Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Lucas (administrator) on LUCAS-PC (06-08-2018 22:50:18)
Running from C:\Users\Lucas\Desktop
Loaded Profiles: Lucas (Available Profiles: Lucas)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\ProgramData\NVIDIA\NvBackend.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\Lucas\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Lucas\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Lucas\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Lucas\AppData\Local\Discord\app-0.0.301\Discord.exe
() C:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\bin64\BlackDesert64.exe
(Wellbia.com Co., Ltd.) C:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\bin64\xc\na\2\xcoronahost.xem
(Wellbia.com) C:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\bin64\xc\na\2\xxd-0.xem
(Coherent Labs) C:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Coherent Labs) C:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Coherent Labs) C:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,"C:\Windows\system32\jusched.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\...\RunOnce: [NVIDIA Backend] => C:\ProgramData\NVIDIA\NvBackend.exe [798208 2017-08-30] (NVIDIA Corporation)
HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\...\MountPoints2: {4f31f383-9092-11e7-8be8-bc5ff4781251} - J:\setup.exe
HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\...\MountPoints2: {cf627eff-00c7-11e7-8adf-bc5ff4781251} - D:\setup.exe
HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\...\MountPoints2: {cf627f04-00c7-11e7-8adf-bc5ff4781251} - I:\setup.exe
HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\...\Winlogon: [Shell] explorer.exe,"C:\Users\Lucas\AppData\Roaming\jusched.exe" <==== ATTENTION
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
IFEO\AvastSvc.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\AvastUI.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avcenter.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avconfig.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avgidsagent.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avgnt.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avgrsx.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avguard.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avgui.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avp.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\avscan.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\bdagent.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\blindman.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\ccleaner.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\ccuac.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\ComboFix.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\egui.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\gsam.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\hijackthis.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\instup.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\keyscrambler.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mbam.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mbamgui.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mbampt.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mbamservice.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mbar.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\mcuicnt.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\MSASCui.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\MsMpEng.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\msseces.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\qhsafemain.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\reimage.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\rstrui.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\rufus-2.12.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\SDFiles.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\SDMain.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\SDWinSec.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\setuphost.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\shutup10.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\spybotsd.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\unlocker.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\wireshark.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\zhpcleaner.exe: [Debugger] C:\Windows\System32\svchost.exe
