Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021 Ran by fred (administrator) on FRED-PC (MSI MS-7823) (19-11-2021 18:12:47) Running from D:\ Loaded Profiles: fred Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-11-06] (Avast Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\Run: [GoogleChromeAutoLaunch_1C75F5F3159E2E0C8F34EC22B661D718] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {021cd092-487f-11e9-91bd-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {29e6cbd5-e47c-11eb-90c5-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {3473335d-a930-11e9-b9cd-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {59742823-30aa-11ec-9725-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {7c1675e1-21a8-11eb-a790-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {f1e10349-7963-11ea-a57a-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {f5b827ec-b2db-11eb-936c-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-729469640-962268137-2637447246-1000\...\MountPoints2: {fb19052f-2cb7-11ec-934a-d43d7edcd454} - D:\HiSuiteDownLoader.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-02] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {14F45F94-5007-41D1-90C3-26CF6ECB8821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.) Task: {1EFC2D5F-27C6-4161-B43B-77389A218410} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) Task: {204F8A2C-6BB5-42FB-9FA6-5D4919E88300} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4754712 2021-10-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid d129b3ea-f1ab-4cf0-aaa7-d8a7baaed0a3 Task: {2CB3BF5F-4031-4063-AAA6-7E76AE065CDD} - System32\Tasks\CCleanerSkipUAC - fred => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {53E707FD-FA5E-43FF-9578-EADC2DDFB34A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {6238CD2B-6FCF-4A1C-B153-6D0CA6888405} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform) Task: {6E7B17BE-4D63-4CC5-8433-9F7CE1FD7E6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {77AE539C-2B46-49ED-8347-024502FC914E} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6386968 2021-10-14] (Avast Software s.r.o. -> Avast Software) Task: {9671F186-6D6C-4F92-9A5E-6030E550DEF7} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) Task: {973E5147-5AB1-415F-B3C3-85F773AA97C3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe) Task: {B1FC9476-C7A2-406E-BD67-97C983EF8829} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4974872 2021-11-06] (Avast Software s.r.o. -> AVAST Software) Task: {BEA36F15-8977-4B7B-A865-E9C588680C2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {EE551D57-A3E0-4074-A52F-E5B0C5852787} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.) Task: {FD645859-FFBD-4BA8-BAF8-A9D4FE9DF4BD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-729469640-962268137-2637447246-1000] => http=127.0.0.1:49284;https=127.0.0.1:49284 Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{84CCB3EB-9450-4E17-BC9E-B9B473D9E26D}: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-11-09] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default [2021-11-19] CHR Notifications: Default -> hxxps://intercrack.net; hxxps://outlook.live.com; hxxps://www.annuaire-telechargement.al; hxxps://www.pinterest.fr; hxxps://www.zone-telechargement.al CHR HomePage: Default -> hxxp://www.google.com/ CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html" CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=opensearch CHR DefaultSearchKeyword: Default -> ecosia.org CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/autocomplete?q={searchTerms}&type=list CHR Extension: (Slides) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-21] CHR Extension: (Docs) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-21] CHR Extension: (Google Drive) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-21] CHR Extension: (Ecosia Search) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2021-05-20] CHR Extension: (Thea) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eempehimgjdipjalffmbnmjeanfkjiac [2021-11-12] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-11-07] CHR Extension: (Sheets) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-21] CHR Extension: (Google Docs hors connexion) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20] CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-11-12] CHR Extension: (Testapic - Test Utilisateur à distance) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcpehlhkigdkffkkbimmaocmbpgfbbp [2020-05-11] CHR Extension: (Poulpeo : cashback, réductions et codes promo) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelehponoadknmgbnmgkcniabpopckme [2021-11-08] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Gmail) - C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Profile: C:\Users\fred\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-02] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ATTENTION: => Could not perform signature verification. Cryptographic Service is not running. S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8376400 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [680728 2021-11-06] (Avast Software s.r.o. -> AVAST Software) S4 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [427800 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation) S4 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) S4 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S4 COMSysApp; C:\Windows\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S4 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [6582552 2021-10-21] (Avast Software s.r.o. -> AVAST Software) S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-09-17] (Huawei Technologies Co., Ltd. -> ) S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-11-09] (McAfee, LLC -> McAfee, LLC) S4 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-11-29] (LAVASOFT SOFTWARE CANADA INC -> ) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35704 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [222112 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [372232 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99344 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41344 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184648 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [538976 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107848 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82904 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852216 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [557648 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214384 2021-11-06] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317696 2021-11-10] (Avast Software s.r.o. -> AVAST Software) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2020-11-19] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) Error Reading file: "C:\Users\fred\Downloads\Your-File-Is-Ready-To-Download_846325.exe" Error Reading file: "C:\Users\fred\Downloads\This computer is BLOCKED.htm" Error Reading file: "C:\Users\fred\Downloads\download_manager_14293.exe" 2021-11-19 18:12 - 2021-11-19 18:13 - 000000000 ____D C:\FRST 2021-11-15 15:09 - 2021-11-15 15:09 - 000061286 _____ C:\Windows\ntbtlog.txt 2021-11-13 18:58 - 2021-11-13 18:58 - 000000000 ____D C:\Users\fred\AppData\Local\ElevatedDiagnostics 2021-11-12 15:07 - 2021-11-12 15:33 - 000000000 ____D C:\Windows\pss 2021-11-11 20:42 - 2021-11-11 20:47 - 933855940 _____ C:\Users\fred\Downloads\-Un.Amour.Impossible.2018.FRENCH.BDRip.x264.mkv 2021-11-11 20:35 - 2021-11-11 20:42 - 399503258 _____ C:\Users\fred\Downloads\The.Favourite.2018.FRENCH.720p.BluRay.x264.AC3-VENUE.mkv 2021-11-10 18:22 - 2021-11-10 18:24 - 1478861836 _____ C:\Users\fred\Downloads\Time.Out.2011.TRUEFRENCH.HD.720p.mp4 2021-11-09 19:14 - 2021-11-09 19:19 - 965859043 _____ C:\Users\fred\Downloads\Ca.Commence.Aujourd.Hui.1999.FRENCH.BDRip.x264-LOFiDEL.mkv 2021-11-08 20:14 - 2021-11-08 20:20 - 881177071 _____ C:\Users\fred\Downloads\Free.Guy.2021.FRENCH.BRRip.x264-Scaph-www2.tirexo.work.mkv 