Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021
Ran by Toshiba (administrator) on APPLE (TOSHIBA Satellite P50-A) (04-06-2021 00:35:21)
Running from C:\Users\Toshiba\Downloads
Loaded Profiles: Toshiba
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: French (France) -> English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Private Tunnel\agent_privatetunnel_1595502586572.exe
() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\RemoteComponents\UPI\ExManCoreLib\AdobeExtensionsService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_e37a98374075e5b1\dynabookHDDProtection.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\RMService.exe
(IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microleaves LTD -> Advanced Windows Manager) C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <6>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(OpenVPN) [File not signed] C:\Program Files\Private Tunnel\PrivateTunnel.exe <3>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [122592 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-06-03] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-06-03] (Adobe Inc. -> )
HKU\S-1-5-21-3874672918-1512682118-2145547734-1001\...\Run: [Google Update] => C:\Users\Toshiba\AppData\Local\Google\Update\1.3.36.82\GoogleUpdateCore.exe [217432 2021-04-22] (Google LLC -> Google LLC)
HKU\S-1-5-21-3874672918-1512682118-2145547734-1001\...\Run: [icq.desktop] => C:\Users\Toshiba\AppData\Roaming\ICQ\bin\icq.exe [111647968 2021-05-27] (LLC Mail.Ru -> )
HKLM\...\Print\Monitors\HDP5000 Language Monitor: C:\Windows\system32\HDP5000LM.DLL [257024 2014-03-21] (Microsoft Windows Hardware Compatibility Publisher -> HID Global)
HKLM\...\Print\Monitors\HDP5000 TCP/IP Card Printer Port: C:\WINDOWS\system32\HDP5000Port.dll [111616 2010-04-12] (Microplex Systems Ltd.) [File not signed]
HKLM\...\Print\Monitors\HDPii-HDPiiplus TCP/IP Card Printer Port: C:\WINDOWS\system32\HDPii-HDPiiplusPort.dll [111616 2010-04-12] (Microplex Systems Ltd.) [File not signed]
Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-01-22]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gajim.lnk [2021-05-10]
ShortcutTarget: Gajim.lnk -> C:\Program Files\Gajim\bin\Gajim.exe (Gajim) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23EC3EAC-671D-4B7C-8BDB-47E632044B36} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {25E92EED-2357-4231-9EF1-0DC1F91FA222} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {295F5AAE-7FEA-451A-B140-A532397EA3B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B83BD3F-328C-4E5F-AB0D-C4F30D6B6001} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3874672918-1512682118-2145547734-1001UA => C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2020-11-30] (Google Inc -> Google Inc.)
Task: {2C52FF6F-2D8C-46B8-A659-ECFE13E95FD8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4808928 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
Task: {34E4AD3C-A745-4CA7-A34E-38D2F08B30EE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4E7FFA89-3518-42FC-A8E5-385C875EF334} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3874672918-1512682118-2145547734-1001Core => C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2020-11-30] (Google Inc -> Google Inc.)
