Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2019
Ran by Maxime Glé (20-10-2019 09:03:18)
Running from C:\Users\user\Desktop
Windows 10 Pro Version 1903 18362.356 (X64) (2019-05-27 12:14:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3857067193-2404044210-3273798446-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3857067193-2404044210-3273798446-503 - Limited - Disabled)
Guest (S-1-5-21-3857067193-2404044210-3273798446-501 - Limited - Disabled)
Maxime Glé (S-1-5-21-3857067193-2404044210-3273798446-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-3857067193-2404044210-3273798446-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4uKey for Android (HKLM-x32\...\4uKey for Android) (Version: - Tenorshare, Inc.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Advanced System Repair Pro (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Advanced System Repair Pro) (Version: 1.8.0.2 - Advanced System Repair, Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22749 - Microsoft Corporation)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Premium Sécurité (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Citra (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\{c3e507a6-a7a2-451b-bcd2-6742817cfc01}) (Version: 1.0.0 - Citra Team)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Dashlane (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Dashlane) (Version: 6.1915.0.19667 - Dashlane, Inc.)
DAZ Install Manager (64-bit) (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\DAZ Install Manager (64-bit) 1.2.0.6) (Version: 1.2.0.6 - DAZ 3D)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DevID Agent (HKLM-x32\...\DevID_Agent) (Version: 4,48 - DevID)
Discord (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.6.0 - IObit)
EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo PCTrans 10.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version: - EaseUS)
EdgeDeflector (HKLM-x32\...\EdgeDeflector) (Version: - )
Epic Games Launcher (HKLM-x32\...\{A17FC61C-F723-4856-9116-3087712BCB11}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fap CEO (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\{178A5BC0-9A11-4E4C-8314-0F9559684C77}) (Version: 0.918 - Boombox Games)
FileZilla Client 3.43.0 (HKLM-x32\...\FileZilla Client) (Version: 3.43.0 - Tim Kosse)
FiveM (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Girlvania (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\{837FAFB9-EBA5-4727-95AD-792C4F671531}) (Version: 1.2.2 - Girlvanic Studios)
Godzilla Creepypasta (HKLM-x32\...\Godzilla Creepypasta) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 2.0.1.2540 - IObit)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Letasoft Sound Booster 1.11.0.514 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.514 - Letasoft LLC)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Publisher 2016 - en-us (HKLM\...\PublisherRetail - en-us) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Teams) (Version: 1.2.00.10168 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mises à jour NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 69.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 69.0.1 (x64 fr)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.2 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
NETGEAR A6100 Genie (HKLM-x32\...\{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.30 - NETGEAR) Hidden
NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.30 - NETGEAR)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Nutaku 1.28.3 (HKLM\...\ac6ca4ec-406a-56ce-974e-5e616743d993) (Version: 1.28.3 - Nutaku.net)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\OpenIV) (Version: 3.1.1032 - .black/OpenIV Team)
OpenVPN 2.4.7-I601 (HKLM\...\OpenVPN) (Version: 2.4.7-I601 - OpenVPN Technologies, Inc.)
Oracle VM VirtualBox 6.0.10 (HKLM\...\{609C0401-C840-43DD-95F4-06A53BC3E352}) (Version: 6.0.10 - Oracle Corporation)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
paint.net (HKLM\...\{893D9E06-E352-4BE4-B8E4-CFADC08B8DBF}) (Version: 4.2.1 - dotPDN LLC)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
PassNow 2018.04.27.109 (HKLM-x32\...\{52728E2D-ED55-44CA-8640-E2CD22FAE771}_is1) (Version: 2018.04.27.109 - Rene.E Laboratory)
PowerToys (HKLM\...\{B1D89399-7B59-4256-812C-EA4255AB7A92}) (Version: 0.11.0 - Microsoft)
RAGE Multiplayer (HKLM-x32\...\{6FE30B47-2577-43AD-9095-1861CA25889C}) (Version: 1.0.0.0 - Adam)
Random Password Generator (HKLM-x32\...\Random Password Generator_is1) (Version: 1.0 - IObit)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.5.5.1013 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8648 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Renee Becca 2016.12.15.288 (HKLM-x32\...\{A62CB332-45D9-47BD-86D5-A15F016FE2A0}_is1) (Version: 2016.12.15.288 - Rene.E Laboratory)
Resident Evil Revelations (HKLM-x32\...\Resident Evil Revelations_is1) (Version: - Capcom)
Rigs of Rods version 0.4.8.0 (HKLM\...\{EF536888-919D-47C0-8675-2F7AFA52EE27}_is1) (Version: 0.4.8.0 - Rigs of Rods)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Roblox Player for Maxime Glé (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.5.121 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.3.1 - Rockstar Games)
RogueKiller version 13.5.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.5.4.0 - Adlice Software)
RomStation (HKLM-x32\...\{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1) (Version: - RomStation)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.)
SmartFTP Client (HKLM\...\{21917B8E-6D4B-4163-B6EB-A689AA4B56D3}) (Version: 9.0.2679.0 - SmartSoft Ltd.)
SmartFTP Client French (France) MUI (HKLM\...\{271EF404-0A76-41EB-B312-CEB32C19D48F}) (Version: 9.0.2679.0 - SmartSoft Ltd.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.28.9669 - SoftEther VPN Project)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - ${PRODUCT_PUBLISHER})
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.10168 - Microsoft Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.2452 - TeamViewer)
thriXXX-Launcher (HKLM-x32\...\thriXXX-Launcher) (Version: - thriXXX Software GmbH)
TI Connect™ CE (HKLM-x32\...\{8B1F3A89-E195-48CD-8487-A37BA5308E76}) (Version: 5.3.0.384 - Texas Instruments Inc.)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version: - Ubisoft)
TrackRacing Online 2019 version 3.0.2 (HKLM-x32\...\{EC4F38C4-B3C4-4559-8EA0-3D66C32AEC82}_is1) (Version: 3.0.2 - Somewhere In Russia)
TunnelBear (HKLM-x32\...\{58a01650-b45c-443b-a51e-90f586a63532}) (Version: 3.7.2.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{C7E7F8CF-E23A-4FC1-8AAC-8710A70490E3}) (Version: 3.7.2.0 - TunnelBear) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2017.4.15f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 78.1 - Ubisoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
Vertex Viewer 2019 (64-bit) 25.0 (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Vertex Viewer 2019 (64-bit)) (Version: 25.0.09 - Vertex Systems Oy)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VRLove (HKLM-x32\...\{76FCE1DA-7F87-4883-8D07-2803D84B0C66}_is1) (Version: 0.8.8 - VR Life SL)
VSDC Free Video Editor version 6.3.3.968 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.3.968 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Wargaming.net Game Center) (Version: 19.1.1.4317 - Wargaming.net)
Web Companion (HKLM-x32\...\{90707a8a-67f6-4f4a-b2ee-83b0b018fd9d}) (Version: 4.4.1950.3825 - Lavasoft)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.15.1.0 - Winaero)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World_of_Warships_Eu (HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Avast Online Security -> C:\Program Files\WindowsApps\51CA791E.AvastOnlineSecurity_19.2.289.0_neutral__s1d0xtrs8dx04 [2019-07-20] (AVAST Software)
Circuit Overload -> C:\Program Files\WindowsApps\Microsoft.CircuitOverload_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Community Showcase Aqua -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseAqua_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Cosmic Beauty -> C:\Program Files\WindowsApps\Microsoft.CosmicBeauty_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation) [MS Ad]
Dashlane - Password Manager -> C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.1936.1.0_neutral__ks9qrcqmdm1bm [2019-09-22] (Dashlane)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-10-16] (Microsoft Corporation)
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Hawaiian Vacation -> C:\Program Files\WindowsApps\Microsoft.HawaiianVacation_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-20] (HP Inc.)
Melting Ice -> C:\Program Files\WindowsApps\Microsoft.MeltingIce_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Meteor Showers -> C:\Program Files\WindowsApps\Microsoft.MeteorShowers_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad]
Purple World -> C:\Program Files\WindowsApps\Microsoft.PurpleWorld_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Small Basic -> C:\Program Files\WindowsApps\Microsoft.SmallBasic_1.3.0.0_x86__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
The Adventures of Ninja Cat -> C:\Program Files\WindowsApps\Microsoft.TheAdventuresofNinjaCat_3.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
Windows Terminal (Preview) -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_0.5.2681.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation)
Windows Throwback -> C:\Program Files\WindowsApps\Microsoft.WindowsThrowback_1.0.0.0_neutral__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19098.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001_Classes\CLSID\{85A6BE02-117C-4C76-B352-CE8D2AF1F526}\localserver32 -> C:\Program Files\SmartFTP Client\SmartFTP.exe (SmartSoft Ltd -> SmartSoft Ltd.)
CustomCLSID: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19098.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2019-07-07] (SmartSoft Ltd -> SmartSoft Ltd.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartFTP] -> {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} => C:\Program Files\SmartFTP Client\ShellTools.dll [2019-07-07] (SmartSoft Ltd -> SmartSoft Ltd.)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [SmartFTP] -> {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} => C:\Program Files\SmartFTP Client\ShellTools.dll [2019-07-07] (SmartSoft Ltd -> SmartSoft Ltd.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager (64-bit)\DAZ Install Manager (64-bit) Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811

