CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {158A88A9-0B76-442B-8D34-8D26171F802F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6EF1AE89-9606-4FFF-AAFC-5A3F10751514} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {6F71B228-E928-47AE-8053-895127CED3BA} - System32\Tasks\EPSON XP-342 343 345 Series Update {48123E23-0AE1-4527-A54D-069D38EBFEC2} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {7649ED1E-8714-405D-874F-119A0479DC43} - System32\Tasks\{6FBD4E2A-B735-4B21-B8AD-BDC1E0A99C8D} => "c:\windows\system32\launchwinapp.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.112&LastError=404
Task: {89057FBA-9E7C-483E-8424-13A79AA57F16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-21] (Google Inc -> Google Inc.)
Task: {A61EF171-9FA8-4635-9D8B-FB39E603FBBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-21] (Google Inc -> Google Inc.)
Task: {C57A1439-176D-412C-9614-EB892D75F8D4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {D4D1A4F7-4ACD-4817-9FB2-958D94EF4A4D} - System32\Tasks\EPSON XP-342 343 345 Series Update {4717EBCB-05B4-4897-815A-6D45E532B818} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {E608EBCC-CF96-45E1-BAA5-D3C6566F69BC} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
C:\Program Files\Common Files\AV
C:\Program Files\AVAST Software
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-04 18:07 - 2021-01-04 18:07 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-21 17:33 - 2019-10-21 17:33 - 009256960 _____ () C:\Program Files (x86)\GUTE34F.tmp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
CMD: cscript %windir%\System32\slmgr.vbs /dli
cmd: net stop wuauserv
CMD: sc config wuauserv start= auto
CMD: net start wuauserv
cmd: net stop msiserver
CMD: sc config msiserver start= auto
CMD: net start msiserver
CMD: netsh winsock reset 
CMD: bitsadmin /reset
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
C:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\ *
EmptyTemp: