Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-10-2019
Ran by Maxime Glé (administrator) on PC-MAXIME (Viglen VIG625M) (20-10-2019 08:54:19)
Running from C:\Users\user\Desktop
Loaded Profiles: Maxime Glé (Available Profiles: Maxime Glé & Administrator)
Platform: Windows 10 Pro Version 1903 18362.356 (X64) Language: Anglais (Royaume-Uni)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced System Repair, Inc. -> Advanced System Repair Inc.) C:\Program Files (x86)\Advanced System Repair Pro 1.8.0.2\tscmon.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\6.6.0\Scheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NETGEAR -> NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
(NETGEAR -> Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2019-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\MountPoints2: {c98954ce-2c83-11e9-9dc7-6c626daf4379} - "E:\MCG-SB3Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-26] (Google LLC -> Google LLC)
IFEO\ChangeIcs.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DiscSoftBusServiceLite.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTAgent.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTCommandLine.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTLauncher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTLite.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTLiteHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\DTShellHlp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\Extractor.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashPlayerPlugin_32_0_0_255.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashPlayerUpdateService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashUtil32_32_0_0_255_Plugin.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\FlashUtil_ActiveX.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\RazerInstaller.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SPTDinst-x64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\subinacl.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\TeamViewer_Note.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\tstunnel.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpnclient.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpncmd.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpncmgr.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpninstall.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpnsetup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\vpnsetup_x64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\Windscribe.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WindscribeInstallHelper.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WindscribeLauncher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\windscribeopenvpn_2_3_18.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\windscribeopenvpn_2_4_6.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WindscribeService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\wsappcontrol.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\wstunnel.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2019-10-15]
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (NETGEAR -> Realtek Semiconductor Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2019-01-03]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AD2BF0A-FB22-4837-B479-60C399DD23FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D39CE96-6EDE-4D0E-BA30-FAFC51A311A4} - System32\Tasks\Software Updater SkipUAC(Maxime Glé) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4072720 2019-06-12] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {206FA45E-68AB-4904-B2B0-8C36E148808C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2327A510-4490-406B-B754-62FFC965838D} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4072720 2019-06-12] (IObit Information Technology -> IObit)
Task: {26C899A7-93AB-45CA-8785-AE31820A13F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CB4B553-A260-4878-A0DB-D06FCA5EDF14} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {345CC4F7-79C7-4520-9B59-8250B2E22DAE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {3D378F41-7F36-4DCE-A744-72B2B140287A} - System32\Tasks\Driver Booster SkipUAC (Maxime Glé) => C:\Program Files (x86)\IObit\Driver Booster\6.6.0\DriverBooster.exe [7612176 2019-08-10] (IObit Information Technology -> IObit)
Task: {3E3BA981-9BCD-4A5D-B043-DD0DF0F12BE8} - System32\Tasks\ASC12_SkipUac_Maxime Glé => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {43DDBC7A-51F8-416E-BBE3-4385CE6AFCD2} - System32\Tasks\PowerToys\Autorun for Maxime Glé => C:\Program Files\PowerToys\PowerToys.exe [636664 2019-09-05] (Janea Systems, Inc. -> Microsoft Corp.)