==================== Loaded Modules (Whitelisted) ==============

2012-11-06 09:47 - 2012-11-06 09:47 - 000114688 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A6100\EnumDevLib.dll
2013-07-17 11:57 - 2013-07-17 11:57 - 000094208 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A6100\Realtek.dll
2013-07-03 18:05 - 2013-07-03 18:05 - 000524288 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\RtlLib.dll
2012-09-13 09:25 - 2012-09-13 09:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\IpLib.dll
2013-07-04 10:35 - 2013-07-04 10:35 - 000290816 _____ (Realtek) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\RtlIhvOid.dll
2009-07-23 17:32 - 2009-07-23 17:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\LIBEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\sharepoint.com -> hxxps://grandest-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-06-24 10:04 - 2019-10-12 15:51 - 000000080 _____ C:\WINDOWS\system32\drivers\etc\hosts

89.249.65.26 de-004.whiskergalaxy.com #added by Windscribe, do not modify.

2018-12-26 12:44 - 2019-10-14 17:44 - 000000438 ____C C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\user\AppData\Local\Microsoft\WindowsApps;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\ucrt;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\bin\Qt;C:\Users\user\AppData\Roaming\Dashlane\6.1907.0.17833\bin\Ssl;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdvancedSystemCareService12 => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR A6100 Genie.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "zenvpn"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "WahOO"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "electron.app.Outline"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "DriverFix"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "com.squirrel.PenguinProxy.PenguinProxy"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "SoftMiner"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "appnhost"
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\StartupApproved\Run: => "Ubisoft Game Launcher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5E220B19-BA63-41BF-9880-A92E8C0894FF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{3583FA45-B594-476F-A604-28E6A575BA5E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{E05B2F09-8055-4389-9D40-027F2ED75E59}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{16149510-28CB-4F3B-813E-2616BDB4452E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{49376978-020D-4155-AC4A-64FF7AA60348}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{42EF1340-9A9B-4A2A-8D39-AFC410CB6B26}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\AutoUpdate.exe (IObit Information Technology -> IObit)

==================== Restore Points =========================

16-10-2019 19:53:15 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2019 09:01:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6992,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (10/20/2019 08:54:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (600,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (10/20/2019 08:50:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/19/2019 08:54:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (10/19/2019 08:54:26 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, A system shutdown is in progress.
]

Error: (10/19/2019 07:19:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante A6100.exe, version : 1.0.0.12, horodatage : 0x51e61624
Nom du module défaillant : MFC42.DLL, version : 6.6.8063.0, horodatage : 0xd5a48365
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0002a3d8
ID du processus défaillant : 0x11b8
Heure de début de l’application défaillante : 0x01d58658b013e9c9
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\NETGEAR\A6100\A6100.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\MFC42.DLL
ID de rapport : b2dddec2-8b5d-4b07-866b-5a3369d36396
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (10/19/2019 12:08:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme explorer.exe version 10.0.18362.329 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : 40c

Heure de début : 01d58658af9fbfce

Heure d'arrêt : 0

Chemin d'accès à l'application : C:\Windows\explorer.exe

ID de rapport : 2f23170d-90ef-475e-8d7d-e67ba279ceda

Nom complet du package défectueux :

ID de l'application relative à un package défectueux :

Type de blocage : Unknown

Error: (10/19/2019 10:58:59 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10040,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (10/20/2019 08:49:03 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.

Error: (10/20/2019 08:47:20 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/20/2019 08:47:16 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.

Error: (10/20/2019 08:47:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.

Chemin d’accès du module : C:\WINDOWS\system32\Rtlihvs.dll
Code d’erreur : 126

Error: (10/20/2019 08:47:14 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.

Error: (10/20/2019 08:46:41 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.

Error: (10/20/2019 08:46:41 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.

Error: (10/20/2019 08:46:41 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.


Windows Defender:
===================================
Date: 2019-07-18 14:57:38.858
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {134A96DC-0C00-4A9B-9C8B-9D2474D4B602}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2019-07-11 10:50:27.702
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {76FFA715-95C6-455E-A945-7D64E2E60C60}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2019-07-09 12:22:44.441
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Program Files (x86)\Steam\Crack Steam V7.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.297.713.0, AS: 1.297.713.0, NIS: 1.297.713.0
Version du moteur : AM: 1.1.16100.4, NIS: 1.1.16100.4

Date: 2019-07-08 11:55:08.085
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {A5801B8A-FF3D-4F91-BE38-ECD60EF88E5D}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2019-07-06 13:39:07.056
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Program Files (x86)\Steam\Crack Steam V7.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : PC-MAXIME\Maxime Glé
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.297.524.0, AS: 1.297.524.0, NIS: 1.297.524.0
Version du moteur : AM: 1.1.16100.4, NIS: 1.1.16100.4

Date: 2019-10-12 10:05:15.977
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1128.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-12 10:05:15.976
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1128.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-12 10:05:15.975
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1128.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-12 10:05:15.958
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1128.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

Date: 2019-10-12 10:05:15.957
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.303.1128.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.16400.2
Code d’erreur : 0x80072ee7
Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu

CodeIntegrity:
===================================

Date: 2019-10-20 08:52:07.336
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:52:07.323
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:52:07.307
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:52:07.293
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:52:07.214
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:49:40.395
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:49:40.382
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:49:39.934
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V28.6B1 10/08/2010
Motherboard: MSI G41M-S03 (MS-7592)
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 37%
Total physical RAM: 8191.24 MB
Available physical RAM: 5153.17 MB
Total Virtual: 18191.24 MB
Available Virtual: 14811.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:224.85 GB) NTFS

\\?\Volume{b5d356d6-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B5D356D6)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================