Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-10-2019
Ran by Maxime Glé (administrator) on PC-MAXIME (Viglen VIG625M) (20-10-2019 12:15:30)
Running from C:\Users\user\Documents\Outils\Outils
Loaded Profiles: Maxime Glé (Available Profiles: Maxime Glé & Administrator)
Platform: Windows 10 Pro Version 1903 18362.356 (X64) Language: Anglais (Royaume-Uni)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PreCare_IObitDel.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PreMalScn_IObitDel.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\user\AppData\Local\Temp\7FA016F9-43E3-4DFD-B0FF-BFC0DF65376B\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\AuthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.387_none_5f0e233a5902e7db\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(NETGEAR -> NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
(NETGEAR -> Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2019-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Run: [Ubisoft Game Launcher] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe [470872 2019-08-16] (Ubisoft Entertainment Sweden AB -> Ubisoft)
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\MountPoints2: {c98954ce-2c83-11e9-9dc7-6c626daf4379} - "E:\MCG-SB3Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-26] (Google LLC -> Google LLC)
IFEO\ChangeIcs.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DiscSoftBusServiceLite.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTAgent.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTCommandLine.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTLauncher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTLite.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTLiteHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTShellHlp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\Extractor.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashPlayerPlugin_32_0_0_255.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashPlayerUpdateService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashUtil32_32_0_0_255_Plugin.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashUtil_ActiveX.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\RazerInstaller.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SPTDinst-x64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\subinacl.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\TeamViewer_Note.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\tstunnel.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpnclient.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpncmd.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpncmgr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpninstall.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpnsetup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpnsetup_x64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\Windscribe.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WindscribeInstallHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WindscribeLauncher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\windscribeopenvpn_2_3_18.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\windscribeopenvpn_2_4_6.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WindscribeService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\wsappcontrol.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\wstunnel.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2019-10-15]
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (NETGEAR -> Realtek Semiconductor Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070A36F0-2FD6-42AF-A271-47705041C58E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0AD2BF0A-FB22-4837-B479-60C399DD23FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {206FA45E-68AB-4904-B2B0-8C36E148808C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {26C899A7-93AB-45CA-8785-AE31820A13F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CB4B553-A260-4878-A0DB-D06FCA5EDF14} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {345CC4F7-79C7-4520-9B59-8250B2E22DAE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {3E3BA981-9BCD-4A5D-B043-DD0DF0F12BE8} - System32\Tasks\ASC12_SkipUac_Maxime Glé => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {43DDBC7A-51F8-416E-BBE3-4385CE6AFCD2} - System32\Tasks\PowerToys\Autorun for Maxime Glé => C:\Program Files\PowerToys\PowerToys.exe [636664 2019-09-05] (Janea Systems, Inc. -> Microsoft Corp.)
Task: {447B0C0D-E1F0-4645-883B-9EB44C11F420} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48DA095E-202A-40F4-8CAA-29C977573E1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B08F6C6-9574-41E6-B6CE-AED598B8A133} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {4CA0A97E-A9CD-43C6-BFD9-D4B0D903764F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-28] (Adobe Inc. -> Adobe)
Task: {5238CF76-D3D2-488F-83BF-C9D2554DF374} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FDE6F2-C40A-4C14-8930-3C0F0C66194B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {561A1727-EAD9-4F6F-9B0C-3C1BB43E1962} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61C4BA20-0EFC-47F7-8178-34EDD573D698} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {669FAA49-F2CE-47AF-9E40-AECAB11F90ED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295760 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7581B5EB-9009-4B67-84B9-55436DD2AC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {764A667E-01D7-4814-9A31-4E2305771628} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1578024 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B418FE2-0D41-4309-91B3-C96956B4A3F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DA51D60-AC2F-40C8-9AA3-8531756FB2F6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-28] (Adobe Inc. -> Adobe)
Task: {A1CB3504-1594-4777-8629-DF9372C125DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-29] (Google Inc -> Google LLC)
Task: {A784328E-1999-4213-A63E-E68AC0289DAC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC5D43B8-6208-4521-8980-9E791BBB424B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACE82410-26D8-4DD5-8882-2637605F37E5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC6097F7-35BE-4AB8-96A3-2FEB0E7AE416} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {BC722A12-8F69-4DE9-9F00-417BF9DB078B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295760 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C230467E-75C4-454F-ABE7-09E4B70C87DF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C903B960-1061-4194-A051-FF59EA0C16AD} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {CABCF9D5-BC48-436D-89D0-3C24AB1BA3B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-29] (Google Inc -> Google LLC)
Task: {CC152300-1E4F-4F59-B08B-8D95C3FF0C24} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D05ECE87-DA26-42B5-B469-9F38F0AC3DB0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D44E69BF-1C8F-4A0E-ADDA-76CD4D8F554C} - System32\Tasks\AdobeGCInvoker-1.0-PC-MAXIME-Maxime Glé => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {D6EE66B3-13BB-4938-92AE-C048406F689B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DACFA503-F569-416E-854F-2A1D56976E3A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0BACAEE-C735-4AF1-BF7C-0355954BB849} - System32\Tasks\Uninstaller_SkipUac_Maxime_Glé => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {EC89C7B8-B167-4F41-BF1D-8634D4D905FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {EE544600-DB0C-4C15-A195-2AC98349ECCC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F288BB0A-D53B-47E6-9108-2702577AC93C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F714B7E6-3880-467E-8AFA-CC4A25E09909} - System32\Tasks\ASC12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3164944 2019-08-28] (IObit Information Technology -> IObit)
Task: {FA7EE1F0-65CD-4552-99E0-DC4577D28EA1} - System32\Tasks\AdobeAAMUpdater-1.0-PC-MAXIME-Maxime Glé => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 89.249.65.26 de-004.whiskergalaxy.com #added by Windscribe, do not modify.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03ee23e1-3064-4f40-a44d-b918c31d25f9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{14743013-7dd6-46c8-8366-5e88c795459b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f4d5305-dbb3-448e-a3be-f1b96585969f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{844eea05-5069-4623-815e-2679229108d6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f7704f90-d448-413f-a720-99f71a34f64d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\user\Downloads
Edge Extension: (No Name) -> EdgeExtension_51CA791EAvastOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AvastOnlineSecurity_18.4.140.0_neutral__s1d0xtrs8dx04 [not found]
Edge Extension: (No Name) -> EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.1912.1.0_neutral__ks9qrcqmdm1bm [not found]

FireFox:
========
FF HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\user\AppData\Roaming\Dashlane\6.1915.0.19667\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}
FF Extension: (No Name) - C:\Users\user\AppData\Roaming\Dashlane\6.1915.0.19667\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2019-04-09] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-28] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-28] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://www.piratecity.net/wp-content/themes/eleven40-pro/images/favicon.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2019-10-17]
CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-29]
CHR Extension: (Download Full Version Cracked Pc Soft...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmefcnlokoaimbpbmohfnplgbiecdpp [2019-09-28]
CHR Extension: (Universal Bypass) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-10-09]
CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-29]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-29]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-29]
CHR Extension: (Hacks et portail de pépins | Téléchar...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhmmonbdiigfpljmmejnghkfmmonpilf [2019-09-28]
CHR Extension: (Dark Reader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-09-15]
CHR Extension: (Dashlane) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-09-19]
CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-29]
CHR Extension: (HTTPS partout) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2019-06-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-30]
CHR Extension: (Click&Clean) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2019-10-12]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-12]
CHR Extension: (Z-shadow.co) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbbfifchigedbpildipghleckojnjmo [2019-09-28]
CHR Extension: (POW - The new global currency) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljglddfelhipmfkphnncahhnkndblhfg [2019-09-28]
CHR Extension: (Le_Ultime_Sondages_Bot_V2.zip) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpacdgpacckeimlcjaobfbcgjpgnkkfo [2019-09-28]
CHR Extension: (TubeBuddy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2019-10-12]
CHR Extension: (Comment pirater un compte Youtube uti...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflekkhhpojlomkimcoddppemaphondi [2019-09-28]
CHR Extension: (majax31.cc) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngifklhdlddbjijfghikaheammjgigjf [2019-09-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1266448 2019-09-10] (IObit Information Technology -> IObit)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 Becca Service; C:\Program Files (x86)\Rene.E Laboratory\Becca\x64\bcservice.exe [79792 2019-03-27] (Jiangmen Ruili Software Co., Ltd. -> Rene.E Laboratory)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642376 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (NETGEAR -> Realtek Semiconductor Corp.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-09-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-05-03] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2019-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-05-27] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-08-17] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [138872 2018-10-29] (TunnelBear -> TunnelBear)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-12-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 A6100; C:\WINDOWS\system32\DRIVERS\A6100.sys [3781368 2019-10-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 androidusb; C:\WINDOWS\System32\Drivers\wsadb.sys [40720 2019-01-27] (Shenzhen Wondershare Information Technology Co., Ltd. -> Google Inc)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [43568 2018-09-20] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [34048 2018-07-04] (IObit Information Technology -> IObit)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2639728 2019-07-06] (BattlEye Innovations e.K. -> )
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2019-02-03] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34744 2019-02-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-01-03] (Martin Malik - REALiX -> REALiX(tm))
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2018-07-04] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-10-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2249528 2016-08-12] (MEDIATEK INC. -> MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_547eeefb57db4499\nvlddmkm.sys [21858904 2019-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-07-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [41368 2016-11-17] (Christian Gulden -> )
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [42392 2016-11-17] (Christian Gulden -> Christian Gulden)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S3 rt2870; C:\WINDOWS\system32\DRIVERS\rt2870.sys [3463592 2018-02-08] (MEDIATEK INC. -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RtNdPt640; C:\WINDOWS\system32\DRIVERS\RtNdPt640.sys [48192 2016-10-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 RTTEAMPT640; C:\WINDOWS\system32\DRIVERS\RtTeam640.sys [70696 2016-09-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 RTVLANPT640; C:\WINDOWS\system32\DRIVERS\RtVlan640.sys [46632 2016-09-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology, Ltd. -> Protection Technology (StarForce))
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology, Ltd. -> Protection Technology (StarForce))
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2019-07-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-07-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-14] (Microsoft Windows -> Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [237584 2019-07-12] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-20 12:19 - 2019-10-20 12:19 - 000000000 ____D C:\Users\user\AppData\Roaming\IObit
2019-10-20 11:45 - 2019-10-20 11:45 - 000000442 __RSH C:\ProgramData\ntuser.pol
2019-10-20 10:54 - 2019-10-20 10:54 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-10-20 10:50 - 2019-10-20 10:50 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2019-10-20 10:50 - 2019-10-20 10:50 - 000000000 ____D C:\Program Files\HandBrake
2019-10-20 10:01 - 2019-10-20 10:01 - 000002974 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Maxime_Glé
2019-10-20 08:51 - 2019-10-20 12:18 - 000000000 ___DC C:\FRST
2019-10-19 18:55 - 2019-10-19 18:55 - 000000000 ___DC C:\Users\user\Documents\BeamNG.drive
2019-10-18 20:01 - 2019-10-18 20:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-18 20:00 - 2019-10-18 20:01 - 000111244 _____ C:\WINDOWS\ntbtlog.txt
2019-10-18 18:16 - 2019-10-18 18:16 - 000000000 ____D C:\Users\user\AppData\Local\ZHP
2019-10-18 07:09 - 2019-10-18 07:09 - 000003654 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2019-10-18 06:45 - 2015-09-14 13:03 - 000039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2019-10-18 06:45 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2019-10-18 06:44 - 2019-10-20 10:40 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-10-17 19:06 - 2019-10-17 19:06 - 000175648 ____C C:\Users\user\Documents\cc_20191017_190619.reg
2019-10-16 23:46 - 2019-10-16 23:46 - 000000000 __HDC C:\$SysReset
2019-10-16 20:46 - 2019-10-20 11:59 - 000000000 ____D C:\ProgramData\ProductData
2019-10-16 18:25 - 2019-10-20 10:14 - 000000000 ____D C:\ProgramData\TSRProSettings
2019-10-16 16:50 - 2019-10-17 07:59 - 000002470 _____ C:\WINDOWS\system32\Tasks\ASC12_PerformanceMonitor
2019-10-16 16:50 - 2019-10-17 07:59 - 000002374 _____ C:\WINDOWS\system32\Tasks\ASC12_SkipUac_Maxime Glé
2019-10-16 16:49 - 2019-10-16 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2019-10-16 14:26 - 2019-10-16 18:21 - 000000000 ____D C:\ProgramData\TSR7Settings
2019-10-16 14:24 - 2019-10-13 18:01 - 035958734 ____C C:\Users\user\Desktop\server.jar
2019-10-15 19:12 - 2019-10-15 19:12 - 000002163 ____C C:\Users\Public\Desktop\NETGEAR A6100 Genie.lnk
2019-10-15 19:12 - 2019-10-15 19:12 - 000002163 ____C C:\ProgramData\Desktop\NETGEAR A6100 Genie.lnk
2019-10-15 19:12 - 2019-10-15 19:12 - 000000000 ____D C:\ProgramData\NETGEAR
2019-10-15 19:12 - 2019-10-15 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6100 Genie
2019-10-15 19:12 - 2019-10-15 19:12 - 000000000 ____D C:\Program Files (x86)\NETGEAR
2019-10-15 19:12 - 2019-10-15 19:10 - 003781368 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\A6100.sys
2019-10-15 19:12 - 2019-10-15 19:10 - 000030456 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\system32\rtlCoInst.dll
2019-10-15 19:12 - 2019-10-15 19:10 - 000008338 _____ C:\WINDOWS\system32\rtlCoInst.dat
2019-10-15 19:12 - 2013-08-21 23:20 - 000006588 _____ C:\WINDOWS\system32\Drivers\A6100_LMT.txt
2019-10-15 19:12 - 2013-08-21 23:20 - 000001529 _____ C:\WINDOWS\system32\Drivers\A6100.txt
2019-10-14 20:15 - 2019-10-14 20:58 - 000000000 ___DC C:\AdwCleaner
2019-10-12 12:41 - 2019-10-12 12:41 - 000000000 ___DC C:\Users\user\AppData\LocalLow\HFTGames