Task: {52C6BD44-4B9D-449B-8BBC-932290D328A2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {57E6A252-C095-49D6-B71F-2413EC51F656} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-06-03] (Avast Software s.r.o. -> Avast Software)
Task: {620071BE-47C5-41D6-9013-C5FF12CAE969} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EEBE396-6CB5-4367-9154-5C7F97A0BC80} - System32\Tasks\AdvancedWindowsManager #1 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe [482624 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {A747D86D-D351-45FF-A122-89761B30EEDD} - System32\Tasks\AdvancedWindowsManager #4 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe [482624 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {ADD21268-61FB-4E91-839A-619D794CB7E0} - System32\Tasks\AdvancedWindowsManager #5 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe [482624 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {B4D13F10-B7E7-4622-AD16-C59CFB5F1EE1} - System32\Tasks\AdvancedWindowsManager #6 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe [482624 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {C632D941-5D64-4DE9-A589-9EF744DA8465} - System32\Tasks\Microsoft Office 15 Sync Maintenance for APPLE-Toshiba APPLE => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D005AF34-A409-4CE4-8367-DBA116695F88} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4AD2FDB-2C94-45C5-AE1D-BBA0DA9FF7FD} - System32\Tasks\AdvancedWindowsManager #2 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe [482624 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {EFD53A2F-C334-4D28-8B5E-97E72B58FEE6} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1010800 2021-05-07] (Microleaves LTD -> AW Manager) <==== ATTENTION
Task: {FC31D1AE-1D6A-44DE-A743-67B2843FEDBC} - System32\Tasks\AdvancedWindowsManager #3 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe [482624 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{022538ec-25c6-45a4-927e-9c7ba77ff84c}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{84ea2ec3-dab2-4565-8808-1566359c4b98}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d71880e2-674c-4cf5-b161-bf52c4ccfa38}: [NameServer] 10.9.0.1
DnsPolicyConfig: [OpenVPNDNSRouting-0] => GenericDNSServers=10.9.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Toshiba\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-03]

FireFox:
========
FF DefaultProfile: d64i004s.default
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\d64i004s.default [2021-01-20]
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\mp3seue7.default-release [2021-06-04]
FF Homepage: Mozilla\Firefox\Profiles\mp3seue7.default-release -> www.google.ca
FF Notifications: Mozilla\Firefox\Profiles\mp3seue7.default-release -> hxxps://www.xmpp.jp
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-06-03] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-06-03] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default [2021-06-03]
CHR Extension: (Slides) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-02]
CHR Extension: (Docs) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-02]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-02]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-06-02]
CHR Extension: (Sheets) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-02]
CHR Extension: (Google Docs Offline) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-02]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-06-03] (Adobe Inc. -> Adobe Inc.)
R2 agent_privatetunnel; C:\Program Files\Private Tunnel\agent_privatetunnel_1595502586572.exe [2432512 2020-07-23] () [File not signed]
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8151120 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [622816 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [370400 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\DSDFunctionKeyCtlService.exe [615776 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
R2 TSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\thpevm.inf_amd64_e37a98374075e5b1\dynabookHDDProtection.exe [425792 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\dynabookSystemService.exe [44767048 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\TOSTABSYSSVC.exe [296272 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\RMService.exe [446248 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [118088 2018-10-08] (Alcorlink Corp. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561680 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
R3 tap_privatetunnel; C:\WINDOWS\System32\drivers\tap_privatetunnel.sys [40128 2020-07-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27384 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\TosSrvCtlDrv.sys [25816 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2021-05-28] (IDRIX SARL -> IDRIX)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-04 00:35 - 2021-06-04 00:37 - 000022785 _____ C:\Users\Toshiba\Downloads\FRST.txt
2021-06-04 00:34 - 2021-06-04 00:36 - 000000000 ____D C:\FRST
2021-06-04 00:33 - 2021-06-04 00:34 - 000000762 _____ C:\Users\Toshiba\Desktop\etap comment ca marche.txt
2021-06-04 00:32 - 2021-06-04 00:32 - 002300416 _____ (Farbar) C:\Users\Toshiba\Downloads\FRST64.exe
2021-06-03 18:07 - 2021-06-03 18:12 - 000000000 _____ C:\Users\Toshiba\Desktop\Mario
2021-06-03 17:41 - 2021-06-03 17:41 - 000000000 ____D C:\Users\Toshiba\AppData\LocalLow\Adobe
2021-06-03 17:41 - 2021-06-03 17:41 - 000000000 ____D C:\Users\Toshiba\AppData\Local\NVIDIA
2021-06-03 17:22 - 2021-06-03 17:22 - 000000000 ____D C:\Users\Toshiba\Documents\Adobe
2021-06-03 17:22 - 2021-06-03 17:22 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\NVIDIA
2021-06-03 17:21 - 2021-06-03 17:21 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-06-03 17:01 - 2021-06-03 17:01 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\AnyDesk
2021-06-03 16:51 - 2021-06-03 16:51 - 000000000 ___RD C:\Users\Toshiba\Creative Cloud Files
2021-06-03 16:50 - 2021-06-03 16:50 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-06-03 16:46 - 2021-06-03 16:46 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-06-03 16:46 - 2021-06-03 16:46 - 000001356 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-06-03 16:45 - 2021-06-03 17:23 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-03 16:45 - 2021-06-03 17:23 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-06-03 16:45 - 2021-06-03 16:59 - 000000000 ____D C:\ProgramData\Adobe
2021-06-03 16:45 - 2021-06-03 16:45 - 003218432 _____ (Adobe Inc.) C:\Users\Toshiba\Downloads\Photoshop_Set-Up(1).exe
2021-06-03 16:44 - 2021-06-03 17:21 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-03 16:44 - 2021-06-03 16:51 - 000000000 ____D C:\Program Files\Adobe
2021-06-03 16:44 - 2021-06-03 16:50 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-03 16:40 - 2021-06-03 16:51 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Adobe
2021-06-03 16:34 - 2021-06-03 16:34 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Isogram
2021-06-03 16:32 - 2021-06-03 16:32 - 000003932 _____ C:\WINDOWS\system32\Tasks\AdvancedUpdater
2021-06-03 16:32 - 2021-06-03 16:32 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #6
2021-06-03 16:32 - 2021-06-03 16:32 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #5
2021-06-03 16:32 - 2021-06-03 16:32 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #4
2021-06-03 16:32 - 2021-06-03 16:32 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #3
2021-06-03 16:32 - 2021-06-03 16:32 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #2
2021-06-03 16:32 - 2021-06-03 16:32 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #1
2021-06-03 16:32 - 2021-06-03 16:32 - 000000000 ___HD C:\avast! sandbox
2021-06-03 16:32 - 2021-06-03 16:32 - 000000000 ____D C:\Users\Toshiba\AppData\Local\AdvinstAnalytics
2021-06-03 16:32 - 2021-06-03 16:32 - 000000000 ____D C:\Program Files (x86)\AW Manager
2021-06-03 16:29 - 2021-06-03 16:31 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-06-03 16:09 - 2021-06-03 16:11 - 000002161 _____ C:\MyFile.txt
2021-06-03 15:15 - 2021-06-03 15:15 - 000000000 ___HD C:\$AV_ASW
2021-06-03 15:12 - 2021-06-03 16:23 - 000000000 ____D C:\Users\Toshiba\AppData\Local\CrashDumps
2021-06-03 15:00 - 2021-06-03 17:07 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Avast Software
2021-06-03 15:00 - 2021-06-03 15:00 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-06-03 15:00 - 2021-06-03 15:00 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-06-03 15:00 - 2021-06-03 15:00 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Avast Software
2021-06-03 15:00 - 2021-06-03 15:00 - 000000000 ____D C:\Users\Toshiba\AppData\Local\CEF
2021-06-03 14:57 - 2021-06-03 14:57 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-06-03 14:57 - 2021-06-03 14:57 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-06-03 14:57 - 2021-06-03 14:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-06-03 14:57 - 2021-06-03 14:57 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-06-03 14:57 - 2021-06-03 14:56 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-06-03 14:57 - 2021-06-03 14:56 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-06-03 14:57 - 2021-06-03 14:56 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-06-03 14:54 - 2021-06-03 16:20 - 000000000 ____D C:\ProgramData\Avast Software
2021-06-03 14:54 - 2021-06-03 14:54 - 000000000 ____D C:\Program Files\Avast Software
2021-06-03 14:44 - 2021-06-03 15:15 - 000000014 _____ C:\ProgramData\krosqm.txt
2021-06-03 14:27 - 2021-06-03 14:28 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2021-06-03 14:26 - 2021-06-03 16:45 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-03 14:26 - 2021-06-03 14:26 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Package Cache
2021-06-03 14:23 - 2021-06-04 00:27 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\qBittorrent
2021-06-03 14:23 - 2021-06-03 15:31 - 000000000 ____D C:\Users\Toshiba\AppData\Local\qBittorrent
2021-06-03 14:23 - 2021-06-03 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-06-03 14:23 - 2021-06-03 14:23 - 000000000 ____D C:\Program Files\qBittorrent
2021-06-03 14:18 - 2021-06-03 14:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-03 13:58 - 2021-06-03 13:58 - 003763944 _____ (AnyDesk Software GmbH) C:\Users\Toshiba\Downloads\AnyDesk.exe
2021-06-03 05:42 - 2021-06-03 05:49 - 863563220 _____ C:\Users\Toshiba\Downloads\RMB.zip
2021-06-02 10:37 - 2021-06-02 10:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-06-02 08:36 - 2021-06-03 15:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-01 20:25 - 2021-06-01 20:25 - 000000000 __HDC C:\ProgramData\{04987608-BD59-4BB5-B1C7-C84B1BEBE8F3}
2021-06-01 20:25 - 2021-06-01 20:25 - 000000000 ____D C:\Users\Toshiba\AppData\Local\HID_Global
2021-06-01 20:25 - 2021-06-01 20:25 - 000000000 ____D C:\ProgramData\HID Global
2021-06-01 20:25 - 2021-06-01 20:25 - 000000000 ____D C:\Program Files (x86)\HID Global
2021-06-01 20:24 - 2014-03-21 15:00 - 000111616 _____ (HID Global) C:\WINDOWS\system32\HDP5000PNP.dll
2021-06-01 20:20 - 2021-06-02 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HID Global
2021-06-01 20:20 - 2021-06-01 20:20 - 000000000 __HDC C:\ProgramData\{2D2C0A53-8E8D-4CD6-BD82-8B7868FF0DE9}
2021-06-01 20:20 - 2021-06-01 20:20 - 000000000 ____D C:\Users\Toshiba\AppData\Local\PackageAware
2021-06-01 20:20 - 2021-06-01 20:20 - 000000000 ____D C:\Program Files\HID Global
2021-05-28 21:18 - 2021-06-03 17:22 - 000000000 ____D C:\Users\Toshiba\AppData\Local\D3DSCache
2021-05-28 01:36 - 2021-05-28 01:36 - 2147483648 _____ C:\Users\Toshiba\Desktop\Yoshi
2021-05-28 01:30 - 2021-05-28 01:30 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\VeraCrypt
2021-05-28 01:11 - 2021-05-28 01:11 - 000000888 _____ C:\Users\Public\Desktop\VeraCrypt.lnk
2021-05-28 01:11 - 2021-05-28 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2021-05-28 01:10 - 2021-05-28 01:10 - 000831616 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2021-05-28 01:10 - 2021-05-28 01:10 - 000000000 ____D C:\Program Files\VeraCrypt
2021-05-27 22:39 - 2021-05-27 22:39 - 000000000 ____D C:\Users\Toshiba\AppData\Local\ElevatedDiagnostics
2021-05-27 22:15 - 2021-05-27 22:15 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\TTBData
2021-05-27 22:15 - 2021-05-27 22:15 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Proxy Monitor
2021-05-27 22:10 - 2021-05-27 22:10 - 000000000 ____D C:\Users\Toshiba\Desktop\911
2021-05-27 22:10 - 2021-05-27 22:10 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\WinRAR
2021-05-27 22:08 - 2021-05-27 22:09 - 027795729 _____ C:\Users\Toshiba\Downloads\2021-04-11.zip
2021-05-26 13:16 - 2021-05-26 13:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-26 13:16 - 2021-05-26 13:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-26 13:16 - 2021-05-26 13:16 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-26 13:16 - 2021-05-26 13:16 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-26 13:16 - 2021-05-26 13:16 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-26 13:16 - 2021-05-26 13:16 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-26 13:16 - 2021-05-26 13:16 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-26 13:16 - 2021-05-26 13:16 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-26 13:15 - 2021-05-26 13:15 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-26 13:15 - 2021-05-26 13:15 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-26 13:15 - 2021-05-26 13:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-26 13:15 - 2021-05-26 13:15 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-26 13:15 - 2021-05-26 13:15 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-26 13:14 - 2021-05-26 13:14 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 04:00 - 2021-05-12 04:00 - 000000000 ___HD C:\$WinREAgent
2021-05-11 23:56 - 2021-05-11 23:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-11 03:29 - 2021-05-11 03:29 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-05-11 03:28 - 2021-05-11 03:28 - 000000000 ____D C:\Users\Toshiba\AppData\Local\PlaceholderTileLogoFolder
2021-05-11 03:23 - 2021-05-11 03:23 - 000002352 _____ C:\Users\Toshiba\Desktop\Microsoft Edge.lnk
2021-05-11 03:23 - 2021-05-11 03:23 - 000000000 ___RD C:\Users\Toshiba\3D Objects
2021-05-11 03:21 - 2021-05-11 03:21 - 000000020 ___SH C:\Users\Toshiba\ntuser.ini
2021-05-10 17:50 - 2021-06-04 00:28 - 000005294 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for APPLE-Toshiba APPLE
2021-05-10 17:50 - 2021-06-03 16:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-10 17:50 - 2021-05-27 21:21 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3874672918-1512682118-2145547734-1001
