: {985F26D6-DE2D-4583-9BD8-D0F8B088FC84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {A253D3F7-1A94-4FBE-A6C6-8F8847F4E1C3} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A30C22F4-2A92-4E56-9F21-581E66F39A34} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B0A4B33C-8658-45D9-BACF-81A1F755D852} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B39B5A61-DF5F-4732-A319-8E24FB3F3E72} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {C163068D-B7A8-4D5E-8954-2B5CA44F2680} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-08-16] (Microsoft Corporation)
Task: {C1BC90B0-6517-4236-AACF-6DB990FFACE8} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-05-20] (Microsoft Corporation)
Task: {C2F0C665-C47F-4F24-A410-0D04039E6641} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3602446010-1169429360-3888294295-1001 => C:\Users\BPS\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-08-13] (Microsoft Corporation)
Task: {CB94F27F-3CFC-40E8-8D57-8A5314AD5CFD} - \WPD\SqmUpload_S-1-5-21-3602446010-1169429360-3888294295-1001 -> Pas de fichier <==== ATTENTION
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D22B58F7-2FA2-4EB1-B2A6-2433CC579F9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D3386AF9-3E99-4F7A-A137-5A58AC4C0DCC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DEA64383-B0C8-469A-9B3D-6E271201E95F} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-07-06] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2015-06-11 18:03 - 2014-06-02 20:23 - 00041472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\KOBJ_AAP.DLL
2017-06-02 13:07 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2017-07-26 09:58 - 2017-07-26 09:58 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2013-06-21 10:01 - 2013-06-21 10:01 - 00805888 _____ () C:\WINDOWS\system32\M385-1WDV.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 02759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-05-01 16:13 - 2017-11-17 08:56 - 00598528 _____ () C:\Users\BPS\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2018-08-16 07:10 - 2018-08-03 05:09 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-20 17:42 - 2017-10-20 17:42 - 00393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-07-17 10:02 - 2018-07-17 10:02 - 00086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 10:02 - 2018-07-17 10:02 - 00195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 10:02 - 2018-07-17 10:02 - 22373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 10:02 - 2018-07-17 10:02 - 02610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-08-11 10:56 - 2018-08-11 10:57 - 35124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-11 10:56 - 2018-08-11 10:57 - 00290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-11 10:56 - 2018-08-11 10:57 - 06417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 07:13 - 2017-09-26 07:14 - 03553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-11 10:56 - 2018-08-11 10:57 - 09010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-08-31 07:04 - 2018-08-31 07:04 - 69283840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-04-26 06:09 - 2018-04-26 06:10 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2017-10-04 06:28 - 2017-10-04 06:29 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 03699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-21 13:20 - 2018-08-21 13:20 - 00049664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 00035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 13:20 - 2018-08-21 13:20 - 02480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-03-30 07:47 - 2018-03-30 07:48 - 02283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-08-21 13:20 - 2018-08-21 13:20 - 02280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 14333440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 03544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 02869248 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 07:04 - 2018-08-31 07:04 - 00973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 15:17 - 2018-07-26 15:17 - 04584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-31 08:00 - 2018-07-31 08:01 - 00199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 08:00 - 2018-07-31 08:01 - 02447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-31 08:00 - 2018-07-31 08:01 - 07814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-08-21 13:20 - 2018-08-21 13:20 - 04255232 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1807.2121.1000_x64__8wekyb3d8bbwe\Calculator.exe
2018-08-21 13:20 - 2018-08-21 13:20 - 04445248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1807.2121.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-02 06:51 - 2018-05-02 06:51 - 00634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1807.2121.1000_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-11 16:42 - 2018-07-24 12:32 - 02681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-11 16:42 - 2018-08-06 14:20 - 02769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-09 06:30 - 2018-08-08 02:41 - 04855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-09 06:30 - 2018-08-08 02:41 - 00115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2017-06-02 13:07 - 2018-09-08 07:47 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-06-02 13:07 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2018-08-10 12:04 - 2018-08-10 12:04 - 00243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-08-10 12:04 - 2018-08-10 12:04 - 01204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2016-07-21 03:14 - 2017-11-17 08:56 - 00798208 _____ () C:\Users\BPS\AppData\Local\MEGAsync\libsodium.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2017-09-29 15:46 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164319443\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164420732\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447530\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165027329\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320053\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164420925\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447645\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165027720\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320631\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164421351\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447773\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165028267\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)

