Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2020
Ran by Benetlo (25-07-2020 18:49:24)
Running from C:\Users\Benetlo\Desktop\tel
Windows 10 Home Version 1903 18362.959 (X64) (2019-08-14 16:32:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-333669769-3932428672-634422777-500 - Administrator - Disabled)
Benetlo (S-1-5-21-333669769-3932428672-634422777-1001 - Administrator - Enabled) => C:\Users\Benetlo
DefaultAccount (S-1-5-21-333669769-3932428672-634422777-503 - Limited - Disabled)
Guest (S-1-5-21-333669769-3932428672-634422777-501 - Limited - Disabled)
postgres (S-1-5-21-333669769-3932428672-634422777-1003 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-333669769-3932428672-634422777-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.403 - Adobe)
AOMEI Partition Assistant Standard Edition 7.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.47.2 - Asmedia Technology)
ASUS App Box (HKLM-x32\...\{F0CE6060-50B1-401E-8357-B6E24DB98D21}) (Version: 1.01.08 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.17 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.17 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.18 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ASUS Manager - SyncUp (HKLM-x32\...\{C2294792-457D-4DF7-9486-B630754C73D0}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.05.05 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.11.01 - ASUSTeK Computer Inc.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.52.9015 - Electronic Arts)
Bouton d'aide à l'achat Capital Koala 4.0.0.3 (HKLM\...\{4CA462A2-54C0-41fe-8EF1-08FCA9A40D25}_is1) (Version: 4.0.0.3 - ENOE SAS)
calibre 64bit (HKLM\...\{69BA0606-DA61-4747-BF34-00A6BE8E9B6B}) (Version: 4.13.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.A.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Désinstaller l'imprimante EPSON SX510W Series (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.1 - ASUSTek Computer Inc.)
DriversCloud.com (64 bits) (HKLM\...\{BD4AC883-4AF5-40BB-91F0-31A061F9588E}) (Version: 10.0.11.0 - Cybelsoft)
Epic Games Launcher (HKLM-x32\...\{A98163A6-4350-4195-AB3B-8A5BA4B6C7D8}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.6 - Flvto.biz)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
Hollywood FX Volumes 1-3 (HKLM\...\{48C2040D-B49F-4B4D-AE4A-0DCED3305692}) (Version: 3.0 - Corel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1831.12.0.1156 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.0.1009 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
KRyLack ZIP Password Recovery (HKLM-x32\...\{1A7FBFAC-6A2B-4683-BDDD-BAC1E5C061C8}) (Version: 3.70.69 - KRyLack Software)
LastPass (Désinstaller uniquement) (HKLM-x32\...\LastPass) (Version: - LastPass)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Molotov (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\Molotov) (Version: 4.1.0 - Molotov)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 68.10.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 68.10.0 (x86 fr)) (Version: 68.10.0 - Mozilla)
Multiskate (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\Multiskate) (Version: - )
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NoVirusThanks MD5 Checksum Tool v4.3 (HKLM\...\NoVirusThanks MD5 Checksum Tool_is1) (Version: 4.3.0.0 - NoVirusThanks Company Srl)
Npcap 0.9983 (HKLM-x32\...\NpcapInst) (Version: 0.9983 - Nmap Project)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Pilote graphique 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
Ontrack® EasyRecovery™ for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ for Windows_is1) (Version: 12.0.0.2 - Ontrack)
Opera Stable 69.0.3686.77 (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\Opera 69.0.3686.77) (Version: 69.0.3686.77 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.77.42374 - Electronic Arts, Inc.)
Pinnacle MyDVD (HKLM-x32\...\{9E90B657-D5B4-40C0-AE05-B29DED063494}) (Version: 1.0.089 - Nom de votre société) Hidden
Pinnacle MyDVD (HKLM-x32\...\{E6D07A42-38B7-4AAF-A857-2DF7177244D7}) (Version: 1.0 - Pinnacle)
Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.245 - Corel Corporation)
Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{91D1B712-604F-49C8-943F-FD257D647161}) (Version: 19.0 - Corel Corporation)
Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.0.2.251 - Corel Corporation)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Premium Pack Volumes 1-2 (HKLM-x32\...\{4E62FCE5-6A72-4E13-9F7F-7104748AF838}) (Version: 3.1 - Corel Corporation)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.879.110515 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8496 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0282 - REALTEK Semiconductor Corp.)
RLinkToolbox 3.4.3.544 (HKLM-x32\...\RLinkToolbox) (Version: 3.4.3.544 - TomTom)
Roblox Player for Benetlo (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for Benetlo (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
SFR Cloud (HKLM\...\SFR Cloud) (Version: 17.3.2.11 - SFR)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.7 - TeamViewer)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
Totally Accurate Battle Simulator Pre-Alpha version pre-alpha (HKLM-x32\...\{09C95BCB-5264-4F21-AA5F-D66E91167D6C}_is1) (Version: pre-alpha - Landfall Games)
Trojan Remover (HKLM-x32\...\Trojan Remover_is1) (Version: - Simply Super Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.12.577 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Winamax Installer (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\Winamax Installer 2.0) (Version: 2.0 - Winamax)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xeester (HKLM-x32\...\Xeester) (Version: 2.0 - Xeester)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-25] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-12] (Facebook Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-23] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-07-15] (NVIDIA Corp.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2018-05-06] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-333669769-3932428672-634422777-1001_Classes\CLSID\{1051d9e3-cb3f-4c17-bcfc-213a05747df6} -> [SFR Cloud] => C:\Users\Benetlo\SFR Cloud [2019-08-27 18:04]
ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers-x32: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers-x32: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers-x32: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.Overlays.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
ContextMenuHandlers1: [MD5_CTX] -> {A3026062-4D7E-4631-9A6B-322CEAC3FC5A} => C:\Program Files\NoVirusThanks\MD5 Checksum Tool\MD5_SHLEXT.dll [2017-12-07] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
ContextMenuHandlers1: [SFRCtxMenu] -> {363662BB-66DF-4D60-8CD2-B8956FF6257A} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.ContextMenus.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ContextMenuHandlers1: [Trojan Remover] -> {52B87208-9CCF-42C9-B88E-069281105805} => C:\Program Files (x86)\Trojan Remover\Trshlex64.dll [2018-10-25] (Simply Super Software -> Simply Super Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Trojan Remover] -> {52B87208-9CCF-42C9-B88E-069281105805} => C:\Program Files (x86)\Trojan Remover\Trshlex64.dll [2018-10-25] (Simply Super Software -> Simply Super Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSContextMenu.dll [2016-10-19] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SFRCtxMenu] -> {363662BB-66DF-4D60-8CD2-B8956FF6257A} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.ContextMenus.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_764e9a3d5640451f\nvshext.dll [2020-07-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SFRCtxMenu] -> {363662BB-66DF-4D60-8CD2-B8956FF6257A} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.ContextMenus.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SFRCtxMenu] -> {363662BB-66DF-4D60-8CD2-B8956FF6257A} => C:\Program Files\SFR\SFR Cloud\x64\Sncr.ContextMenus.dll [2018-06-20] (Synchronoss Software Ireland Ltd. -> Synchronoss Technologies Inc.)
ContextMenuHandlers6: [Trojan Remover] -> {52B87208-9CCF-42C9-B88E-069281105805} => C:\Program Files (x86)\Trojan Remover\Trshlex64.dll [2018-10-25] (Simply Super Software -> Simply Super Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\SysWOW64\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506312 2014-01-08] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Benetlo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3f0bcbb53b0a5d80\Capital Koala.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dbpclfjlnaeaejebnjdeadlafkmkldgl

==================== Loaded Modules (Whitelisted) =============

2020-05-01 10:23 - 2020-05-01 10:23 - 000774656 _____ () [File not signed] [File is in use] C:\Users\Benetlo\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 001184256 _____ () [File not signed] [File is in use] C:\Users\Benetlo\AppData\Local\Facebook\Games\CefSharp.Core.dll
2016-10-24 15:57 - 2014-01-22 20:35 - 000684032 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\PhoneCtrlAPI.dll
2016-10-24 15:57 - 2014-01-22 20:36 - 000753664 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\WiMoveHelp.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 071641088 _____ () [File not signed] C:\Users\Benetlo\AppData\Local\Facebook\Games\libcef.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000078848 _____ () [File not signed] C:\Users\Benetlo\AppData\Local\Facebook\Games\libegl.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 003149824 _____ () [File not signed] C:\Users\Benetlo\AppData\Local\Facebook\Games\libglesv2.dll
2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll
2016-10-24 15:57 - 2012-10-09 07:42 - 000211456 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\ACPIWMI.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\Benetlo\AppData\Local\Facebook\Games\chrome_elf.dll
2017-02-02 22:15 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-02-02 22:15 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-02-02 22:15 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-07-22 22:03 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-07-22 22:03 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-07-22 22:03 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-07-22 22:03 - 2019-07-12 09:23 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-07-22 22:03 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-07-22 22:03 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [128]
AlternateDataStreams: C:\Users\Benetlo\Desktop\Questionnaire mairie Soen BETTINGER.jpeg.8klu1:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Benetlo\Desktop\Questionnaire mairie Soen BETTINGER.jpeg.8klu1:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-11-15 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-333669769-3932428672-634422777-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-333669769-3932428672-634422777-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Bluetooth Network Connection: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Bluetooth Network Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
NordLynx: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
NordLynx: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 4: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPF) -> INSECURE_NPF (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "WebStorage"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "RLinkToolbox.exe"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "Flvto Youtube Downloader"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "SynchronossPC"
HKU\S-1-5-21-333669769-3932428672-634422777-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F5DD912B-DAFD-472F-8C8C-97E58CC6B8F6}] => (Allow) LPort=5432
FirewallRules: [UDP Query User{C6571B99-D682-468D-9F87-3FEC10804476}C:\program files (x86)\xeester\jre\bin\xeester.exe] => (Allow) C:\program files (x86)\xeester\jre\bin\xeester.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{61EE6ACB-3C9A-46D2-BBFF-C688589A921E}C:\program files (x86)\xeester\jre\bin\xeester.exe] => (Allow) C:\program files (x86)\xeester\jre\bin\xeester.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{75DB6AD3-35AC-47D2-8DDC-CACB616C26F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CEF7120D-4A4D-45F3-98E1-36FD62C17D84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3E2B573A-E764-43E7-9464-CD6729A6F74F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E157EE6-4097-4EB8-8E08-06A54CA17B08}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{E3510F87-2512-4413-A195-44F415DB4C93}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe => No File
FirewallRules: [TCP Query User{8E026DE3-5E4C-4FC6-A104-BA6E5C2B5DF5}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe => No File
FirewallRules: [{ED6E7736-EAF3-4CD7-9336-EBEDCEB71670}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{4704554C-F921-4ECE-9F6E-65BE09EB668B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A7E606C0-2E43-487B-B63D-C18F28709E3D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{060B63F8-437F-4299-A2AD-0AF954274E64}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E9ECA4A8-E39C-4D51-8994-E00E5C6492AE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{479C8F85-D0D8-4D72-9B35-B64257A07195}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D1C57428-E87C-4584-A1DE-6E441EC0D953}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E5E11975-6625-4D6E-829F-A03B1E6F2C85}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FBA43014-F895-4FD5-8933-5FEBEB0DB5EF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{93845C3A-715B-47DA-A2AC-DFE8F6B98B7E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FEF28907-CCE4-43A1-B100-5D5A88023214}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{53F98AFA-2227-4E34-9CC7-1D9B1E4E5C09}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{23016C5C-F36B-40DF-9155-F38063E5FEA1}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{8E862796-57F1-4669-B611-6415D566A20E}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{9A3737C3-3485-4FB7-83B6-4074C9A660A1}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{0B6A8C2E-4D81-499B-8F7F-85560A2CDC45}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{2B0DB681-6335-462D-A381-D245071534D7}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{C25B4A7C-9930-4F33-B376-6FA082907F12}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{A881D968-95BE-4D9E-B515-0ACF4B1FBCDB}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{669C526D-DE7A-4B42-8399-A90DB1B4F38E}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{264926C3-C915-4D2E-B57F-0DBB31FB6C82}] => (Allow) C:\Program Files (x86)\BitTorrent\bittorrent.exe => No File
FirewallRules: [{D657F0F5-B72C-4777-825E-A59651EA4B48}] => (Allow) C:\Program Files (x86)\BitTorrent\bittorrent.exe => No File
FirewallRules: [{1927D3A6-973B-4377-80E5-18732C75C649}] => (Allow) D:\Office12\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DC197E9-FB81-4616-B3AA-0F3090DBF17B}] => (Allow) D:\Benetlo\jeux origin\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{24DEBB27-B905-45F8-8AFD-2C6E1086CA00}] => (Allow) D:\Benetlo\jeux origin\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{0DB5E655-707D-4F1A-914F-7DE9CA6F0725}] => (Allow) D:\Benetlo\jeux origin\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{2508320E-FE19-4950-B1DE-DAC30B91D4DB}] => (Allow) D:\Benetlo\jeux origin\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{2C106411-FE01-4BA9-B088-D1B157C4FEA8}C:\users\benetlo\appdata\local\programs\opera\66.0.3515.27\opera.exe] => (Allow) C:\users\benetlo\appdata\local\programs\opera\66.0.3515.27\opera.exe => No File
FirewallRules: [UDP Query User{74C96E34-E105-4B93-8590-41A184327EC0}C:\users\benetlo\appdata\local\programs\opera\66.0.3515.27\opera.exe] => (Allow) C:\users\benetlo\appdata\local\programs\opera\66.0.3515.27\opera.exe => No File
FirewallRules: [TCP Query User{005D35A3-5BD3-4634-BBC8-933A93FFE3CA}C:\program files (x86)\xeester\jre\bin\xeester.exe] => (Allow) C:\program files (x86)\xeester\jre\bin\xeester.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{3E6478E1-C1DA-46FD-8761-996F320C3C7A}C:\program files (x86)\xeester\jre\bin\xeester.exe] => (Allow) C:\program files (x86)\xeester\jre\bin\xeester.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{5FF9E74C-9179-4F0F-B63D-84C8E65764BC}] => (Allow) C:\Program Files (x86)\BitTorrent\bittorrent.exe => No File
FirewallRules: [{AAAC5EAF-AE13-4089-B35E-B5C3BDC4A78E}] => (Allow) C:\Program Files (x86)\BitTorrent\bittorrent.exe => No File
FirewallRules: [{B6F4C009-40D9-4CDE-9A3A-5744C196C0A8}] => (Allow) C:\Users\Benetlo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F85F9041-2DEF-4E93-8331-E98751D949F6}] => (Allow) C:\Users\Benetlo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2A0672C6-B98A-4E7A-A52A-53460B596608}] => (Allow) C:\Users\Benetlo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3F1DC44E-33DC-4F44-B092-47183B3D80FF}] => (Allow) C:\Users\Benetlo\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{96A3C379-B673-426A-AE63-28546A4E82E1}C:\users\benetlo\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\benetlo\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{66C788F4-846E-420D-9E69-50D9EE089793}C:\users\benetlo\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\benetlo\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [{FE740469-459B-46D3-B53E-9AE00864392B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B4F8B856-E223-4F33-BD94-E9E12E461071}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C8A487F-3798-4C4A-B2E6-0DDD529D28CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{106AEBDE-7296-4FFB-B105-DB36C80E3E03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48A11C3E-8EB4-4E09-9385-F60D6D4EDCC6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8673A4E-57AF-46F8-8725-181DEAA72827}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{171443AC-1364-4C4F-91B4-DBCBDFF64A65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA0EEBDA-E80B-49E0-8EE9-56263551D933}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{390C6DFB-FA79-457A-9007-131CDFF73314}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{F93C7617-2A61-46BB-8E2F-AE48FC057901}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{61FF4898-6041-4448-8D8A-0B330132D11E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1E6DB0B0-9DFF-41F3-90D1-82B34B173440}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{61DFFC81-DF71-4125-A1A8-9D57BAFE6BB7}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{A584715C-88F4-45A8-97B5-574208A8D7CA}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe => No File
FirewallRules: [{0D04E3BC-32AB-43A5-8799-982270D65586}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe => No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.64 GB) (Free:11.99 GB) (10%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/25/2020 06:46:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : ntdll.dll, version : 10.0.18362.815, horodatage : 0xb29ecf52
Code d’exception : 0xc0000374
Décalage d’erreur : 0x00000000000f9229
ID du processus défaillant : 0x229c
Heure de début de l’application défaillante : 0x01d662a32afbbf65
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : abec7a2e-1609-4743-b864-f191c2e16d97
Nom complet du package défaillant : Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : CortanaUI