IFEO\zlclient.exe: [Debugger] C:\Windows\System32\svchost.exe
Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RzSynapse.exe - Raccourci.lnk [2018-08-06]
Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe [2018-08-06] ()
Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StikyNot.exe - Raccourci.lnk [2018-08-06]
Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-08-06]
BootExecute: autocheck autochk /k:C *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{49FF7BED-82E8-4B2F-85E9-10B2D1276CF7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B4C71816-39C5-478A-832D-BC998FA6088F}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-24] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-07-15] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-15] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\4ImX428b.default [2018-08-06]
FF Extension: (Avira Browser Safety) - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\4ImX428b.default\Extensions\abs@avira.com [2018-07-17]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default [2018-08-06]
CHR Extension: (AdBlock) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Twitch Now) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-05-01]
CHR Extension: (Wonderful Weather) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocinjdjondmhheihhgkbmjkofmomnppd [2018-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2318741642-3001645257-2146963218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8851496 2018-07-22] (Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2018-08-05] (EasyAntiCheat Ltd)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-20] (Hi-Rez Studios) [File not signed]
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-10] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-10-09] (Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002720 2017-10-09] (Electronic Arts)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2017-04-28] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-04-28] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2018-01-09] (Razer Inc)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-04] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-02] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-10] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-10] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-10] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [52248 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-21] (The OpenVPN Project)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2017-04-20] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
R3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-06 22:50 - 2018-08-06 22:51 - 000022457 _____ C:\Users\Lucas\Desktop\FRST.txt
2018-08-06 22:48 - 2018-08-06 22:48 - 002412544 _____ (Farbar) C:\Users\Lucas\Desktop\FRST64.exe
2018-08-06 22:46 - 2018-08-06 22:46 - 003265408 _____ C:\Users\Lucas\Desktop\ZHPCleaner.exe
2018-08-06 22:24 - 2018-08-06 22:25 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\discord
2018-08-06 22:24 - 2018-08-06 22:24 - 000000000 ____D C:\Users\Lucas\AppData\Local\Discord
2018-08-06 21:49 - 2018-08-06 21:49 - 002754903 _____ C:\Users\Lucas\Downloads\bdofont.zip
2018-08-06 21:16 - 2018-08-06 21:16 - 000326786 _____ C:\Users\Lucas\Desktop\ZHPDiag.txt
2018-08-06 20:53 - 2018-08-06 21:16 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\ZHP
2018-08-06 20:53 - 2018-08-06 20:55 - 000000820 _____ C:\Users\Lucas\Desktop\ZHPDiag.lnk
2018-08-06 20:53 - 2018-08-06 20:53 - 003157376 _____ C:\Users\Lucas\Desktop\ZHPDiag3.exe
2018-08-06 20:53 - 2018-08-06 20:53 - 000000000 ____D C:\Users\Lucas\AppData\Local\ZHP
2018-08-06 20:50 - 2018-08-06 20:50 - 000000000 ____D C:\Users\Lucas\AppData\Local\DeadByDaylight
2018-08-06 20:50 - 2018-08-05 19:13 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2018-08-06 20:34 - 2018-08-06 22:44 - 000000000 ____D C:\Users\Lucas\AppData\LocalLow\Mozilla
2018-08-06 20:34 - 2018-08-06 20:40 - 000000000 ____D C:\Users\Lucas\AppData\Local\Mozilla
2018-08-06 20:34 - 2018-08-06 20:34 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-06 20:34 - 2018-08-06 20:34 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-08-06 20:33 - 2018-08-06 20:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-06 20:33 - 2018-08-06 20:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-06 20:31 - 2018-08-06 20:31 - 000313896 _____ (Mozilla) C:\Users\Lucas\Downloads\Firefox Installer.exe