2021-05-10 17:50 - 2021-05-10 17:50 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-10 17:50 - 2021-05-10 17:50 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d745e48cd8ae24
2021-05-10 17:50 - 2021-05-10 17:50 - 000003528 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3874672918-1512682118-2145547734-1001UA
2021-05-10 17:50 - 2021-05-10 17:50 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3874672918-1512682118-2145547734-1001Core
2021-05-10 17:49 - 2021-05-10 17:49 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-05-10 17:49 - 2021-05-10 17:49 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-05-10 17:41 - 2021-06-03 16:24 - 001678018 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-10 17:31 - 2021-06-03 16:51 - 000000000 ____D C:\Users\Toshiba
2021-05-10 17:31 - 2021-05-27 21:20 - 000002373 _____ C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Voisinage réseau
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Voisinage d'impression
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Modèles
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Mes documents
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Menu Démarrer
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Documents\Mes vidéos
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Documents\Mes images
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\Documents\Ma musique
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2021-05-10 17:31 - 2021-05-10 17:31 - 000000000 _SHDL C:\Users\Toshiba\AppData\Local\Historique
2021-05-10 17:29 - 2021-05-28 08:09 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-10 17:23 - 2021-06-04 00:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-10 17:23 - 2021-06-03 16:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-10 17:23 - 2021-05-27 21:13 - 000442272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-10 16:04 - 2021-06-03 15:24 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Gajim
2021-05-10 16:04 - 2021-06-03 15:24 - 000000000 ____D C:\Users\Toshiba\.dbus-keyrings
2021-05-10 16:04 - 2021-05-10 17:32 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gajim
2021-05-10 16:04 - 2021-05-10 16:04 - 000001088 _____ C:\Users\Toshiba\Desktop\Gajim.lnk
2021-05-10 16:04 - 2021-05-10 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gajim
2021-05-10 16:03 - 2021-05-10 16:04 - 000000000 ____D C:\Program Files\Gajim
2021-05-10 16:03 - 2021-05-10 16:04 - 000000000 ____D C:\Program Files (x86)\Pidgin
2021-05-10 12:20 - 2021-05-10 12:22 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-05-10 12:15 - 2021-05-10 12:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-05-10 12:15 - 2021-05-10 12:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-05-10 12:12 - 2021-05-10 12:12 - 000000000 ____D C:\ProgramData\ssh
2021-05-10 12:08 - 2021-05-10 12:08 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-05-10 12:08 - 2021-05-10 12:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-05-10 12:08 - 2021-05-10 12:08 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-05-10 12:08 - 2021-05-10 12:08 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-05-10 12:08 - 2021-05-10 12:08 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-05-10 12:08 - 2021-05-10 12:08 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-05-10 12:07 - 2021-05-10 12:07 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-05-10 12:07 - 2021-05-10 12:07 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-05-10 12:07 - 2021-05-10 12:07 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-05-10 12:07 - 2021-05-10 12:07 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-05-10 12:07 - 2021-05-10 12:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-05-10 12:07 - 2021-05-10 12:07 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-05-10 12:07 - 2021-05-10 12:07 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-05-10 12:07 - 2021-05-10 12:07 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-05-10 12:07 - 2021-05-10 12:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-05-10 12:07 - 2021-05-10 12:07 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-05-10 12:07 - 2021-05-10 12:07 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-05-10 12:07 - 2021-05-10 12:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-05-10 12:07 - 2021-05-10 12:07 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-05-10 12:07 - 2021-05-10 12:07 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-05-10 12:07 - 2021-05-10 12:07 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-05-10 12:07 - 2021-05-10 12:07 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-05-10 12:07 - 2021-05-10 12:07 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-05-10 12:06 - 2021-05-10 12:06 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-05-10 