Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by wanted (12-09-2018 19:58:21)
Running from C:\Users\wanted\Desktop
Windows 10 Pro Version 1803 17134.228 (X64) (2018-05-20 03:20:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-565019135-2950355371-4037754605-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-565019135-2950355371-4037754605-503 - Limited - Disabled)
Guest (S-1-5-21-565019135-2950355371-4037754605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-565019135-2950355371-4037754605-1035 - Limited - Enabled)
wanted (S-1-5-21-565019135-2950355371-4037754605-1000 - Administrator - Enabled) => C:\Users\wanted
WDAGUtilityAccount (S-1-5-21-565019135-2950355371-4037754605-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
File Scavenger 4.3 (en) (HKLM-x32\...\QueTek File Scavenger 4.3 (en)) (Version: 4.3.2.0 - QueTek Consulting Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - French/Français (HKLM\...\Office15.OMUI.fr-fr) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{45CD67FD-3218-4207-A0A2-BC41245189E3}) (Version: 1.20.146.0 - Microsoft)
Mises à jour NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA (HKLM-x32\...\{8E2132F6-071A-3768-8691-B7D12FD7531D}) (Version: 2.0.50727 - Microsoft Corporation) Hidden
Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA (HKLM-x32\...\Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA) (Version: 2.0.50727 - Microsoft Corporation)
NVIDIA 3D Vision Driver 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.31 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Son virtuel Miracast 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.48 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.235 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-040C-1000-0000000FF1CE}_Office15.OMUI.fr-fr_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft)
Serviio (HKLM\...\Serviio) (Version: 1.9 - Six Lines Ltd)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.OMUI.fr-fr_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - )
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.60 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
WinRelais Expert 2.2 Evaluation (HKLM-x32\...\WinRelais Expert 2.2 Evaluation) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-09] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-09] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-09] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1DE7AF75-8609-496B-ABBE-2F229F115D14} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2198A9BC-91B8-45C2-9326-E3E505F72A9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {229A6E16-82C1-4421-B855-8658DA2038E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {25A30719-A5F3-40F7-8BED-A8373C75A180} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-09] (AVAST Software)
Task: {47461CED-F300-403C-8F4D-6B7DB68AE6F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4C738B2A-543A-4557-B3FA-67AA37F7683A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5D1E766F-7F31-4F1A-8BEC-0E5A538EDFC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {66BFA487-0DD8-4E8B-9E14-245FCA22BEF3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {7D665B27-A191-4C70-B7F4-9689BC65D91A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {84883250-9B03-4151-A547-5EDF48DC90E2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {93B82678-C973-4172-9189-E69D6D24B0A6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {94E47E28-8C7C-44A7-BD84-1FB9E15B7DDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {9E2CABFC-871A-4A43-8B5C-2C62485A3A32} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {AE4EA81B-863F-4E52-BBAF-44B4B28AA6EC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AE99ADBF-F676-4ABF-A63B-E865893E0325} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BA7BA350-FE96-49E9-A625-009F4D83DFBE} - \WPD\SqmUpload_S-1-5-21-565019135-2950355371-4037754605-1000 -> No File <==== ATTENTION
Task: {BE889C53-0BA8-4E5F-A7F9-6B1461DD933E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {BF09B5BA-2686-4260-9C55-35F663FF1E09} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C8D4FFF4-91A5-4303-A8E7-33755620AC1D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-09-11] (Microsoft Corporation)
Task: {DC8AECC3-8FE7-4EE4-A237-97C981D9FD1A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E4728EAC-8783-4BB6-90B1-BF8AABDF231F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-09] (AVAST Software)
Task: {E47B2259-D348-4810-8B49-86FA83CF9BBF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F6834DE6-A0E1-4512-B056-BB6604A24240} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FABED731-3BF1-4190-8BFD-11FDB358960A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FDB6F596-59C9-4F4A-B831-AC431417B656} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-08-20 12:50 - 2017-11-14 21:56 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-07-23 17:19 - 2017-07-23 17:19 - 000413696 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-09 13:08 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-08-24 20:37 - 2018-08-24 20:37 - 000097784 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2018-09-09 20:02 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-09 20:02 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002068480 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 001465856 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2018-06-14 04:25 - 2018-06-08 10:55 - 003037184 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000580608 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.QueryClient.dll