2018-08-06 20:25 - 2018-08-06 20:25 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\VS Revo Group
2018-08-06 20:24 - 2018-08-06 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-08-06 20:24 - 2018-08-06 20:24 - 000000000 ____D C:\Program Files\VS Revo Group
2018-08-06 20:22 - 2018-08-06 20:24 - 007197480 _____ (VS Revo Group ) C:\Users\Lucas\Downloads\revosetup.exe
2018-08-06 19:05 - 2018-08-06 19:05 - 014990824 _____ (Microsoft Corporation) C:\Users\Lucas\Downloads\vc_redist.x64.exe
2018-08-06 19:04 - 2018-08-06 19:05 - 007201032 _____ (Microsoft Corporation) C:\Users\Lucas\Downloads\vcredist_x64 (1).exe
2018-08-06 19:04 - 2018-08-06 19:04 - 007186992 _____ (Microsoft Corporation) C:\Users\Lucas\Downloads\en_visual_cpp_redistributable_for_visual_studio_2012_update_4_x64_3161523.exe
2018-08-06 19:03 - 2018-08-06 19:04 - 005718872 _____ (Microsoft Corporation) C:\Users\Lucas\Downloads\vcredist_x64.exe
2018-08-06 18:59 - 2018-08-01 11:48 - 040093528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 040346816 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 035250008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 032364408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 031248608 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 025964960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 019085184 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 017754360 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 017012184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-08-06 18:59 - 2018-08-01 11:47 - 015694648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 013728760 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 011273816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 003967960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 003505448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 002002448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439882.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 001564016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 001467920 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439882.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 001420480 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 001218032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 001159112 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 001093816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000906832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000629112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000546888 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000518968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000505784 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000464736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000419864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000182640 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000164808 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000159752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-08-06 18:59 - 2018-08-01 11:47 - 000142672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-08-06 18:59 - 2018-08-01 11:46 - 015168696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-08-06 18:59 - 2018-08-01 11:46 - 004084104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-08-06 18:44 - 2018-08-06 18:44 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:44 - 2018-08-06 18:44 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:44 - 2018-07-19 22:20 - 002340392 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-08-06 18:44 - 2018-07-19 22:20 - 001936424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-08-06 18:44 - 2018-07-19 22:20 - 001311784 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-08-06 18:43 - 2018-08-06 18:43 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-08-06 18:43 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-06 18:43 - 2018-04-24 19:29 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-08-06 17:40 - 2018-08-06 17:40 - 000000000 ____D C:\Users\Lucas\AppData\Local\Package Cache
2018-08-06 01:52 - 2018-08-06 01:52 - 000000038 _____ C:\Users\Lucas\AppData\Roaming\pidloc.txt
2018-08-06 01:52 - 2018-08-06 01:52 - 000000004 _____ C:\Users\Lucas\AppData\Roaming\pid.txt
2018-08-06 00:59 - 2018-08-06 00:59 - 000000000 ____D C:\Program Files (x86)\NTFS Manager
2018-08-06 00:22 - 2018-08-06 00:22 - 000287525 _____ C:\Users\Lucas\Desktop\popstar_external_fivem_[unknowncheats.me]_.zip