Task: {447B0C0D-E1F0-4645-883B-9EB44C11F420} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48DA095E-202A-40F4-8CAA-29C977573E1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B08F6C6-9574-41E6-B6CE-AED598B8A133} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {4CA0A97E-A9CD-43C6-BFD9-D4B0D903764F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-28] (Adobe Inc. -> Adobe)
Task: {5238CF76-D3D2-488F-83BF-C9D2554DF374} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {561A1727-EAD9-4F6F-9B0C-3C1BB43E1962} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {581E48D8-8409-49CF-850A-1A64B07797FA} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.6.0\Scheduler.exe [149776 2019-07-19] (IObit Information Technology -> IObit)
Task: {61C4BA20-0EFC-47F7-8178-34EDD573D698} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {669FAA49-F2CE-47AF-9E40-AECAB11F90ED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295760 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {764A667E-01D7-4814-9A31-4E2305771628} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1578024 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {95002F68-2356-4C53-AFAD-FD3701A18545} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {9DA51D60-AC2F-40C8-9AA3-8531756FB2F6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-28] (Adobe Inc. -> Adobe)
Task: {A1CB3504-1594-4777-8629-DF9372C125DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-29] (Google Inc -> Google LLC)
Task: {A784328E-1999-4213-A63E-E68AC0289DAC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC5D43B8-6208-4521-8980-9E791BBB424B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACE82410-26D8-4DD5-8882-2637605F37E5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC6097F7-35BE-4AB8-96A3-2FEB0E7AE416} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {BC722A12-8F69-4DE9-9F00-417BF9DB078B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295760 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C230467E-75C4-454F-ABE7-09E4B70C87DF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C903B960-1061-4194-A051-FF59EA0C16AD} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {CABCF9D5-BC48-436D-89D0-3C24AB1BA3B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-29] (Google Inc -> Google LLC)
Task: {CC152300-1E4F-4F59-B08B-8D95C3FF0C24} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D05ECE87-DA26-42B5-B469-9F38F0AC3DB0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D44E69BF-1C8F-4A0E-ADDA-76CD4D8F554C} - System32\Tasks\AdobeGCInvoker-1.0-PC-MAXIME-Maxime Glé => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {D6EE66B3-13BB-4938-92AE-C048406F689B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DACFA503-F569-416E-854F-2A1D56976E3A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF36437D-4BC9-4B77-BFA2-78F07CDB5C4B} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789712 2019-05-13] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {E72EC84A-046A-4857-9A4F-37CA69AE1BC4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {EC89C7B8-B167-4F41-BF1D-8634D4D905FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {EE544600-DB0C-4C15-A195-2AC98349ECCC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F288BB0A-D53B-47E6-9108-2702577AC93C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F440F5EC-D6D6-45DA-BFB8-2316E7681AB7} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [35075128 2019-10-14] (Adlice -> )
Task: {F714B7E6-3880-467E-8AFA-CC4A25E09909} - System32\Tasks\ASC12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3164944 2019-08-28] (IObit Information Technology -> IObit)
Task: {FA7EE1F0-65CD-4552-99E0-DC4577D28EA1} - System32\Tasks\AdobeAAMUpdater-1.0-PC-MAXIME-Maxime Glé => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 89.249.65.26 de-004.whiskergalaxy.com #added by Windscribe, do not modify.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03ee23e1-3064-4f40-a44d-b918c31d25f9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{14743013-7dd6-46c8-8366-5e88c795459b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{74b16955-e372-47e5-acea-76ae08a637e1}: [NameServer] 208.67.222.222,216.146.35.35
Tcpip\..\Interfaces\{7f4d5305-dbb3-448e-a3be-f1b96585969f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{844eea05-5069-4623-815e-2679229108d6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e2726d02-16fa-4c42-9f21-a1857d6c2d95}: [DhcpNameServer] 10.8.2.1
Tcpip\..\Interfaces\{f7704f90-d448-413f-a720-99f71a34f64d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3857067193-2404044210-3273798446-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\user\Downloads
Edge Extension: (No Name) -> EdgeExtension_51CA791EAvastOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AvastOnlineSecurity_18.4.140.0_neutral__s1d0xtrs8dx04 [not found]
Edge Extension: (No Name) -> EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.1912.1.0_neutral__ks9qrcqmdm1bm [not found]

FireFox:
========
FF DefaultProfile: 9xtpixnz.default-1542478513981
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981 [2019-10-18]
FF Session Restore: Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981 -> is enabled.
FF Extension: (Dark Reader) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\addon@darkreader.org.xpi [2019-09-22]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2019-03-26]
FF Extension: (TubeBuddy for YouTube) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2019-09-22]
FF Extension: (HTTPS partout) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\https-everywhere@eff.org.xpi [2019-08-06]
FF Extension: (Dashlane) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\jetpack-extension@dashlane.com.xpi [2019-09-22] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\sp@avast.com.xpi [2019-09-22]
FF Extension: (Avast Online Security) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\wrc@avast.com.xpi [2019-01-03]
FF Extension: (Universal Bypass) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\{529b261b-df0b-4e3b-bf42-07b462da0ee8}.xpi [2019-09-22]
FF Extension: (Absolute Right Click) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\{9350bc42-47fb-4598-ae0f-825e3dd9ceba}.xpi [2019-04-09]
FF Extension: (String Theory 2) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\{969857a7-b0e8-476b-ae22-4789cc2289e6}.xpi [2019-06-02]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-09-22]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\9xtpixnz.default-1542478513981\searchplugins\bing-lavasoft-ff59.xml [2019-01-03]
FF HKU\S-1-5-21-3857067193-2404044210-3273798446-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\user\AppData\Roaming\Dashlane\6.1915.0.19667\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}
FF Extension: (No Name) - C:\Users\user\AppData\Roaming\Dashlane\6.1915.0.19667\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2019-04-09] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-28] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-28] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://www.piratecity.net/wp-content/themes/eleven40-pro/images/favicon.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2019-10-17]
CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-29]
CHR Extension: (Download Full Version Cracked Pc Soft...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmefcnlokoaimbpbmohfnplgbiecdpp [2019-09-28]
CHR Extension: (Universal Bypass) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-10-09]
CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-29]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-29]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-29]
CHR Extension: (Hacks et portail de pépins | Téléchar...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhmmonbdiigfpljmmejnghkfmmonpilf [2019-09-28]
CHR Extension: (Dark Reader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2019-09-15]
CHR Extension: (Dashlane) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-09-19]
CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-29]
CHR Extension: (HTTPS partout) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2019-06-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-30]
CHR Extension: (Click&Clean) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2019-10-12]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-12]
CHR Extension: (Z-shadow.co) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbbfifchigedbpildipghleckojnjmo [2019-09-28]
CHR Extension: (POW - The new global currency) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljglddfelhipmfkphnncahhnkndblhfg [2019-09-28]
CHR Extension: (Le_Ultime_Sondages_Bot_V2.zip) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpacdgpacckeimlcjaobfbcgjpgnkkfo [2019-09-28]
CHR Extension: (TubeBuddy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2019-10-12]
CHR Extension: (Comment pirater un compte Youtube uti...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflekkhhpojlomkimcoddppemaphondi [2019-09-28]
CHR Extension: (majax31.cc) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngifklhdlddbjijfghikaheammjgigjf [2019-09-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1266448 2019-09-10] (IObit Information Technology -> IObit)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-09-28] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
S3 Becca Service; C:\Program Files (x86)\Rene.E Laboratory\Becca\x64\bcservice.exe [79792 2019-03-27] (Jiangmen Ruili Software Co., Ltd. -> Rene.E Laboratory)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642376 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-20] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-20] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (NETGEAR -> Realtek Semiconductor Corp.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [471696 2019-09-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-05-03] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46592 2019-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-05-27] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-08-17] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 tscmon; C:\Program Files (x86)\Advanced System Repair Pro 1.8.0.2\tscmon.exe [1573200 2019-10-16] (Advanced System Repair, Inc. -> Advanced System Repair Inc.)
