Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2019
Ran by Maxime Glé (20-10-2019 12:22:52)
Running from C:\Users\user\Documents\Outils\Outils
Windows 10 Pro Version 1903 18362.356 (X64) (2019-05-27 12:14:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3857067193-2404044210-3273798446-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3857067193-2404044210-3273798446-503 - Limited - Disabled)
Guest (S-1-5-21-3857067193-2404044210-3273798446-501 - Limited - Disabled)
Maxime Glé (S-1-5-21-3857067193-2404044210-3273798446-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-3857067193-2404044210-3273798446-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22749 - Microsoft Corporation)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Dashlane (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Dashlane) (Version: 6.1915.0.19667 - Dashlane, Inc.)
DevID Agent (HKLM-x32\...\DevID_Agent) (Version: 4,48 - DevID)
Discord (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo PCTrans 10.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version: - EaseUS)
EdgeDeflector (HKLM-x32\...\EdgeDeflector) (Version: - )
Epic Games Launcher (HKLM-x32\...\{A17FC61C-F723-4856-9116-3087712BCB11}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fap CEO (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\{178A5BC0-9A11-4E4C-8314-0F9559684C77}) (Version: 0.918 - Boombox Games)
FiveM (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Girlvania (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\{837FAFB9-EBA5-4727-95AD-792C4F671531}) (Version: 1.2.2 - Girlvanic Studios)
Godzilla Creepypasta (HKLM-x32\...\Godzilla Creepypasta) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Letasoft Sound Booster 1.11.0.514 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.514 - Letasoft LLC)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Publisher 2016 - en-us (HKLM\...\PublisherRetail - en-us) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Teams) (Version: 1.2.00.10168 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mises à jour NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
NETGEAR A6100 Genie (HKLM-x32\...\{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.30 - NETGEAR) Hidden
NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.30 - NETGEAR)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Nutaku 1.28.3 (HKLM\...\ac6ca4ec-406a-56ce-974e-5e616743d993) (Version: 1.28.3 - Nutaku.net)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\OpenIV) (Version: 3.1.1032 - .black/OpenIV Team)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
paint.net (HKLM\...\{893D9E06-E352-4BE4-B8E4-CFADC08B8DBF}) (Version: 4.2.1 - dotPDN LLC)
PassNow 2018.04.27.109 (HKLM-x32\...\{52728E2D-ED55-44CA-8640-E2CD22FAE771}_is1) (Version: 2018.04.27.109 - Rene.E Laboratory)
PowerToys (HKLM\...\{B1D89399-7B59-4256-812C-EA4255AB7A92}) (Version: 0.11.0 - Microsoft)
RAGE Multiplayer (HKLM-x32\...\{6FE30B47-2577-43AD-9095-1861CA25889C}) (Version: 1.0.0.0 - Adam)
Random Password Generator (HKLM-x32\...\Random Password Generator_is1) (Version: 1.0 - IObit)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8648 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Renee Becca 2016.12.15.288 (HKLM-x32\...\{A62CB332-45D9-47BD-86D5-A15F016FE2A0}_is1) (Version: 2016.12.15.288 - Rene.E Laboratory)
Resident Evil Revelations (HKLM-x32\...\Resident Evil Revelations_is1) (Version: - Capcom)
Rigs of Rods version 0.4.8.0 (HKLM\...\{EF536888-919D-47C0-8675-2F7AFA52EE27}_is1) (Version: 0.4.8.0 - Rigs of Rods)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Roblox Player for Maxime Glé (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.5.121 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.3.1 - Rockstar Games)
RomStation (HKLM-x32\...\{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1) (Version: - RomStation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.10168 - Microsoft Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.2452 - TeamViewer)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version: - Ubisoft)
TrackRacing Online 2019 version 3.0.2 (HKLM-x32\...\{EC4F38C4-B3C4-4559-8EA0-3D66C32AEC82}_is1) (Version: 3.0.2 - Somewhere In Russia)
TunnelBear (HKLM-x32\...\{58a01650-b45c-443b-a51e-90f586a63532}) (Version: 3.7.2.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{C7E7F8CF-E23A-4FC1-8AAC-8710A70490E3}) (Version: 3.7.2.0 - TunnelBear) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2017.4.15f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 78.1 - Ubisoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VRLove (HKLM-x32\...\{76FCE1DA-7F87-4883-8D07-2803D84B0C66}_is1) (Version: 0.8.8 - VR Life SL)
VSDC Free Video Editor version 6.3.3.968 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.3.968 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.15.1.0 - Winaero)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Avast Online Security -> C:\Program Files\WindowsApps\51CA791E.AvastOnlineSecurity_19.2.289.0_neutral__s1d0xtrs8dx04 [2019-07-20] (AVAST Software)
Circuit Overload -> C:\Program Files\WindowsApps\Microsoft.CircuitOverload_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Community Showcase Aqua -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseAqua_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Cosmic Beauty -> C:\Program Files\WindowsApps\Microsoft.CosmicBeauty_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation) [MS Ad]
Dashlane - Password Manager -> C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.1936.1.0_neutral__ks9qrcqmdm1bm [2019-09-22] (Dashlane)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-10-16] (Microsoft Corporation)
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Hawaiian Vacation -> C:\Program Files\WindowsApps\Microsoft.HawaiianVacation_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-20] (HP Inc.)
Melting Ice -> C:\Program Files\WindowsApps\Microsoft.MeltingIce_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Meteor Showers -> C:\Program Files\WindowsApps\Microsoft.MeteorShowers_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad]
Purple World -> C:\Program Files\WindowsApps\Microsoft.PurpleWorld_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Small Basic -> C:\Program Files\WindowsApps\Microsoft.SmallBasic_1.3.0.0_x86__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
The Adventures of Ninja Cat -> C:\Program Files\WindowsApps\Microsoft.TheAdventuresofNinjaCat_3.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Windows Terminal (Preview) -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_0.5.2681.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation)
Windows Throwback -> C:\Program Files\WindowsApps\Microsoft.WindowsThrowback_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19098.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19098.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2012-11-06 09:47 - 2012-11-06 09:47 - 000114688 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A6100\EnumDevLib.dll
2013-07-17 11:57 - 2013-07-17 11:57 - 000094208 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A6100\Realtek.dll
2012-11-05 18:15 - 2012-11-05 18:15 - 000290816 _____ (Netgear, Inc.) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\NtgrAdapterUpdateOld.dll
2013-07-03 18:05 - 2013-07-03 18:05 - 000524288 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\RtlLib.dll
2012-09-13 09:25 - 2012-09-13 09:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\IpLib.dll
2013-07-04 10:35 - 2013-07-04 10:35 - 000290816 _____ (Realtek) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\RtlIhvOid.dll
2009-07-23 17:32 - 2009-07-23 17:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\LIBEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\sharepoint.com -> hxxps://grandest-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-06-24 10:04 - 2019-10-12 15:51 - 000000080 _____ C:\WINDOWS\system32\drivers\etc\hosts