12:06 - 2021-05-10 12:06 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-05-10 12:06 - 2021-05-10 12:06 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-05-10 12:06 - 2021-05-10 12:06 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-05-10 12:06 - 2021-05-10 12:06 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-05-10 12:06 - 2021-05-10 12:06 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-05-10 12:05 - 2021-05-10 12:05 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-10 12:05 - 2021-05-10 12:05 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-05-10 12:05 - 2021-05-10 12:05 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-05-10 12:05 - 2021-05-10 12:05 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-05-10 12:05 - 2021-05-10 12:05 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-05-10 12:05 - 2021-05-10 12:05 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-05-10 12:05 - 2021-05-10 12:05 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-05-10 12:05 - 2021-05-10 12:05 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-05-10 12:05 - 2021-05-10 12:05 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-05-10 12:05 - 2021-05-10 12:05 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-05-10 12:05 - 2021-05-10 12:05 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-05-10 12:04 - 2021-05-10 12:04 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-05-10 12:04 - 2021-05-10 12:04 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-10 12:04 - 2021-05-10 12:04 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-05-10 12:04 - 2021-05-10 12:04 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-05-10 12:04 - 2021-05-10 12:04 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-05-10 12:04 - 2021-05-10 12:04 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-05-10 12:04 - 2021-05-10 12:04 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-05-10 11:49 - 2021-05-10 11:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-05-10 11:49 - 2021-05-10 11:49 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-04 00:33 - 2021-01-20 02:19 - 000000000 ____D C:\Users\Toshiba\AppData\LocalLow\Mozilla
2021-06-04 00:27 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-04 00:15 - 2021-01-20 02:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-04 00:13 - 2021-01-22 14:46 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Private Tunnel
2021-06-03 18:02 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-03 18:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-03 17:22 - 2020-11-30 17:26 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Adobe
2021-06-03 16:48 - 2020-11-30 19:38 - 000000000 ____D C:\ProgramData\Packages
2021-06-03 16:48 - 2020-11-30 17:26 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Packages
2021-06-03 16:45 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-03 16:24 - 2019-12-07 10:50 - 000754942 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-03 16:24 - 2019-12-07 10:50 - 000140308 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-03 16:24 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-03 16:21 - 2020-11-30 17:37 - 000000000 __SHD C:\Users\Toshiba\IntelGraphicsProfiles
2021-06-03 16:20 - 2020-11-30 17:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-03 16:20 - 2020-11-30 17:37 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-03 16:19 - 2019-12-07 05:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-06-03 15:19 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-03 15:07 - 2021-01-20 02:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-03 14:57 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-03 14:18 - 2021-01-20 02:19 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-02 23:28 - 2021-01-22 23:20 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Telegram Desktop
2021-06-01 20:40 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-28 00:39 - 2021-01-20 02:25 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\ICQ
2021-05-27 23:58 - 2020-11-30 18:15 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Google
2021-05-27 21:22 - 2020-11-30 18:25 - 000002512 _____ C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 21:22 - 2020-11-30 18:25 - 000002475 _____ C:\Users\Toshiba\Desktop\Google Chrome.lnk
2021-05-27 21:20 - 2020-11-30 17:29 - 000000000 ___RD C:\Users\Toshiba\OneDrive
2021-05-27 21:17 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-27 21:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-27 21:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-27 21:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-27 21:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-27 21:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-27 21:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-27 21:09 - 2019-12-07 10:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-27 21:09 - 2019-12-07 10:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-27 21:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-26 13:24 - 2021-04-16 18:06 - 000000000 ___DC C:\WINDOWS\Panther