2018-08-06 00:21 - 2018-08-06 00:22 - 000287525 _____ C:\Users\Lucas\Downloads\popstar_external_fivem_[unknowncheats.me]_.zip
2018-08-05 19:13 - 2018-08-05 19:13 - 000000222 _____ C:\Users\Lucas\Desktop\Dead by Daylight.url
2018-08-03 17:10 - 2018-08-03 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2018-08-03 17:10 - 2018-08-03 17:10 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2018-08-03 17:02 - 2018-08-03 17:02 - 000000000 ____D C:\Users\Lucas\AppData\Local\BattlEye
2018-08-03 17:00 - 2018-08-03 17:00 - 000967553 _____ C:\Users\Lucas\Desktop\DLC unlocker.rar
2018-08-02 20:10 - 2018-08-02 20:10 - 000000222 _____ C:\Users\Lucas\Desktop\Arma 3.url
2018-08-02 14:09 - 2018-08-02 14:09 - 002691584 _____ (cfx-collective) C:\Users\Lucas\Downloads\FiveM.exe
2018-07-28 17:48 - 2018-07-28 17:48 - 000000000 ____D C:\Users\Lucas\AppData\Local\TeamViewer
2018-07-28 17:46 - 2018-06-20 21:46 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-07-28 17:43 - 2018-08-06 19:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-07-28 17:43 - 2018-07-28 17:43 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-07-24 12:28 - 2018-07-24 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-22 12:25 - 2018-07-24 12:28 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-19 07:46 - 2018-06-13 18:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-19 07:46 - 2018-06-13 18:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-19 07:46 - 2018-06-08 15:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-19 07:46 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-18 18:25 - 2018-07-18 18:25 - 000000000 ___HD C:\$WINDOWS.~BT
2018-07-18 17:15 - 2018-07-18 18:25 - 000001908 _____ C:\Windows\diagwrn.xml
2018-07-18 17:15 - 2018-07-18 18:25 - 000001908 _____ C:\Windows\diagerr.xml
2018-07-18 17:04 - 2018-07-18 18:25 - 000000036 _____ C:\Windows\progress.ini
2018-07-18 16:30 - 2018-08-06 19:28 - 000000000 ____D C:\Windows10Upgrade
2018-07-18 16:30 - 2018-07-18 18:25 - 000000000 ___HD C:\$GetCurrent
2018-07-18 16:30 - 2018-07-18 16:30 - 000000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk
2018-07-18 16:30 - 2018-07-18 16:30 - 000000682 _____ C:\Users\Lucas\Desktop\Assistant Mise à niveau de Windows 10.lnk
2018-07-18 16:28 - 2018-07-18 16:28 - 000000000 ___HD C:\$Windows.~WS
2018-07-18 15:21 - 2018-07-18 15:21 - 000000000 ____D C:\Users\Lucas\AppData\LocalLow\Sandbox Interactive GmbH
2018-07-17 21:30 - 2018-08-06 22:50 - 000000000 ____D C:\FRST
2018-07-17 21:28 - 2018-07-17 21:28 - 000000000 ____D C:\Users\Lucas\Downloads\Quarantine
2018-07-17 20:20 - 2018-07-17 20:21 - 000000000 ____D C:\AdwCleaner
2018-07-17 20:19 - 2018-07-17 20:20 - 007417040 _____ (Malwarebytes) C:\Users\Lucas\Downloads\adwcleaner_7.2.2.exe
2018-07-17 19:07 - 2018-07-28 17:35 - 000000000 ____D C:\Users\Lucas\Documents\Black Desert
2018-07-16 18:03 - 2018-07-16 18:03 - 000000000 ____D C:\Users\Lucas\Documents\My Cheat Tables
2018-07-16 10:55 - 2018-07-16 10:55 - 000001456 _____ C:\Users\Lucas\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2018-07-16 10:40 - 2018-07-16 10:40 - 000000000 ____D C:\Users\Lucas\AppData\Local\Tempzxpsign81339cfea1ea30b6
2018-07-16 10:35 - 2018-07-16 10:35 - 000000000 ____D C:\Users\Lucas\AppData\Local\Tempzxpsign25c0a689276002b1
2018-07-16 09:39 - 2018-07-16 09:39 - 000001612 _____ C:\Users\Lucas\Desktop\Photoshop.exe - Raccourci.lnk
2018-07-16 09:39 - 2018-07-16 09:39 - 000000000 ____D C:\Users\Lucas\AppData\LocalLow\Adobe
2018-07-16 09:39 - 2018-07-16 09:39 - 000000000 ____D C:\Users\Lucas\AppData\Local\Tempzxpsignd9c349a7475c7ea4
2018-07-16 09:39 - 2018-07-16 09:39 - 000000000 ____D C:\Users\Lucas\AppData\Local\Tempzxpsign923415c0e59c7a5e
2018-07-16 09:39 - 2018-07-16 09:39 - 000000000 ____D C:\Users\Lucas\AppData\Local\Tempzxpsign568ce62953648243
2018-07-16 09:39 - 2018-07-16 09:39 - 000000000 ____D C:\Users\Lucas\AppData\Local\Tempzxpsign45dd1700fa1a6a79
2018-07-16 09:39 - 2018-07-16 09:39 - 000000000 ____D C:\ProgramData\Adobe
2018-07-16 09:37 - 2017-05-06 08:34 - 000000000 ____D C:\Program Files (x86)\Adobe Photoshop CC 2017
2018-07-15 20:23 - 2018-07-15 20:23 - 000000000 ____D C:\Users\Lucas\AppData\Local\RadicalHeights
2018-07-14 18:09 - 2018-07-14 18:09 - 000000000 ____D C:\Users\Lucas\Documents\Trove

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-06 22:33 - 2016-12-02 05:24 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-06 22:24 - 2018-01-07 19:13 - 000002164 _____ C:\Users\Lucas\Desktop\Discord.lnk