2018-03-06 13:59 - 2018-03-06 13:59 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-09 12:44 - 2018-09-09 12:44 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\com -> hxxp://*.Wondershare.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2016-04-14 03:15 - 000000917 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
192.168.1.20 alexkid.no-ip.info
192.168.1.20 rudygeek.sytes.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-565019135-2950355371-4037754605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wanted\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "O&O Defrag Tray.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "BrowserPlugInHelper"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "Ultimate Control"
HKLM\...\StartupApproved\Run32: => "FreedomeAutoStart"
HKLM\...\StartupApproved\Run32: => "LeapFrog Connect 2 Launcher"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\StartupFolder: => "Envoyer à OneNote.lnk"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\StartupFolder: => "SFR Cloud.lnk"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "SFR Mediacenter"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "KiesAirMessage"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1E2CA3255352BADFEFB29158DE1A7C2F"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "Application Restart #3"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-565019135-2950355371-4037754605-1000\...\StartupApproved\Run: => "SideSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F4E8A38D-B2BA-4ECE-860A-9D6B0C0D0E80}] => (Allow) C:\Users\wanted\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0F8FC94B-B95B-44FD-A52A-7B9B452ED00B}] => (Allow) C:\Users\wanted\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{9DF19E7B-7393-4953-9C64-7D3015963FA7}C:\program files (x86)\videolan\vlc_sfr\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc_sfr\vlc.exe
FirewallRules: [UDP Query User{EB8ED039-09AF-4EEB-8D0F-636E51FB1263}C:\program files (x86)\videolan\vlc_sfr\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc_sfr\vlc.exe
FirewallRules: [TCP Query User{E0BDA5A1-ED41-4BA3-9109-A1A0FF06CF9C}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{5B8E3695-6E14-41F8-B769-8D76A3364C01}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [{90FB00D3-743C-43BA-8D7F-743D7903B1A4}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{104A22F1-1CB8-4611-BC31-DC1256CC8689}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{990455FC-3CCA-4C2A-83F2-02EEDDC3B710}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe
FirewallRules: [TCP Query User{22891B06-9257-4E70-A0C5-4B4AD70F1891}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{C5FC3C27-8AC7-41B7-B4A1-268334FF319A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{AD3DE128-BB60-4654-A79B-FCBCCC8CF52A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{92580A76-D71C-4FE8-A2DF-A477C0C3065A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9720EB12-3AC3-48C1-8DBB-B6C675D2CBF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{06A7EFE9-98BF-4FAD-8FAC-C29DA8C0C588}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E39D60D-4199-431F-860E-8AFD62FE2222}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{3635BCF5-878F-43DF-81C5-05F102BA8297}E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{70A436A6-A206-438C-9AD3-A9A3A0B7D816}E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [TCP Query User{691D02CE-6F4B-4F26-B358-9AFD1F33EFFF}E:\program files (x86)\call of duty black ops ii update 3\t6sp.exe] => (Block) E:\program files (x86)\call of duty black ops ii update 3\t6sp.exe
FirewallRules: [UDP Query User{12EF8E8B-6AFC-4567-BCCF-6FFB6DBF6A9C}E:\program files (x86)\call of duty black ops ii update 3\t6sp.exe] => (Block) E:\program files (x86)\call of duty black ops ii update 3\t6sp.exe
FirewallRules: [TCP Query User{E2976DCB-840C-481C-B0FE-59C24EDF6270}E:\program files (x86)\wild media server\wms.exe] => (Allow) E:\program files (x86)\wild media server\wms.exe
FirewallRules: [UDP Query User{771B077C-6D4E-4B1B-992D-F447067557F5}E:\program files (x86)\wild media server\wms.exe] => (Allow) E:\program files (x86)\wild media server\wms.exe
FirewallRules: [{E8A9CF24-6E49-45B1-A876-4D06D7F2FAC3}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{C8844281-C9BE-447D-B541-82D2E3CCC30E}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{8413F959-5DD2-4BB8-B98C-9A164D3B5E7D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F0D6225D-CD76-4BA9-AAE2-FCD29BF5992F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B9937EA0-94BB-4D82-AFB2-8CBB074191D7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CF306D5B-D082-46F8-BE55-DF3D3B0A4100}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{86578658-737A-4B0D-BFE5-7CFA28E14536}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F805BBE8-7AEE-4D47-86A2-91053792AF54}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{D88EE458-FD2C-495D-B062-07DB52EDBFE9}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{47EE0CE0-FA41-4E39-ACD8-E7A9D1D19297}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{217E5573-9D03-4870-8B81-6DFB25EC33DF}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe

==================== Restore Points =========================

10-09-2018 22:33:02 Windows Modules Installer
12-09-2018 17:06:59 Removed Java 8 Update 77 (64-bit)

==================== Faulty Device Manager Devices =============

Name: Dispositif de stockage de masse USB
Description: Dispositif de stockage de masse USB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Dispositif de stockage USB compatible
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/11/2018 09:31:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest.

Error: (09/11/2018 08:13:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest.

Error: (09/10/2018 02:18:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest.

Error: (09/10/2018 01:13:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme Microsoft.Photos.exe version 2018.18071.15310.0 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.

ID de processus : 41ac

Heure de début : 01d44892b70ede74

Heure de fin : 4294967295

Chemin d'accès de l'application : C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID de rapport : 89dcdcd3-a4a0-4ab1-b541-70c9abc4e968

Nom complet du package défaillant : Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe

ID de l'application relative au package défaillant : App

Error: (09/10/2018 12:55:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Explorer.EXE, version : 10.0.17134.165, horodatage : 0x4031a9f8
Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x6d15b6d7
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000009ec90
ID du processus défaillant : 0xb2c
Heure de début de l’application défaillante : 0x01d4484c895622d0
Chemin d’accès de l’application défaillante : C:\WINDOWS\Explorer.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : b5b7fc05-0485-41e3-8e20-9191ae16ea59
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (09/10/2018 12:39:46 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: WANTED-PC)
Description: httphttp-2147467263

Error: (09/09/2018 11:01:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest.

Error: (09/09/2018 09:29:37 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: WANTED-PC)
Description: httphttp-2147467263


System errors:
=============
Error: (09/12/2018 07:52:51 PM) (Source: DCOM) (EventID: 10016) (User: WANTED-PC)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID wanted-PC\wanted de l’utilisateur (S-1-5-21-565019135-2950355371-4037754605-1000) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (09/12/2018 05:32:10 PM) (Source: DCOM) (EventID: 10016) (User: WANTED-PC)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID wanted-PC\wanted de l’utilisateur (S-1-5-21-565019135-2950355371-4037754605-1000) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (09/12/2018 05:30:47 PM) (Source: DCOM) (EventID: 10016) (User: WANTED-PC)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID wanted-PC\wanted de l’utilisateur (S-1-5-21-565019135-2950355371-4037754605-1000) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (09/12/2018 05:12:20 PM) (Source: DCOM) (EventID: 10016) (User: WANTED-PC)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID wanted-PC\wanted de l’utilisateur (S-1-5-21-565019135-2950355371-4037754605-1000) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (09/11/2018 09:32:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Malwarebytes Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Restart the service.

Error: (09/11/2018 09:31:41 PM) (Source: DCOM) (EventID: 10016) (User: WANTED-PC)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID wanted-PC\wanted de l’utilisateur (S-1-5-21-565019135-2950355371-4037754605-1000) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (09/11/2018 08:15:23 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (09/11/2018 08:14:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Launch pour l’application serveur COM avec le CLSID
Windows.SecurityCenter.WscDataProtection
et l’APPID
Unavailable
au SID NT AUTHORITY\SYSTEM de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


Windows Defender:
===================================
Date: 2018-09-12 00:42:55.809
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {4AEAE93C-5764-4D5E-9872-E76CCC578BA9}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : NT AUTHORITY\SYSTEM

Date: 2018-09-09 20:23:48.556
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Itagomoko.A&threatid=2147708740&enterprise=0
Nom : Trojan:Win32/Itagomoko.A
ID : 2147708740
Gravité : Severe
Catégorie : Trojan
Chemin : file:_D:\$RECYCLE.BIN\S-1-5-21-565019135-2950355371-4037754605-1000\$RJ2ANHM.3\File Scavenger 4.3\Keygen\keygen.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : C:\Windows\System32\SearchProtocolHost.exe
Version de la signature : AV: 1.275.974.0, AS: 1.275.974.0, NIS: 1.275.974.0
Version du moteur : AM: 1.1.15200.1, NIS: 1.1.15200.1

CodeIntegrity:
===================================

Date: 2018-09-12 19:53:45.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 19:52:22.862
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 19:51:58.832
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 19:51:58.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 19:51:57.879
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 19:51:47.843
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-12 19:51:47.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-11 23:38:36.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 38%
Total physical RAM: 8191.04 MB
Available physical RAM: 5034.61 MB
Total Virtual: 14191.04 MB
Available Virtual: 10835.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.19 GB) (Free:44.14 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Download) (Fixed) (Total:232.88 GB) (Free:232.7 GB) NTFS
Drive e: (Média et jeux) (Fixed) (Total:931.51 GB) (Free:102.9 GB) NTFS
Drive f: (sauvegarde) (Fixed) (Total:931.51 GB) (Free:276.8 GB) NTFS
Drive j: (Programme) (Fixed) (Total:232.88 GB) (Free:157 GB) NTFS

\\?\Volume{16441643-0000-0000-0000-f00b25000000}\ () (Fixed) (Total:0.86 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1D421D41)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2AF11FCD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 16441643)
Partition 1: (Active) - (Size=148.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=883 MB) - (Type=27)

========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 96AB853E)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: 78563412)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================