2019-10-11 20:19 - 2019-10-11 20:19 - 000000000 ___DC C:\Program Files (x86)\Automation.B190807
2019-10-11 18:43 - 2019-10-11 18:43 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Illusion
2019-10-11 17:03 - 2019-10-11 17:03 - 000002596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2019-10-08 16:28 - 2019-10-08 16:28 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Smartly Dressed Games
2019-10-08 15:43 - 2019-10-08 15:43 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Novalink
2019-10-07 18:59 - 2019-10-07 19:01 - 000492544 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-07 18:59 - 2019-10-07 19:01 - 000390656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-07 18:07 - 2019-10-07 20:42 - 000000000 ____D C:\Users\user\AppData\Local\Girlvanic Studios
2019-10-07 18:07 - 2019-10-07 18:10 - 000000000 ___DC C:\Users\user\Documents\Girlvania (Girlvanic Studios)
2019-10-06 16:22 - 2019-10-06 16:22 - 000000000 ___DC C:\Program Files (x86)\xsp-3.5.0002-cracked
2019-10-06 15:28 - 2019-10-06 15:28 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fap CEO
2019-10-06 15:28 - 2019-10-06 15:28 - 000000000 ____D C:\Users\user\AppData\Roaming\Fap CEO
2019-10-06 14:35 - 2019-10-20 10:34 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2019-10-06 14:35 - 2019-10-20 10:34 - 000000000 ____D C:\ProgramData\thriXXX
2019-10-06 13:47 - 2019-10-06 14:01 - 000000000 ___DC C:\Program Files (x86)\sassy-squad_Windows_3_1_0_1
2019-10-06 13:44 - 2019-10-06 13:50 - 000000000 ____D C:\Users\user\AppData\Roaming\sassy-squad-launcher
2019-10-06 13:44 - 2019-10-06 13:44 - 000000000 ____D C:\Users\user\AppData\Roaming\Sassy Squad Launcher
2019-10-06 13:43 - 2019-10-06 13:43 - 000000000 ___DC C:\Nutaku.net
2019-10-04 18:03 - 2019-10-04 18:03 - 000000000 ___DC C:\Users\user\AppData\LocalLow\sinVR
2019-09-29 09:05 - 2019-09-29 09:05 - 000000000 ___DC C:\MCsBackup
2019-09-28 18:32 - 2019-09-28 18:38 - 000000000 ___DC C:\Users\user\Documents\Fichiers addons gmod
2019-09-28 11:50 - 2019-09-28 11:50 - 037728256 _____ C:\WINDOWS\system32\config\COMPONENTS.iobit
2019-09-28 11:39 - 2019-09-28 11:47 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-09-26 20:48 - 2019-09-26 20:48 - 000000000 ___DC C:\Users\user\AppData\LocalLow\David OReilly
2019-09-26 18:51 - 2019-09-26 18:51 - 000000000 ____D C:\Users\user\AppData\Local\Warner Bros. Interactive Entertainment
2019-09-23 19:37 - 2019-09-23 19:37 - 000000000 ___DC C:\Program Files (x86)\noesisv4406
2019-09-23 19:19 - 2019-09-23 19:19 - 000000000 ___DC C:\Program Files (x86)\Crowbar_2019-07-08_0.62
2019-09-23 19:19 - 2019-09-23 19:19 - 000000000 ____D C:\Users\user\AppData\Roaming\ZeqMacaw
2019-09-23 19:13 - 2019-09-23 19:13 - 000077183 ____C C:\Users\user\Documents\blender_source_tools_3.0.1.zip
2019-09-23 19:09 - 2019-10-20 10:40 - 000000000 ____D C:\Users\user\AppData\Roaming\Blender Foundation
2019-09-23 19:09 - 2019-09-23 19:09 - 000000000 ____D C:\Users\user\.thumbnails
2019-09-23 18:38 - 2019-09-23 18:38 - 000000168 ____C C:\Users\user\Documents\errorreport.ini
2019-09-23 17:52 - 2019-09-23 17:52 - 000000937 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2019-09-23 17:52 - 2019-09-23 17:52 - 000000000 ____D C:\Users\user\AppData\Roaming\Sublime Text 3
2019-09-23 17:52 - 2019-09-23 17:52 - 000000000 ____D C:\Users\user\AppData\Local\Sublime Text 3
2019-09-23 17:52 - 2019-09-23 17:52 - 000000000 ____D C:\Program Files\Sublime Text 3
2019-09-21 17:55 - 2019-09-21 17:57 - 000000000 ____D C:\Users\user\AppData\Roaming\CitizenFX
2019-09-21 13:47 - 2019-09-21 14:16 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-09-21 13:47 - 2019-09-21 13:47 - 000000000 ____D C:\ProgramData\Rockstar Games
2019-09-21 11:30 - 2019-09-21 11:30 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-21 11:29 - 2019-09-21 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-21 11:29 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-21 11:29 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-20 17:04 - 2019-09-20 17:04 - 000000000 ____D C:\ProgramData\WinaeroTweaker
2019-09-20 17:03 - 2019-09-20 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker
2019-09-20 17:03 - 2019-09-20 17:03 - 000000000 ____D C:\Program Files\Winaero Tweaker

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-20 12:06 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-20 12:00 - 2019-03-16 18:15 - 000000000 ____D C:\Program Files (x86)\IObit