Error: (07/25/2020 06:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : biwinrt.dll, version : 10.0.18362.1, horodatage : 0x3f99ee98
Code d’exception : 0xc000027b
Décalage d’erreur : 0x0000000000013d63
ID du processus défaillant : 0x229c
Heure de début de l’application défaillante : 0x01d662a32afbbf65
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll
ID de rapport : 41dc4a99-5651-4d89-affa-95d9f7fcec47
Nom complet du package défaillant : Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : CortanaUI

Error: (07/25/2020 06:46:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : ntdll.dll, version : 10.0.18362.815, horodatage : 0xb29ecf52
Code d’exception : 0xc0000374
Décalage d’erreur : 0x00000000000f9229
ID du processus défaillant : 0x2fa8
Heure de début de l’application défaillante : 0x01d662a326b0690e
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 03b7d75f-2b4a-4afe-8527-331eea250347
Nom complet du package défaillant : Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : CortanaUI

Error: (07/25/2020 06:46:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : biwinrt.dll, version : 10.0.18362.1, horodatage : 0x3f99ee98
Code d’exception : 0xc000027b
Décalage d’erreur : 0x0000000000013d63
ID du processus défaillant : 0x2fa8
Heure de début de l’application défaillante : 0x01d662a326b0690e
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll
ID de rapport : 9835aa43-d9f5-45fa-8da2-28b4ed0160f4
Nom complet du package défaillant : Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : CortanaUI

Error: (07/25/2020 06:42:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : biwinrt.dll, version : 10.0.18362.1, horodatage : 0x3f99ee98
Code d’exception : 0xc000027b
Décalage d’erreur : 0x0000000000013d63
ID du processus défaillant : 0x2c28
Heure de début de l’application défaillante : 0x01d662a29b9052e1
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll
ID de rapport : a5477cec-dff7-4a03-89d4-ab5b92319ebe
Nom complet du package défaillant : Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4
ID de l’application relative au package défaillant : App

Error: (07/25/2020 06:38:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13224,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/25/2020 06:33:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : ntdll.dll, version : 10.0.18362.815, horodatage : 0xb29ecf52
Code d’exception : 0xc0000374
Décalage d’erreur : 0x00000000000f9229
ID du processus défaillant : 0x3348
Heure de début de l’application défaillante : 0x01d662a14a8ed2a3
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : a4812e29-1f37-47ce-8f70-754688b3d6c4
Nom complet du package défaillant : Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : CortanaUI

Error: (07/25/2020 06:33:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.18362.1, horodatage : 0x533f8404
Nom du module défaillant : biwinrt.dll, version : 10.0.18362.1, horodatage : 0x3f99ee98
Code d’exception : 0xc000027b
Décalage d’erreur : 0x0000000000013d63
ID du processus défaillant : 0x3348
Heure de début de l’application défaillante : 0x01d662a14a8ed2a3
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe
Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll
ID de rapport : e66d522b-34fb-46de-9608-17cfdddea2ca
Nom complet du package défaillant : Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : CortanaUI


System errors:
=============
Error: (07/25/2020 06:42:38 PM) (Source: DCOM) (EventID: 10010) (User: PC-BUREAU-ASUS)
Description: Le serveur Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/25/2020 06:14:03 PM) (Source: DCOM) (EventID: 10010) (User: PC-BUREAU-ASUS)
Description: Le serveur Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/25/2020 06:12:44 PM) (Source: DCOM) (EventID: 10010) (User: PC-BUREAU-ASUS)
Description: Le serveur Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/25/2020 06:11:33 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (07/25/2020 06:11:07 PM) (Source: DCOM) (EventID: 10010) (User: PC-BUREAU-ASUS)
Description: Le serveur Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/25/2020 06:11:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service DNS Client dépend du service Network Store Interface Service qui n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.

Error: (07/25/2020 06:11:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service DNS Client dépend du service Network Store Interface Service qui n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.

Error: (07/25/2020 06:10:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.


Windows Defender:
===================================
Date: 2020-07-25 16:02:19.978
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/YahLover&threatid=2147735261&enterprise=0
Nom : Trojan:JS/YahLover
ID : 2147735261
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\Benetlo\Downloads\This computer is BLOCKED (1).html; file:_C:\Users\Benetlo\Downloads\This computer is BLOCKED (2).html
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-22543SS\Benetlo
Nom du processus : C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Version de la veille de sécurité : AV: 1.319.2243.0, AS: 1.319.2243.0, NIS: 1.319.2243.0
Version du moteur : AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-07-25 16:02:19.944
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/YahLover&threatid=2147735261&enterprise=0
Nom : Trojan:JS/YahLover
ID : 2147735261
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\Benetlo\Downloads\This computer is BLOCKED (1).html
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-22543SS\Benetlo
Nom du processus : C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Version de la veille de sécurité : AV: 1.319.2243.0, AS: 1.319.2243.0, NIS: 1.319.2243.0
Version du moteur : AM: 1.1.17200.2, NIS: 1.1.17200.2

Date: 2020-07-15 14:31:12.084
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {E5B5E55F-DF7E-4E67-863E-4D26971E2B86}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0901 01/28/2016
Motherboard: ASUSTeK COMPUTER INC. M32CD_A_F_K20CD_K31CD
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 44%
Total physical RAM: 8121.65 MB
Available physical RAM: 4546.32 MB
Total Virtual: 9401.65 MB
Available Virtual: 4840.1 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118.64 GB) (Free:11.99 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.39 GB) (Free:732.93 GB) NTFS

\\?\Volume{bd647e6c-366c-499d-b72d-33ae4e8e9ce7}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{f0b41053-38cb-4004-9f3d-b7a2c2139d44}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: B2344C50)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================