S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [138872 2018-10-29] (TunnelBear -> TunnelBear)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-07-12] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-12-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 A6100; C:\WINDOWS\system32\DRIVERS\A6100.sys [3781368 2019-10-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 androidusb; C:\WINDOWS\System32\Drivers\wsadb.sys [40720 2019-01-27] (Shenzhen Wondershare Information Technology Co., Ltd. -> Google Inc)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [43568 2018-09-20] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [34048 2018-07-04] (IObit Information Technology -> IObit)
R1 asrdmon; C:\WINDOWS\system32\drivers\asrdmon.sys [17744 2019-10-16] (Advanced System Repair, Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-09-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [552848 2019-09-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-09-20] (AVAST Software s.r.o. -> AVAST Software)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2639728 2019-07-06] (BattlEye Innovations e.K. -> )
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2019-02-03] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34744 2019-02-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-01-03] (Martin Malik - REALiX -> REALiX(tm))
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2018-07-04] (IObit Information Technology -> IObit)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2249528 2016-08-12] (MEDIATEK INC. -> MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_547eeefb57db4499\nvlddmkm.sys [21858904 2019-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-07-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [41368 2016-11-17] (Christian Gulden -> )
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [42392 2016-11-17] (Christian Gulden -> Christian Gulden)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S3 rt2870; C:\WINDOWS\system32\DRIVERS\rt2870.sys [3463592 2018-02-08] (MEDIATEK INC. -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RtNdPt640; C:\WINDOWS\system32\DRIVERS\RtNdPt640.sys [48192 2016-10-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 RTTEAMPT640; C:\WINDOWS\system32\DRIVERS\RtTeam640.sys [70696 2016-09-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 RTVLANPT640; C:\WINDOWS\system32\DRIVERS\RtVlan640.sys [46632 2016-09-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology, Ltd. -> Protection Technology (StarForce))
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology, Ltd. -> Protection Technology (StarForce))
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2019-07-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-07-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-14] (Microsoft Windows -> Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [237584 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-07-12] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-20 08:54 - 2019-10-20 08:57 - 000046946 ____C C:\Users\user\Desktop\FRST.txt
2019-10-20 08:51 - 2019-10-20 08:56 - 000000000 ___DC C:\FRST
2019-10-20 08:50 - 2019-10-20 08:50 - 001616384 ____C (Farbar) C:\Users\user\Desktop\FRST64.exe
2019-10-19 18:55 - 2019-10-19 18:55 - 000000000 ___DC C:\Users\user\Documents\BeamNG.drive
2019-10-18 20:01 - 2019-10-18 20:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-18 20:00 - 2019-10-18 20:01 - 000111244 _____ C:\WINDOWS\ntbtlog.txt
2019-10-18 18:16 - 2019-10-19 15:56 - 000000000 ____D C:\Users\user\AppData\Roaming\ZHP
2019-10-18 18:16 - 2019-10-18 18:16 - 000000000 ____D C:\Users\user\AppData\Local\ZHP
2019-10-18 07:09 - 2019-10-18 07:09 - 000003654 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2019-10-18 06:45 - 2015-09-14 13:03 - 000039672 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS
2019-10-18 06:45 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2019-10-18 06:44 - 2019-10-18 06:44 - 000001379 ____C C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2019-10-18 06:44 - 2019-10-18 06:44 - 000001379 ____C C:\ProgramData\Desktop\Panda Cloud Cleaner.lnk
2019-10-18 06:44 - 2019-10-18 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2019-10-18 06:44 - 2019-10-18 06:44 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-10-17 20:46 - 2019-10-17 20:46 - 000003196 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2019-10-17 20:46 - 2019-10-17 20:46 - 000002966 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Maxime Glé)