MSCONFIG\Services: wisvc => 3
HKLM\...\StartupApproved\StartupFolder: => "PHOTOfunSTUDIO 9.2 AE.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run32: => "Ulead AutoDetector v2"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001\...\StartupApproved\Run: => "SugarSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320631\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320631\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320631\...\StartupApproved\Run: => "SugarSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164320631\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164421351\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164421351\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164421351\...\StartupApproved\Run: => "SugarSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164421351\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447773\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447773\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447773\...\StartupApproved\Run: => "SugarSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018164447773\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165028267\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165028267\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165028267\...\StartupApproved\Run: => "SugarSync"
HKU\S-1-5-21-3602446010-1169429360-3888294295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09112018165028267\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [TCP Query User{B64C1ED4-EE44-4051-B408-2B18F7F00803}C:\program files (x86)\mfp-printer utility\mf385-1\scanner\m385-1nut.exe] => (Allow) C:\program files (x86)\mfp-printer utility\mf385-1\scanner\m385-1nut.exe
FirewallRules: [UDP Query User{27956BCB-2DE4-4557-ADD2-07CB54BE54E5}C:\program files (x86)\mfp-printer utility\mf385-1\scanner\m385-1nut.exe] => (Allow) C:\program files (x86)\mfp-printer utility\mf385-1\scanner\m385-1nut.exe
FirewallRules: [{56D8CEE0-8D5F-42B5-8046-B2F17055F525}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8CC38801-55E7-49E5-A81F-EE82B8A26BAC}] => (Allow) LPort=2869
FirewallRules: [{E3B111E6-4247-4316-9D18-5B465E55B88B}] => (Allow) LPort=1900
FirewallRules: [{AB4D9307-B6FE-4DFA-BDF5-F965A566C4BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DA8DC331-1BEF-4738-A637-7ACE7A460133}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C74CCAD8-8F60-4D09-BB67-055337180A21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B87ACC24-A1DB-409F-BA5B-981CD00A24EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{11F01140-F736-4FE9-AE83-E0CF14912E63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{57C4F1CF-674A-490B-BA05-ED0F9536A594}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{5A770EDE-94B9-4257-A91F-4D072AF32772}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Points de restauration =========================

23-08-2018 14:59:49 Point de contrôle planifié
31-08-2018 16:46:53 Point de contrôle planifié
11-09-2018 08:23:37 Point de contrôle planifié

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (09/05/2018 02:11:07 PM) (Source: COM) (EventID: 18221) (User: AUTORITE NT)
Description: C:\WINDOWS\SysWOW64\schtasks.exeUnavailableUnavailableS-1-5-18UnavailableUnavailable

Error: (08/23/2018 02:29:21 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 02:21:45 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 02:21:45 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 02:11:45 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 02:11:45 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 01:07:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 01:07:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 12:57:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.

Error: (08/23/2018 12:57:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.


Erreurs système:
=============
Error: (09/11/2018 04:53:45 PM) (Source: DCOM) (EventID: 10016) (User: Josselin)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}JosselinBPSS-1-5-21-3602446010-1169429360-3888294295-1001LocalHost (avec LRPC)Non disponibleNon disponible

Error: (09/11/2018 04:52:11 PM) (Source: DCOM) (EventID: 10016) (User: Josselin)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}JosselinBPSS-1-5-21-3602446010-1169429360-3888294295-1001LocalHost (avec LRPC)Non disponibleNon disponible

Error: (09/11/2018 04:19:33 PM) (Source: DCOM) (EventID: 10016) (User: Josselin)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}JosselinBPSS-1-5-21-3602446010-1169429360-3888294295-1001LocalHost (avec LRPC)Non disponibleNon disponible

Error: (09/11/2018 08:22:24 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (09/11/2018 07:51:34 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (09/08/2018 07:49:39 AM) (Source: DCOM) (EventID: 10016) (User: Josselin)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}JosselinBPSS-1-5-21-3602446010-1169429360-3888294295-1001LocalHost (avec LRPC)Non disponibleNon disponible

Error: (09/08/2018 07:48:41 AM) (Source: DCOM) (EventID: 10016) (User: Josselin)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}JosselinBPSS-1-5-21-3602446010-1169429360-3888294295-1001LocalHost (avec LRPC)Non disponibleNon disponible

Error: (09/08/2018 07:46:25 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORITE NT)
Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration.

Error: (09/08/2018 07:46:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 17:19:26 le ‎07/‎09/‎2018 n’était pas prévu.

Error: (09/07/2018 02:37:41 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}


CodeIntegrity:
===================================
Date: 2018-09-11 16:47:34.413
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 16:47:16.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 16:43:19.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 16:43:19.869
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 16:43:19.750
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 16:43:19.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 16:43:19.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz
Pourcentage de mémoire utilisée: 73%
Mémoire physique - RAM - totale: 3968.18 MB
Mémoire physique - RAM - disponible: 1070.21 MB
Mémoire virtuelle totale: 7218.44 MB
Mémoire virtuelle disponible: 3079.4 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:172.01 GB) (Free:89.2 GB) NTFS
Drive d: () (Fixed) (Total:292.97 GB) (Free:239.29 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 705801FF)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=172 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=293 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================