2018-08-06 22:24 - 2017-11-19 16:37 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-08-06 22:24 - 2016-12-05 00:33 - 000000000 ____D C:\Users\Lucas\AppData\Local\SquirrelTemp
2018-08-06 22:23 - 2009-07-14 06:45 - 000022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-06 22:23 - 2009-07-14 06:45 - 000022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-06 22:21 - 2016-12-02 06:57 - 000000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2018-08-06 22:17 - 2016-12-01 19:42 - 000000000 __SHD C:\ProgramData\NVIDIA
2018-08-06 22:14 - 2017-12-22 11:52 - 000003282 _____ C:\Windows\System32\Tasks\NVIDIA Backend
2018-08-06 22:14 - 2017-12-05 22:28 - 000000032 _____ C:\Users\Lucas\Documents\New text document.txt
2018-08-06 22:13 - 2016-12-23 17:15 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-08-06 22:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-06 20:34 - 2017-08-17 16:31 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Mozilla
2018-08-06 20:31 - 2016-12-08 21:18 - 000000000 ____D C:\Users\Lucas\Desktop\Brique à Braque
2018-08-06 20:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-06 20:17 - 2016-12-03 03:37 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\TS3Client
2018-08-06 19:50 - 2017-08-19 17:15 - 000000000 ____D C:\Users\Lucas\AppData\Local\LogMeIn Hamachi
2018-08-06 19:49 - 2016-12-02 05:57 - 000000000 ____D C:\Users\Lucas\AppData\Local\CrashDumps
2018-08-06 19:34 - 2017-02-27 18:50 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\.minecraft
2018-08-06 19:22 - 2016-12-01 19:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-06 19:01 - 2018-04-27 10:42 - 000000000 ____D C:\Windows\system32\unknown
2018-08-06 18:59 - 2016-12-01 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-08-06 18:59 - 2016-12-01 19:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-08-06 18:47 - 2016-12-01 07:05 - 000748682 _____ C:\Windows\system32\perfh00C.dat
2018-08-06 18:47 - 2016-12-01 07:05 - 000150704 _____ C:\Windows\system32\perfc00C.dat
2018-08-06 18:47 - 2009-07-14 07:13 - 001673006 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-06 18:44 - 2016-12-01 19:40 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-06 18:10 - 2017-07-04 21:21 - 000000000 ____D C:\Users\Lucas\AppData\Local\FiveM
2018-08-06 02:06 - 2017-07-28 10:32 - 000000000 ____D C:\Users\Lucas\Documents\Maman
2018-08-04 20:43 - 2016-12-20 20:14 - 000000000 ____D C:\Users\Lucas\AppData\Local\Arma 3 Launcher
2018-08-04 20:35 - 2016-12-20 20:33 - 000000000 ____D C:\Users\Lucas\AppData\Local\Arma 3
2018-08-03 23:16 - 2017-02-27 18:49 - 000000000 ____D C:\Program Files (x86)\Minecraft
2018-08-03 18:16 - 2017-03-07 17:47 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2018-08-03 18:16 - 2017-03-07 17:47 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2018-08-03 17:06 - 2016-12-20 20:33 - 000000000 ____D C:\Users\Lucas\Documents\Arma 3
2018-08-02 14:55 - 2017-07-04 21:29 - 000000000 ____D C:\Users\Lucas\AppData\Local\DigitalEntitlements
2018-08-02 14:09 - 2017-07-04 21:21 - 000000000 ____D C:\Users\Lucas\Downloads\FiveM.app
2018-08-01 11:47 - 2017-10-30 20:11 - 023327104 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-08-01 11:47 - 2017-10-30 20:11 - 020352952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-08-01 11:46 - 2016-12-01 19:40 - 004615312 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-08-01 00:42 - 2016-12-01 19:43 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-30 21:08 - 2017-04-08 11:26 - 000041598 _____ C:\Windows\system32\nvinfo.pb
2018-07-30 19:41 - 2016-12-01 19:42 - 005947600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-07-30 19:41 - 2016-12-01 19:42 - 002612264 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-07-30 19:41 - 2016-12-01 19:42 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-07-30 19:41 - 2016-12-01 19:42 - 000634352 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-07-30 19:41 - 2016-12-01 19:42 - 000450768 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-07-30 19:41 - 2016-12-01 19:42 - 000124216 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-07-30 19:41 - 2016-12-01 19:42 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-07-29 11:32 - 2017-12-21 12:41 - 000121992 _____ C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-29 11:31 - 2017-12-21 12:41 - 000470616 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-28 17:43 - 2017-10-22 14:49 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\TeamViewer