2019-10-17 19:06 - 2019-10-17 19:06 - 000175648 ____C C:\Users\user\Documents\cc_20191017_190619.reg
2019-10-16 23:46 - 2019-10-16 23:46 - 000000000 __HDC C:\$SysReset
2019-10-16 20:46 - 2019-10-17 20:46 - 000000000 ____D C:\ProgramData\ProductData
2019-10-16 18:25 - 2019-10-16 19:31 - 000000000 ____D C:\ProgramData\TSRProSettings
2019-10-16 18:25 - 2019-10-16 18:34 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced System Repair Pro
2019-10-16 18:25 - 2019-10-16 18:32 - 000000000 ____D C:\Program Files (x86)\Advanced System Repair Pro 1.8.0.2
2019-10-16 18:25 - 2019-10-16 18:25 - 000017744 _____ C:\WINDOWS\system32\Drivers\asrdmon.sys
2019-10-16 16:50 - 2019-10-17 07:59 - 000002470 _____ C:\WINDOWS\system32\Tasks\ASC12_PerformanceMonitor
2019-10-16 16:50 - 2019-10-17 07:59 - 000002374 _____ C:\WINDOWS\system32\Tasks\ASC12_SkipUac_Maxime Glé
2019-10-16 16:49 - 2019-10-16 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2019-10-16 15:48 - 2019-10-17 18:32 - 000003154 _____ C:\WINDOWS\system32\Tasks\RogueKiller Anti-Malware
2019-10-16 15:48 - 2019-10-16 16:37 - 000000000 ____D C:\ProgramData\RogueKiller
2019-10-16 15:48 - 2019-10-16 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-10-16 15:48 - 2019-10-16 15:48 - 000000000 ____D C:\Program Files\RogueKiller
2019-10-16 14:26 - 2019-10-16 18:21 - 000000000 ____D C:\ProgramData\TSR7Settings
2019-10-16 14:24 - 2019-10-13 18:01 - 035958734 ____C C:\Users\user\Desktop\server.jar
2019-10-15 19:12 - 2019-10-15 19:12 - 000002163 ____C C:\Users\Public\Desktop\NETGEAR A6100 Genie.lnk
2019-10-15 19:12 - 2019-10-15 19:12 - 000002163 ____C C:\ProgramData\Desktop\NETGEAR A6100 Genie.lnk
2019-10-15 19:12 - 2019-10-15 19:12 - 000000000 ____D C:\ProgramData\NETGEAR
2019-10-15 19:12 - 2019-10-15 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6100 Genie
2019-10-15 19:12 - 2019-10-15 19:12 - 000000000 ____D C:\Program Files (x86)\NETGEAR
2019-10-15 19:12 - 2019-10-15 19:10 - 003781368 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\A6100.sys
2019-10-15 19:12 - 2019-10-15 19:10 - 000030456 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\system32\rtlCoInst.dll
2019-10-15 19:12 - 2019-10-15 19:10 - 000008338 _____ C:\WINDOWS\system32\rtlCoInst.dat
2019-10-15 19:12 - 2013-08-21 23:20 - 000006588 _____ C:\WINDOWS\system32\Drivers\A6100_LMT.txt
2019-10-15 19:12 - 2013-08-21 23:20 - 000001529 _____ C:\WINDOWS\system32\Drivers\A6100.txt
2019-10-14 20:15 - 2019-10-14 20:58 - 000000000 ___DC C:\AdwCleaner
2019-10-12 14:07 - 2019-10-12 14:07 - 000000000 ____D C:\Users\user\AppData\Roaming\zerobyteorbit
2019-10-12 12:41 - 2019-10-12 12:41 - 000000000 ___DC C:\Users\user\AppData\LocalLow\HFTGames
2019-10-11 20:19 - 2019-10-11 20:19 - 000000000 ___DC C:\Program Files (x86)\Automation.B190807
2019-10-11 18:43 - 2019-10-11 18:43 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Illusion
2019-10-11 17:03 - 2019-10-11 17:03 - 000002596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-11 17:03 - 2019-10-11 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2019-10-08 18:53 - 2019-10-08 20:54 - 000000023 ____C C:\Users\user\Desktop\SConfig.txt
2019-10-08 16:28 - 2019-10-08 16:28 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Smartly Dressed Games
2019-10-08 15:43 - 2019-10-08 15:43 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Novalink
2019-10-07 18:59 - 2019-10-07 19:01 - 000492544 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-07 18:59 - 2019-10-07 19:01 - 000390656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-07 18:07 - 2019-10-07 20:42 - 000000000 ____D C:\Users\user\AppData\Local\Girlvanic Studios
2019-10-07 18:07 - 2019-10-07 18:10 - 000000000 ___DC C:\Users\user\Documents\Girlvania (Girlvanic Studios)
2019-10-06 16:22 - 2019-10-06 16:22 - 000000000 ___DC C:\Program Files (x86)\xsp-3.5.0002-cracked
2019-10-06 15:28 - 2019-10-06 15:28 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fap CEO
2019-10-06 15:28 - 2019-10-06 15:28 - 000000000 ____D C:\Users\user\AppData\Roaming\Fap CEO
2019-10-06 14:35 - 2019-10-06 14:35 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2019-10-06 14:35 - 2019-10-06 14:35 - 000000000 ____D C:\Users\user\AppData\Roaming\thriXXX
2019-10-06 14:35 - 2019-10-06 14:35 - 000000000 ____D C:\ProgramData\thriXXX
2019-10-06 14:35 - 2019-10-06 14:35 - 000000000 ____D C:\Program Files (x86)\thriXXX
2019-10-06 13:47 - 2019-10-06 14:01 - 000000000 ___DC C:\Program Files (x86)\sassy-squad_Windows_3_1_0_1
2019-10-06 13:44 - 2019-10-06 13:50 - 000000000 ____D C:\Users\user\AppData\Roaming\sassy-squad-launcher
2019-10-06 13:44 - 2019-10-06 13:44 - 000000000 ____D C:\Users\user\AppData\Roaming\Sassy Squad Launcher
2019-10-06 13:43 - 2019-10-06 13:43 - 000000000 ___DC C:\Nutaku.net
2019-10-04 18:03 - 2019-10-04 18:03 - 000000000 ___DC C:\Users\user\AppData\LocalLow\sinVR
2019-09-30 18:02 - 2019-09-30 18:02 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-30 18:02 - 2019-09-30 18:02 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-29 09:05 - 2019-09-29 09:05 - 000000000 ___DC C:\MCsBackup
2019-09-28 18:32 - 2019-09-28 18:38 - 000000000 ___DC C:\Users\user\Documents\Fichiers addons gmod
2019-09-28 11:50 - 2019-09-28 11:50 - 037728256 _____ C:\WINDOWS\system32\config\COMPONENTS.iobit
2019-09-28 11:39 - 2019-09-28 11:47 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-09-28 10:07 - 2019-10-20 08:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-09-28 10:07 - 2019-09-28 10:07 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Sécurité.lnk
2019-09-28 10:06 - 2019-09-28 10:06 - 000552848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-09-28 10:06 - 2019-09-20 16:53 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-26 20:48 - 2019-09-26 20:48 - 000000000 ___DC C:\Users\user\AppData\LocalLow\David OReilly
2019-09-26 18:51 - 2019-09-26 18:51 - 000000000 ____D C:\Users\user\AppData\Local\Warner Bros. Interactive Entertainment
2019-09-23 19:37 - 2019-09-23 19:37 - 000000000 ___DC C:\Program Files (x86)\noesisv4406
2019-09-23 19:19 - 2019-09-23 19:19 - 000000000 ___DC C:\Program Files (x86)\Crowbar_2019-07-08_0.62
2019-09-23 19:19 - 2019-09-23 19:19 - 000000000 ____D C:\Users\user\AppData\Roaming\ZeqMacaw
2019-09-23 19:13 - 2019-09-23 19:13 - 000077183 ____C C:\Users\user\Documents\blender_source_tools_3.0.1.zip
2019-09-23 19:09 - 2019-09-23 19:09 - 000000000 ____D C:\Users\user\AppData\Roaming\Blender Foundation
2019-09-23 19:09 - 2019-09-23 19:09 - 000000000 ____D C:\Users\user\.thumbnails
2019-09-23 18:38 - 2019-09-23 18:38 - 000000168 ____C C:\Users\user\Documents\errorreport.ini
2019-09-23 17:52 - 2019-09-23 17:52 - 000000937 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2019-09-23 17:52 - 2019-09-23 17:52 - 000000000 ____D C:\Users\user\AppData\Roaming\Sublime Text 3
2019-09-23 17:52 - 2019-09-23 17:52 - 000000000 ____D C:\Users\user\AppData\Local\Sublime Text 3
2019-09-23 17:52 - 2019-09-23 17:52 - 000000000 ____D C:\Program Files\Sublime Text 3
2019-09-22 18:15 - 2019-09-22 18:20 - 000000197 ____C C:\Users\user\Desktop\MDPs à changer.txt
2019-09-22 17:44 - 2019-10-02 13:10 - 000000417 ____C C:\Users\user\Desktop\A faire ce mois-ci.txt
2019-09-21 17:55 - 2019-09-21 17:57 - 000000000 ____D C:\Users\user\AppData\Roaming\CitizenFX
2019-09-21 13:47 - 2019-09-21 14:16 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-09-21 13:47 - 2019-09-21 13:47 - 000000000 ____D C:\ProgramData\Rockstar Games
2019-09-21 11:30 - 2019-09-21 11:30 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-21 11:29 - 2019-09-21 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-21 11:29 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-21 11:29 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-20 17:04 - 2019-09-20 17:04 - 000000000 ____D C:\ProgramData\WinaeroTweaker
2019-09-20 17:03 - 2019-09-20 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker
2019-09-20 17:03 - 2019-09-20 17:03 - 000000000 ____D C:\Program Files\Winaero Tweaker
2019-09-20 16:56 - 2019-09-20 16:58 - 000000000 ____D C:\Users\user\AppData\Roaming\Wabbitemu
2019-09-20 16:53 - 2019-09-20 16:53 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-20 16:53 - 2019-09-20 16:53 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-09-20 16:53 - 2019-09-20 16:52 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-20 16:53 - 2019-09-20 16:52 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-20 16:53 - 2019-09-20 16:52 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-20 08:47 - 2019-05-27 14:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-20 08:47 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-19 20:54 - 2019-05-27 13:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-19 20:54 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-19 19:24 - 2019-01-01 12:06 - 000000000 ____D C:\Program Files (x86)\Steam
2019-10-19 12:17 - 2019-05-22 10:44 - 000000000 ____D C:\Program Files\Adobe
2019-10-18 20:02 - 2018-12-31 16:44 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2019-10-18 19:52 - 2019-05-27 10:29 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-18 06:49 - 2019-05-27 14:58 - 000795860 _____ C:\WINDOWS\system32\perfh00C.dat
2019-10-18 06:49 - 2019-05-27 14:58 - 000153736 _____ C:\WINDOWS\system32\perfc00C.dat
