Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by dmorp (10-02-2020 09:33:05)
Running from C:\Users\dmorp\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2020-01-25 01:58:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1015049050-2488466067-2492053717-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015049050-2488466067-2492053717-503 - Limited - Disabled)
dmorp (S-1-5-21-1015049050-2488466067-2492053717-1001 - Administrator - Enabled) => C:\Users\dmorp
Guest (S-1-5-21-1015049050-2488466067-2492053717-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1015049050-2488466067-2492053717-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.11 (HKLM\...\{8046FD31-BA39-4799-8D83-CB1A139619A8}) (Version: 4.11.2.3400 - Open Media LLC)
7-Zip 18.06 (HKLM-x32\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Acronis True Image WD Edition (HKLM-x32\...\{CEAC6D9F-944A-40F7-AB5D-A7412AF9CED9}) (Version: 19.0.33 - Acronis)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
AVS Audio Editor 9.1.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 9.1.1.537 - Online Media Technologies Ltd.)
Bulk Rename Utility 3.2.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
Chessmaster 10th Edition (HKLM-x32\...\{AEA03D8E-87B5-4862-B82A-B5FE5A469BA0}_is1) (Version: 1.0.0 - Ubisoft)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.70 - Infonautics GmbH, Switzerland)
DxO FilmPack 4 (HKLM\...\{E3EA84E1-2CC5-479F-8A5F-DFFF619E58D8}) (Version: 4.5.62.0 - DxO Labs)
DxO PhotoLab (HKLM\...\{248C0BEB-04B4-4E34-87FC-BB86BE63EC2E}) (Version: 1.2.2 - DxO)
DxO ViewPoint 3 (HKLM\...\{D926895B-1CBA-5AF3-8008-3643564D9AF6}) (Version: 3.1.277.0 - DxO Labs)
EPSON Logiciel imprimante (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
Free PDF Compressor (HKLM-x32\...\{BFA49A14-EC18-4071-BC13-B43043B09222}_is1) (Version: - freepdfcompressor.com)
Free Video Cutter version 1.2.1 (HKLM-x32\...\{B089C7D5-C978-4DB0-AFDE-471A42759CB0}_is1) (Version: 1.2.1 - Free Studio)
GetDataBack Pro version 5.50 (HKLM\...\GetDataBack Pro Install_is1) (Version: 5.50 - Runtime Software, LLC)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HDD Guardian 0.7.1 (HKLM-x32\...\{F67EF53C-11BF-4EC8-B025-EC85CABA50B5}) (Version: - )
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1015049050-2488466067-2492053717-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Moo0 Couper la Vidéo 1.17 (HKLM-x32\...\Moo0 VideoCutter) (Version: - )
Mozilla Firefox 72.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 72.0.2 (x64 fr)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperScan 3 Free Edition (HKLM-x32\...\{A4F2425C-17C9-47F6-B136-2E9F7B0D0DD3}) (Version: 3.0.96 - ORPALIS)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
RelevantKnowledge (HKLM-x32\...\{d08d9f98-1c78-4704-87e6-368b0023d831}) (Version: 1.3.338.311 - TMRG, Inc.) <==== ATTENTION
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
StudioLine Photo Classic 4 (HKLM-x32\...\{18C532A1-04D1-4D00-89A1-406D6BA8CDCB}) (Version: 4.2.49.6 - H&M System Software)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhoCrashed 6.65 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Youtube Downloader HD v. 2.9.9.71 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)