89.249.65.26 de-004.whiskergalaxy.com #added by Windscribe, do not modify.

2018-12-26 12:44 - 2019-10-14 17:44 - 000000438 ____C C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\user\AppData\Local\Microsoft\WindowsApps;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\ucrt;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\bin\Qt;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\bin\Ssl;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdvancedSystemCareService12 => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR A6100 Genie.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "zenvpn"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "WahOO"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "electron.app.Outline"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "DriverFix"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "com.squirrel.PenguinProxy.PenguinProxy"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "SoftMiner"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "appnhost"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Ubisoft Game Launcher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

16-10-2019 19:53:15 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2019 12:11:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4856,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (10/20/2019 11:56:06 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4560,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (10/20/2019 11:37:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2980,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (10/20/2019 11:24:57 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (10/20/2019 11:24:57 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, A system shutdown is in progress.
]

Error: (10/20/2019 11:24:57 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (10/20/2019 11:24:56 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, A system shutdown is in progress.
]

Error: (10/20/2019 11:21:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6540,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (10/20/2019 11:49:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service NcaSvc dépend du service iphlpsvc qui n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.

Error: (10/20/2019 11:49:29 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/20/2019 11:49:27 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.

Chemin d’accès du module : C:\WINDOWS\system32\Rtlihvs.dll
Code d’erreur : 126

Error: (10/20/2019 11:48:41 AM) (Source: sfdrv01a) (EventID: 12) (User: )
Description: Event-ID 12

Error: (10/20/2019 11:48:40 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: AUTORITE NT)
Description: 03225747456

Error: (10/20/2019 11:48:40 AM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 59) (User: AUTORITE NT)
Description: Hypervisor launch failed; Second Level Address Translation is required to launch the hypervisor.

Error: (10/20/2019 11:45:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Assistant Connectivité réseau dépend du service Assistance IP qui n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.

Error: (10/20/2019 11:26:37 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.


Windows Defender:
===================================
Date: 2019-07-18 14:57:38.858
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {134A96DC-0C00-4A9B-9C8B-9D2474D4B602}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2019-07-11 10:50:27.702
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {76FFA715-95C6-455E-A945-7D64E2E60C60}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2019-07-09 12:22:44.441
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Program Files (x86)\Steam\Crack Steam V7.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.297.713.0, AS: 1.297.713.0, NIS: 1.297.713.0
Version du moteur : AM: 1.1.16100.4, NIS: 1.1.16100.4

Date: 2019-07-08 11:55:08.085
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {A5801B8A-FF3D-4F91-BE38-ECD60EF88E5D}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2019-07-06 13:39:07.056
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Program Files (x86)\Steam\Crack Steam V7.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : PC-MAXIME\Maxime Glé
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.297.524.0, AS: 1.297.524.0, NIS: 1.297.524.0
Version du moteur : AM: 1.1.16100.4, NIS: 1.1.16100.4

Date: 2019-10-20 12:20:02.548
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1522.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-20 12:20:02.548
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1522.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-20 12:20:02.547
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1522.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-20 12:20:02.535
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1522.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-20 12:20:02.535
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1522.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

CodeIntegrity:
===================================

Date: 2019-10-20 11:51:33.678
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-20 11:51:33.623
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-20 11:28:41.630
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-20 11:28:41.565
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-20 10:59:06.968
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-20 10:59:06.841
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-20 10:02:31.709
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 10:02:31.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V28.6B1 10/08/2010
Motherboard: MSI G41M-S03 (MS-7592)
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 8191.24 MB
Available physical RAM: 4952.16 MB
Total Virtual: 18191.24 MB
Available Virtual: 14326.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:234.18 GB) NTFS

\\?\Volume{b5d356d6-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B5D356D6)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================