2019-10-20 11:49 - 2019-05-27 14:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-20 11:49 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-20 11:48 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-20 11:16 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-10-20 11:16 - 2018-10-06 18:56 - 000000000 ___DC C:\Users\user\AppData\Local\D3DSCache
2019-10-20 10:56 - 2019-01-03 16:08 - 000000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2019-10-20 10:56 - 2018-03-04 20:49 - 000000000 ___DC C:\ProgramData\AVAST Software
2019-10-20 10:52 - 2019-04-08 12:29 - 000000000 ___DC C:\Users\user\Desktop\Mémos
2019-10-20 10:49 - 2018-12-30 10:57 - 000000000 ___DC C:\Users\user\Documents\Outils
2019-10-20 10:42 - 2019-01-03 17:20 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-10-20 10:42 - 2019-01-03 17:19 - 000000000 ____D C:\ProgramData\Adobe
2019-10-20 10:42 - 2018-01-19 00:19 - 000000000 ___DC C:\Users\user\AppData\Roaming\Adobe
2019-10-20 10:40 - 2019-06-26 22:32 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2019-10-20 10:40 - 2019-06-26 22:31 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2019-10-20 10:40 - 2019-06-26 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2019-10-20 10:40 - 2019-05-28 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2019-10-20 10:40 - 2019-04-18 10:26 - 000000000 ____D C:\ProgramData\Wargaming.net
2019-10-20 10:40 - 2018-01-19 12:57 - 000000000 ___DC C:\Users\user\AppData\Roaming\Mozilla
2019-10-20 10:36 - 2019-01-03 17:28 - 000000000 ____D C:\Users\user\AppData\Local\Ubisoft Game Launcher
2019-10-20 10:31 - 2019-02-24 14:54 - 000000000 ____D C:\Users\user\AppData\Local\Samsung
2019-10-20 10:31 - 2019-01-27 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-10-20 10:31 - 2019-01-27 12:51 - 000000000 ____D C:\Users\user\AppData\Roaming\Samsung
2019-10-20 10:31 - 2019-01-27 12:51 - 000000000 ____D C:\ProgramData\Samsung
2019-10-20 10:31 - 2018-01-19 15:30 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2019-10-20 10:21 - 2019-06-13 12:49 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2019-10-20 10:21 - 2019-06-13 12:49 - 000000000 ____D C:\Program Files\DAZ 3D
2019-10-20 10:19 - 2019-01-01 12:06 - 000000000 ____D C:\Program Files (x86)\Steam
2019-10-20 09:51 - 2019-05-27 13:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-18 20:02 - 2018-12-31 16:44 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2019-10-18 19:52 - 2019-05-27 10:29 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-18 06:49 - 2019-05-27 14:58 - 000795860 _____ C:\WINDOWS\system32\perfh00C.dat
2019-10-18 06:49 - 2019-05-27 14:58 - 000153736 _____ C:\WINDOWS\system32\perfc00C.dat
2019-10-18 06:49 - 2019-05-27 13:58 - 001771406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-17 20:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-17 20:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-17 19:05 - 2018-07-12 00:38 - 000000000 ___DC C:\Users\user\AppData\Local\CrashDumps
2019-10-17 19:04 - 2019-05-27 14:11 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-10-17 07:55 - 2019-02-24 20:14 - 000000000 ___DC C:\RomStation
2019-10-17 06:33 - 2019-05-27 13:37 - 000595760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-16 23:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-16 23:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-16 23:53 - 2019-03-19 13:43 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-16 16:50 - 2019-01-03 16:49 - 000000000 ___DC C:\Users\user\AppData\LocalLow\IObit
2019-10-16 16:49 - 2019-01-03 16:48 - 000000000 ____D C:\ProgramData\IObit
2019-10-15 19:10 - 2019-09-06 19:04 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2019-10-14 20:58 - 2019-01-03 17:29 - 000000000 ____D C:\ProgramData\Lavasoft
2019-10-14 17:44 - 2018-12-26 12:44 - 000000438 ____C C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-10-14 08:54 - 2018-01-19 15:17 - 000000000 ___DC C:\Users\user\AppData\Roaming\vlc
2019-10-12 18:50 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-12 18:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-12 18:50 - 2018-01-19 00:19 - 000000000 ___DC C:\Users\user\AppData\Local\Packages
2019-10-12 15:55 - 2019-01-18 12:04 - 000000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2019-10-12 15:51 - 2019-01-03 17:26 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2019-10-12 13:56 - 2019-08-10 10:16 - 000000000 ____D C:\Users\user\AppData\Local\BitTorrentHelper
2019-10-12 13:04 - 2018-05-28 23:42 - 000000000 ___DC C:\Users\user\AppData\Local\PlaceholderTileLogoFolder