2021-05-26 13:21 - 2019-12-07 10:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-19 19:44 - 2021-01-20 04:48 - 000000694 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-05-18 13:31 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR
2021-05-17 23:08 - 2021-01-20 02:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-13 02:44 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-12 05:12 - 2020-11-30 22:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 05:09 - 2020-11-30 22:03 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 12:12 - 2020-11-30 22:03 - 000000000 ____D C:\Program Files\rempl
2021-05-11 04:59 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-05-11 03:44 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-11 03:25 - 2020-11-30 17:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-11 03:23 - 2020-11-30 17:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-05-11 03:22 - 2020-11-30 17:26 - 000000000 ____D C:\Users\Toshiba\AppData\Local\ConnectedDevicesPlatform
2021-05-10 17:53 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-05-10 17:50 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows NT
2021-05-10 17:50 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-10 17:50 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-10 17:41 - 2019-12-07 05:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-05-10 17:32 - 2021-01-22 23:20 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2021-05-10 17:32 - 2021-01-20 02:25 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2021-05-10 17:32 - 2020-11-30 18:26 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-10 17:29 - 2020-11-30 17:40 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-10 17:28 - 2020-11-30 17:37 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-05-10 12:22 - 2021-01-22 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Private Tunnel
2021-05-10 12:22 - 2020-11-30 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-10 12:22 - 2020-11-30 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-05-10 12:22 - 2020-11-30 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-05-10 12:22 - 2020-11-30 18:12 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-05-10 12:22 - 2020-11-30 18:10 - 000000000 ____D C:\Program Files\IDT
2021-05-10 12:22 - 2020-11-30 17:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-10 12:22 - 2020-11-30 17:37 - 000000000 ____D C:\Program Files\Intel
2021-05-10 12:22 - 2019-12-07 05:18 - 000000000 ____D C:\WINDOWS\Setup
2021-05-10 12:22 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-05-10 12:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-05-10 12:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-05-10 12:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Help
2021-05-10 12:22 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-10 12:22 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-05-10 12:22 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-05-10 12:22 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\InfusedApps
2021-05-10 12:20 - 2020-11-30 17:45 - 000000000 ____D C:\Program Files\Synaptics
2021-05-10 12:20 - 2020-11-30 17:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-05-10 12:20 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Resources
2021-05-10 12:12 - 2019-12-07 10:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-05-10 12:12 - 2019-12-07 10:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-10 12:12 - 2019-12-07 10:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2021-05-10 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-10 12:11 - 2019-12-07 10:53 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-05-10 11:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-05-10 11:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-05-10 11:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-05-10 11:47 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-05-10 11:47 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-05-10 11:44 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-05-10 11:44 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-05-10 11:44 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-05-10 11:44 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-05-10 11:44 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-05-10 11:44 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-05-10 11:44 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\dsc

==================== Files in the root of some directories ========

2021-06-03 17:23 - 2021-06-03 17:23 - 000000000 _____ () C:\Users\Toshiba\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================