2018-07-28 02:07 - 2018-05-02 16:05 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Spotify
2018-07-27 16:03 - 2018-02-24 16:23 - 000000000 ____D C:\Users\Lucas\AppData\Local\Spotify
2018-07-24 12:30 - 2017-11-26 16:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-24 12:28 - 2017-11-26 16:03 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-24 12:28 - 2017-11-26 16:03 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-24 12:28 - 2017-11-26 16:03 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-24 12:28 - 2017-11-26 16:03 - 000002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-24 12:28 - 2017-11-26 16:03 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-24 12:28 - 2017-11-26 16:03 - 000002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-24 12:27 - 2017-11-26 15:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-24 11:03 - 2016-12-01 19:42 - 008253772 _____ C:\Windows\system32\nvcoproc.bin
2018-07-19 23:25 - 2017-03-20 22:35 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-19 19:44 - 2016-12-17 18:33 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-07-19 19:05 - 2016-12-01 20:18 - 001647138 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-19 18:40 - 2016-12-02 06:38 - 000000000 ____D C:\Windows\system32\MRT
2018-07-19 18:35 - 2016-12-02 06:38 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-19 18:32 - 2016-12-01 06:48 - 000000000 ____D C:\Users\Lucas
2018-07-17 21:38 - 2017-08-06 12:19 - 000000000 ____D C:\Users\Lucas\AppData\Local\MEGAsync
2018-07-17 21:38 - 2017-07-19 23:49 - 000000000 ____D C:\Users\Lucas\AppData\Local\Ankama
2018-07-17 21:08 - 2016-12-04 03:10 - 000000000 ____D C:\Program Files\CCleaner
2018-07-17 21:04 - 2017-12-20 23:01 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-07-17 21:04 - 2017-12-20 23:01 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-17 20:59 - 2017-10-26 18:03 - 000000000 _____ C:\Windows\FileLock.bin
2018-07-17 20:58 - 2016-12-01 19:41 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-17 19:08 - 2017-06-10 19:57 - 000000000 ____D C:\Users\Lucas\ansel
2018-07-17 18:20 - 2017-02-26 18:48 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\EasyAntiCheat
2018-07-17 18:20 - 2016-12-13 21:24 - 000000000 ____D C:\Users\Lucas\Documents\My Games
2018-07-17 00:02 - 2016-12-01 20:01 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-16 10:06 - 2016-12-06 19:26 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Adobe
2018-07-16 09:39 - 2017-06-28 13:30 - 000000000 ____D C:\Users\Lucas\AppData\Local\Adobe

==================== Files in the root of some directories =======

2018-06-01 11:14 - 2018-06-01 11:14 - 000000611 _____ () C:\Users\Lucas\AppData\Roaming\AdobeWLCMR2Cache.dat
2017-08-30 18:54 - 2017-08-30 18:54 - 000000032 _____ () C:\Users\Lucas\AppData\Roaming\NvBackend.txt
2018-08-06 01:52 - 2018-08-06 01:52 - 000000004 _____ () C:\Users\Lucas\AppData\Roaming\pid.txt
2018-08-06 01:52 - 2018-08-06 01:52 - 000000038 _____ () C:\Users\Lucas\AppData\Roaming\pidloc.txt
2017-04-25 17:13 - 2017-08-28 15:52 - 000017936 _____ () C:\Users\Lucas\AppData\Roaming\SpeedRunnersLog.txt
2017-08-19 17:53 - 2017-09-06 21:16 - 000000000 _____ () C:\Users\Lucas\AppData\Roaming\svchost.exe
2017-08-18 01:53 - 2017-08-18 01:53 - 000002610 _____ () C:\Users\Lucas\AppData\Roaming\TargetInvocationLog.txt
2018-07-16 10:55 - 2018-07-16 10:55 - 000001456 _____ () C:\Users\Lucas\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-04-20 08:36 - 2017-04-20 08:36 - 000007604 _____ () C:\Users\Lucas\AppData\Local\Resmon.ResmonCfg
2017-08-30 18:54 - 2017-08-30 19:06 - 000000907 _____ () C:\Users\Lucas\AppData\Local\_settings.ini

Some files in TEMP:
====================
2018-08-06 21:19 - 2018-08-06 22:33 - 000000079 _____ () C:\Users\Lucas\AppData\Local\Temp\08b072d8e03b11d68a28296164adceb4.dll
2018-08-06 20:57 - 2018-08-06 22:37 - 000000180 _____ () C:\Users\Lucas\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2018-08-04 13:43 - 2018-08-06 22:17 - 000000044 _____ () C:\Users\Lucas\AppData\Local\Temp\c45f766fd7bd1e38de04a3ce844f040b.dll
2018-08-06 18:59 - 2018-05-07 21:26 - 000394640 _____ (NVIDIA Corporation) C:\Users\Lucas\AppData\Local\Temp\nvStInst.exe
2018-08-06 17:41 - 2018-08-06 17:39 - 000099896 _____ () C:\Users\Lucas\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2017-08-24 17:05

==================== End of FRST.txt ============================