2019-10-12 12:52 - 2019-01-03 16:44 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2019-10-11 17:02 - 2019-05-04 17:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-09 07:42 - 2019-02-04 22:06 - 000000000 ____D C:\Program Files\Rockstar Games
2019-10-09 07:42 - 2019-02-04 22:06 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-10-08 20:48 - 2019-01-04 12:09 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-10-08 19:32 - 2018-01-19 12:57 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Mozilla
2019-10-08 15:43 - 2019-03-24 11:14 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Unity
2019-10-08 07:36 - 2018-01-19 00:19 - 000000000 _RHDC C:\Users\Public\AccountPictures
2019-10-08 07:36 - 2018-01-19 00:19 - 000000000 __RDC C:\Users\user\3D Objects
2019-10-06 14:50 - 2018-01-19 00:19 - 000000000 ___DC C:\Users\user\AppData\Local\VirtualStore
2019-10-06 13:43 - 2019-06-30 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nutaku.net
2019-10-02 13:33 - 2019-08-27 14:59 - 000000000 ___DC C:\Users\user\Documents\CV
2019-10-02 12:59 - 2018-03-04 19:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-28 12:10 - 2019-08-15 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever
2019-09-28 12:10 - 2019-08-10 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil Revelations
2019-09-28 12:10 - 2019-04-19 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Letasoft Sound Booster
2019-09-28 12:10 - 2019-01-03 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2019-09-28 12:10 - 2018-01-19 01:49 - 000000000 ___DC C:\Users\user\AppData\Roaming\TeamViewer
2019-09-28 12:10 - 2018-01-19 01:48 - 000000000 ___DC C:\Program Files (x86)\TeamViewer
2019-09-28 12:02 - 2019-08-28 10:13 - 000000000 ____D C:\Program Files\paint.net
2019-09-28 12:02 - 2019-04-24 12:59 - 000000000 ___DC C:\Program Files (x86)\SCP - Containment Breach v1.3.11
2019-09-28 12:02 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-09-28 12:02 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-28 12:02 - 2019-01-04 22:25 - 000000000 ___DC C:\Program Files (x86)\Trackmania Turbo
2019-09-28 12:01 - 2019-01-01 13:02 - 000000000 ___DC C:\Program Files (x86)\osu!
2019-09-28 12:01 - 2018-01-19 01:45 - 000000000 ___DC C:\Program Files (x86)\Google
2019-09-28 12:01 - 2018-01-18 22:31 - 000000000 ___DC C:\Program Files (x86)\NVIDIA Corporation
2019-09-28 10:06 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-28 09:56 - 2019-05-27 14:11 - 000004718 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-28 09:56 - 2019-05-27 14:11 - 000004554 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-09-28 09:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-28 09:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-26 19:16 - 2019-01-09 19:38 - 000000000 ____D C:\Program Files\Epic Games
2019-09-26 18:44 - 2019-04-29 21:27 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-21 18:45 - 2019-01-03 12:53 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-09-21 18:43 - 2019-01-03 12:39 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-21 18:36 - 2018-12-28 21:02 - 000000000 ___DC C:\Program Files (x86)\EA GAMES
2019-09-21 18:25 - 2019-07-19 12:22 - 000000000 ___DC C:\Users\user\Documents\Unity
2019-09-21 18:19 - 2018-12-28 11:20 - 000000000 ___DC C:\Users\user\Documents\Samsung
2019-09-21 18:18 - 2019-06-21 13:39 - 000000000 ___DC C:\Users\user\Documents\PDF
2019-09-21 18:05 - 2018-12-27 14:54 - 000000000 ___DC C:\Users\user\Documents\Hacking
2019-09-21 17:57 - 2019-02-17 12:13 - 000000000 ____D C:\Users\user\AppData\Local\FiveM
2019-09-21 17:56 - 2019-02-22 12:00 - 000000000 ____D C:\Users\user\AppData\Local\DigitalEntitlements
2019-09-21 13:49 - 2019-02-14 13:23 - 000000000 ___DC C:\Users\user\Documents\Rockstar Games
2019-09-21 13:49 - 2019-01-19 17:17 - 000000000 ____D C:\Users\user\AppData\Local\Rockstar Games
2019-09-21 13:47 - 2018-01-19 20:52 - 000000000 ___DC C:\ProgramData\Package Cache
2019-09-21 11:33 - 2019-01-18 12:04 - 000000914 ____C C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-09-21 11:29 - 2019-01-03 17:08 - 000000000 ____D C:\ProgramData\Malwarebytes

==================== Files in the root of some directories ================

2019-06-02 11:48 - 2019-06-02 11:48 - 000000288 _____ () C:\Users\user\AppData\Roaming\.backup.dm
2019-08-28 17:14 - 2019-08-28 17:14 - 000000033 _____ () C:\Users\user\AppData\Roaming\AdobeWLCMCache.dat
2019-01-04 11:47 - 2019-01-04 11:47 - 000000410 _____ () C:\Users\user\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================