Packages:
=========
.NET Framework Features -> C:\Program Files\WindowsApps\40310ZhiliangXu.WhatsNewinthe.NETFramework4.5_1.0.0.0_neutral__2zbggqtj2dccr [2020-02-04] (Zhiliang Xu)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.157.400.0_x86__kgqvnymyfvs32 [2020-02-07] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Studios) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [2015-11-11] (Acronis International GmbH -> Acronis)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 15:24 - 2015-10-30 15:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1015049050-2488466067-2492053717-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dmorp\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1015049050-2488466067-2492053717-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19DDE2D0-B3B5-4509-A5C7-B6377AA22F54}] => (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe No File
FirewallRules: [{28B0C489-3C07-456E-BFDA-44985AC1440C}] => (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe No File
FirewallRules: [{98954E59-4E2C-4B3C-9AFB-AAB6A5D8A892}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [{FC91E56B-83E4-4C2F-983C-E55F84E1631B}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [{3D46FC2D-18FA-4898-91FD-3D24B89FDB37}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{5B9123C8-3FBC-4F2C-B999-56E11F229132}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{965E6E5E-964C-47AC-B6AC-1952414BC74A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A9F5C7AD-9260-4735-85FF-00F6901B03E6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{292F5D08-F44A-4855-B2A1-B0B439339B2E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F4886B7F-9339-4BAD-8255-7A3712B1A442}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7C5EC04C-50AE-45FF-9D1B-BEA13654968B}E:\softwares\snappy driver installer\sdi_x64_r1909.exe] => (Allow) E:\softwares\snappy driver installer\sdi_x64_r1909.exe (www.SamLab.ws) [File not signed]
FirewallRules: [UDP Query User{C463E795-EAC3-44A6-A530-E8E7CF6C94CF}E:\softwares\snappy driver installer\sdi_x64_r1909.exe] => (Allow) E:\softwares\snappy driver installer\sdi_x64_r1909.exe (www.SamLab.ws) [File not signed]
FirewallRules: [{8697BE5A-94BD-4438-8B34-DB1C78BC8F43}] => (Block) E:\softwares\snappy driver installer\sdi_x64_r1909.exe (www.SamLab.ws) [File not signed]
FirewallRules: [{929E8CD9-F7F4-4853-8492-0A3EE332B28D}] => (Block) E:\softwares\snappy driver installer\sdi_x64_r1909.exe (www.SamLab.ws) [File not signed]
FirewallRules: [{30F26FD6-2F3C-48FA-96A1-3572CFF75250}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (TMRG, Inc. -> TMRG, Inc.)
FirewallRules: [{C6D8DF65-F02F-443A-831B-0738E94A3AFE}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (TMRG, Inc. -> TMRG, Inc.)
FirewallRules: [TCP Query User{15488DF3-3842-41CB-98DE-25AA3E0833DA}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8038F9E9-5F2C-42E6-A4DE-1DE2438CCB85}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

07-02-2020 14:47:14 Point de contrôle planifié

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/10/2020 09:10:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13628,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/10/2020 09:03:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (28332,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/10/2020 08:49:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (24156,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/10/2020 08:32:40 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (23280,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/10/2020 08:24:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20012,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/10/2020 08:04:16 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (02/10/2020 08:03:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22484,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/10/2020 07:17:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19368,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (02/09/2020 03:15:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Acquisition d’image Windows (WIA) s’est terminé de façon inattendue pour la 1ème fois.

Error: (02/09/2020 03:15:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 2:52:26 PM le ‎2/‎9/‎2020 n’était pas prévu.

Error: (02/09/2020 03:13:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KEBODEP)
Description: Le serveur Windows.Internal.WebRuntime.ContentProcess#{0007140C-0001-0000-9E40-010000000000} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/09/2020 09:04:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Acquisition d’image Windows (WIA) s’est terminé de façon inattendue pour la 1ème fois.

Error: (02/09/2020 09:04:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 8:47:39 AM le ‎2/‎9/‎2020 n’était pas prévu.

Error: (02/09/2020 08:07:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Acquisition d’image Windows (WIA) s’est terminé de façon inattendue pour la 1ème fois.

Error: (02/09/2020 08:07:39 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 8:03:58 AM le ‎2/‎9/‎2020 n’était pas prévu.

Error: (02/09/2020 08:04:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Acquisition d’image Windows (WIA) s’est terminé de façon inattendue pour la 1ème fois.


Windows Defender:
===================================
Date: 2020-02-05 15:34:41.808
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {C5E2D510-8A7F-4BE7-8AE1-886F971508F6}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-02-05 15:25:58.676
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {74F39819-CB6C-4588-94A8-458B4E374C00}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2020-02-04 11:16:51.993
Description:
Antivirus Windows Defender a rencontré une erreur lors du chargement de la veille de sécurité et va tenter de rétablir une version approprié.
Veille de sécurité tentée : Actuelle
Code d’erreur : 0x80070003
Description de l’erreur : Le chemin d’accès spécifié est introuvable.
Version de la veille de sécurité : 0.0.0.0;0.0.0.0
Version du moteur : 0.0.0.0

CodeIntegrity:
===================================

Date: 2020-02-10 09:31:49.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:31:49.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:30:19.893
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:30:19.888
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:30:19.884
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:30:11.497
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:30:11.493
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-10 09:30:11.488
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 4.6.4 02/14/2011
Motherboard: ECS H67H2-M3
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 36%
Total physical RAM: 8104.62 MB
Available physical RAM: 5161.22 MB
Total Virtual: 9384.62 MB
Available Virtual: 6056.44 MB

==================== Drives ================================

Drive c: (Dan - W10) (Fixed) (Total:222.27 GB) (Free:156.16 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:898.31 GB) NTFS
Drive g: (Backup Plus) (Fixed) (Total:1862.76 GB) (Free:1320.21 GB) exFAT

\\?\Volume{0d47b82a-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{0d47b82a-0000-0000-0000-e0b037000000}\ () (Fixed) (Total:0.8 GB) (Free:0.38 GB) NTFS
\\?\Volume{75e21cd1-078b-4d67-9ddb-1d5c234f1ad8}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0D47B82A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=824 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 20C13044)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: A7C8A5B1)

Partition: GPT.

==================== End of Addition.txt =======================