2019-10-18 06:49 - 2019-05-27 13:58 - 001771406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-18 06:49 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-10-17 20:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-17 20:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-17 20:07 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-17 19:05 - 2018-07-12 00:38 - 000000000 ___DC C:\Users\user\AppData\Local\CrashDumps
2019-10-17 19:04 - 2019-05-27 14:11 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-10-17 07:59 - 2019-05-27 14:11 - 000002832 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate
2019-10-17 07:59 - 2019-05-27 14:11 - 000002412 _____ C:\WINDOWS\system32\Tasks\Software Updater SkipUAC(Maxime Glé)
2019-10-17 07:58 - 2019-05-27 14:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-10-17 07:55 - 2019-02-24 20:14 - 000000000 ___DC C:\RomStation
2019-10-17 06:33 - 2019-05-27 13:37 - 000595760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-16 23:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-16 23:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-16 23:53 - 2019-03-19 13:43 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-16 23:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-16 16:50 - 2019-01-03 16:49 - 000000000 ___DC C:\Users\user\AppData\LocalLow\IObit
2019-10-16 16:49 - 2019-01-03 16:48 - 000000000 ____D C:\ProgramData\IObit
2019-10-16 16:43 - 2019-01-03 16:48 - 000000000 ____D C:\Users\user\AppData\Roaming\IObit
2019-10-15 19:12 - 2018-01-19 15:30 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2019-10-15 19:10 - 2019-09-06 19:04 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2019-10-14 20:58 - 2019-01-03 17:29 - 000000000 ____D C:\ProgramData\Lavasoft
2019-10-14 17:44 - 2018-12-26 12:44 - 000000438 ____C C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-10-14 08:54 - 2018-01-19 15:17 - 000000000 ___DC C:\Users\user\AppData\Roaming\vlc
2019-10-12 18:50 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-12 18:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-12 18:50 - 2018-01-19 00:19 - 000000000 ___DC C:\Users\user\AppData\Local\Packages
2019-10-12 15:55 - 2019-01-18 12:04 - 000000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2019-10-12 15:51 - 2019-01-03 17:26 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2019-10-12 13:56 - 2019-08-10 10:16 - 000000000 ____D C:\Users\user\AppData\Local\BitTorrentHelper
2019-10-12 13:04 - 2018-05-28 23:42 - 000000000 ___DC C:\Users\user\AppData\Local\PlaceholderTileLogoFolder
2019-10-12 12:52 - 2019-01-03 16:44 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2019-10-12 10:21 - 2019-04-08 12:29 - 000000000 ___DC C:\Users\user\Desktop\Mémos
2019-10-11 17:02 - 2019-05-04 17:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-09 07:42 - 2019-02-04 22:06 - 000000000 ____D C:\Program Files\Rockstar Games
2019-10-09 07:42 - 2019-02-04 22:06 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-10-08 20:48 - 2019-01-04 12:09 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-10-08 19:32 - 2018-01-19 12:57 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Mozilla
2019-10-08 15:43 - 2019-03-24 11:14 - 000000000 ___DC C:\Users\user\AppData\LocalLow\Unity
2019-10-08 07:36 - 2018-01-19 00:19 - 000000000 _RHDC C:\Users\Public\AccountPictures
2019-10-08 07:36 - 2018-01-19 00:19 - 000000000 __RDC C:\Users\user\3D Objects
2019-10-06 14:50 - 2018-01-19 00:19 - 000000000 ___DC C:\Users\user\AppData\Local\VirtualStore
2019-10-06 13:43 - 2019-06-30 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nutaku.net
2019-10-05 19:24 - 2018-10-06 18:56 - 000000000 ___DC C:\Users\user\AppData\Local\D3DSCache
2019-10-02 13:33 - 2019-08-27 14:59 - 000000000 ___DC C:\Users\user\Documents\CV
2019-10-02 12:59 - 2018-03-04 19:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-28 12:10 - 2019-08-15 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever
2019-09-28 12:10 - 2019-08-10 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil Revelations
2019-09-28 12:10 - 2019-05-28 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2019-09-28 12:10 - 2019-04-19 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Letasoft Sound Booster
2019-09-28 12:10 - 2019-01-03 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2019-09-28 12:10 - 2018-01-19 01:49 - 000000000 ___DC C:\Users\user\AppData\Roaming\TeamViewer
2019-09-28 12:10 - 2018-01-19 01:48 - 000000000 ___DC C:\Program Files (x86)\TeamViewer
2019-09-28 12:02 - 2019-08-28 10:13 - 000000000 ____D C:\Program Files\paint.net
2019-09-28 12:02 - 2019-04-24 12:59 - 000000000 ___DC C:\Program Files (x86)\SCP - Containment Breach v1.3.11
2019-09-28 12:02 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-09-28 12:02 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-28 12:02 - 2019-01-04 22:25 - 000000000 ___DC C:\Program Files (x86)\Trackmania Turbo
2019-09-28 12:01 - 2019-01-01 13:02 - 000000000 ___DC C:\Program Files (x86)\osu!
2019-09-28 12:01 - 2018-01-19 12:57 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-28 12:01 - 2018-01-19 01:45 - 000000000 ___DC C:\Program Files (x86)\Google
2019-09-28 12:01 - 2018-01-18 22:31 - 000000000 ___DC C:\Program Files (x86)\NVIDIA Corporation
2019-09-28 11:46 - 2018-03-04 20:49 - 000000000 ___DC C:\ProgramData\AVAST Software
2019-09-28 11:34 - 2019-01-03 16:08 - 000000000 ____D C:\Users\user\AppData\Local\AVAST Software
2019-09-28 11:17 - 2019-01-03 16:08 - 000000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2019-09-28 10:06 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-28 09:56 - 2019-05-27 14:11 - 000004718 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-28 09:56 - 2019-05-27 14:11 - 000004554 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-09-28 09:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-28 09:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-26 19:16 - 2019-01-09 19:38 - 000000000 ____D C:\Program Files\Epic Games
2019-09-26 18:44 - 2019-04-29 21:27 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-24 20:01 - 2019-08-07 11:25 - 000000000 ___DC C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-09-23 16:16 - 2018-01-19 12:57 - 000000000 ___DC C:\Program Files\Mozilla Firefox
2019-09-22 18:02 - 2018-01-19 12:57 - 000001005 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-21 18:45 - 2019-01-03 12:53 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-09-21 18:43 - 2019-01-03 12:39 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-21 18:36 - 2018-12-28 21:02 - 000000000 ___DC C:\Program Files (x86)\EA GAMES
2019-09-21 18:25 - 2019-07-19 12:22 - 000000000 ___DC C:\Users\user\Documents\Unity
2019-09-21 18:19 - 2018-12-28 11:20 - 000000000 ___DC C:\Users\user\Documents\Samsung
2019-09-21 18:18 - 2019-06-21 13:39 - 000000000 ___DC C:\Users\user\Documents\PDF
2019-09-21 18:05 - 2018-12-27 14:54 - 000000000 ___DC C:\Users\user\Documents\Hacking
2019-09-21 17:57 - 2019-02-17 12:13 - 000000000 ____D C:\Users\user\AppData\Local\FiveM
2019-09-21 17:56 - 2019-02-22 12:00 - 000000000 ____D C:\Users\user\AppData\Local\DigitalEntitlements
2019-09-21 13:49 - 2019-02-14 13:23 - 000000000 ___DC C:\Users\user\Documents\Rockstar Games
2019-09-21 13:49 - 2019-01-19 17:17 - 000000000 ____D C:\Users\user\AppData\Local\Rockstar Games
2019-09-21 13:47 - 2018-01-19 20:52 - 000000000 ___DC C:\ProgramData\Package Cache
2019-09-21 11:33 - 2019-01-18 12:04 - 000000914 ____C C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-09-21 11:29 - 2019-01-03 17:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-20 17:01 - 2018-12-30 10:57 - 000000000 ___DC C:\Users\user\Documents\Petits logiciels

==================== Files in the root of some directories ================

2019-06-02 11:48 - 2019-06-02 11:48 - 000000288 _____ () C:\Users\user\AppData\Roaming\.backup.dm
2019-08-28 17:14 - 2019-08-28 17:14 - 000000033 _____ () C:\Users\user\AppData\Roaming\AdobeWLCMCache.dat
2019-01-04 11:47 - 2019-01-04 11:47 - 000000410 _____ () C:\Users\user\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================