2021-11-08 19:51 - 2021-11-08 19:52 - 775686768 _____ C:\Users\fred\Downloads\Burden.2018.FRENCH.BDRip.x264-EXTREME-www2.tirexo.work.mkv 2021-11-08 15:47 - 2021-11-08 15:50 - 2062925839 _____ C:\Users\fred\Downloads\Silver.Skates.2020.FRENCH.720p.HDLight.x264.AC3-EXTREME-www2.tirexo.work.mkv 2021-11-07 19:13 - 2021-11-07 19:16 - 1619315299 _____ C:\Users\fred\Downloads\The.Last.Letter.from.Your.Lover.2021.FRENCH.720p.WEB.x264-EXTREME-www2.tirexo.work.mkv 2021-11-07 17:25 - 2021-11-07 17:36 - 1978435231 _____ C:\Users\fred\Downloads\Blanc Bleu Rouge - E04 - L'écharpe de Coblence - Décembre 1791.mkv 2021-11-07 14:41 - 2021-11-07 14:43 - 1766340117 _____ C:\Users\fred\Downloads\Blanc Bleu Rouge - E03 - La violence parisienne - Octobre 1789.mkv 2021-11-07 12:51 - 2021-11-07 13:02 - 1915754097 _____ C:\Users\fred\Downloads\Blanc Bleu Rouge - E02 - Les noces de Brecheville - Août 1789.mkv 2021-11-07 12:47 - 2021-11-07 12:49 - 1865648233 _____ C:\Users\fred\Downloads\Blanc Bleu Rouge - E01 - Les fièvres de lété - Juin 1789.mkv 2021-11-06 10:45 - 2021-11-06 10:45 - 000214384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2021-11-06 10:45 - 2021-11-06 10:45 - 000044568 _____ () C:\Windows\system32\Drivers\staport.sys 2021-11-06 10:45 - 2021-11-06 10:44 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2021-11-02 18:45 - 2021-11-02 18:45 - 000133774 _____ C:\Users\fred\Documents\courrier pole emploi Eve.pdf 2021-11-01 11:59 - 2021-11-01 11:59 - 000002608 _____ C:\Users\fred\Desktop\Pinterest.lnk 2021-10-28 21:26 - 2021-10-28 22:20 - 584943543 _____ C:\Users\fred\Downloads\Heroes.S01.FRENCH.DVDRiP.XVID-PEPiTO.rar 2021-10-26 19:15 - 2021-10-26 19:32 - 2969491778 _____ C:\Users\fred\Downloads\Misfits.S03.FRENCH.LD.DVDRip.XviD-JMT-Zone-Telechargement.Ws.rar 2021-10-26 13:42 - 2021-10-26 13:42 - 000082994 _____ C:\Users\fred\Downloads\Le tissu paroles alti.pdf 2021-10-26 13:42 - 2021-10-26 13:42 - 000062584 _____ C:\Users\fred\Downloads\Le baiser paroles alti.pdf 2021-10-26 13:42 - 2021-10-26 13:42 - 000059853 _____ C:\Users\fred\Downloads\Super mamie paroles alti.pdf 2021-10-26 13:38 - 2021-10-26 13:38 - 000052844 _____ C:\Users\fred\Downloads\Tous les mêmes paroles alti.pdf 2021-10-26 13:38 - 2021-10-26 13:38 - 000050770 _____ C:\Users\fred\Downloads\La femme chocolat paroles alti.pdf 2021-10-26 13:38 - 2021-10-26 13:38 - 000046125 _____ C:\Users\fred\Downloads\Une petite robe noire paroles alti.pdf 2021-10-26 13:33 - 2021-10-26 13:33 - 000161128 _____ C:\Users\fred\Downloads\BIO20211026_C1102653423_MESANALYSES.pdf 2021-10-26 09:32 - 2021-10-26 09:32 - 000000265 _____ C:\Users\fred\Downloads\stream128.asx 2021-10-22 20:01 - 2021-10-22 20:16 - 2567286057 _____ C:\Users\fred\Downloads\Misfits.S02.FRENCH.DVDRip.XviD-JMT-Zone-Telechargement.Ws.rar 2021-10-22 13:55 - 2021-10-22 13:55 - 308694992 _____ C:\Users\fred\Downloads\Open.your.Eyes.S01E03.FRENCH.WEB-DL.720p.H264.mp4 2021-10-22 09:21 - 2021-10-22 09:22 - 340086301 _____ C:\Users\fred\Downloads\Open.your.Eyes.S01E02.FRENCH.WEB-DL.720p.H264.mp4 2021-10-22 07:37 - 2021-10-22 07:37 - 367916041 _____ C:\Users\fred\Downloads\Open.your.Eyes.S01E01.FRENCH.WEB-DL.720p.H264.mp4 2021-10-21 20:23 - 2021-10-21 20:23 - 002850680 _____ C:\Users\fred\Documents\CarteReseauBreizhGo.pdf 2021-10-20 12:08 - 2021-10-20 12:11 - 2420284995 _____ C:\Users\fred\Downloads\Utopia.S02E06.FiNAL.MULTI.720p.BluRay.x264-NoNE.mkv ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-11-19 18:10 - 2019-02-19 12:27 - 000000000 ____D C:\Users\fred\AppData\Local\Free Download Manager 2021-11-19 18:09 - 2018-11-22 10:08 - 000000000 ____D C:\ProgramData\AVAST Software 2021-11-19 10:49 - 2009-07-14 05:45 - 000030992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2021-11-19 10:49 - 2009-07-14 05:45 - 000030992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2021-11-19 10:43 - 2020-02-20 09:45 - 000000000 ____D C:\Program Files\CCleaner 2021-11-15 15:36 - 2018-11-23 12:44 - 000000000 ____D C:\Users\fred\AppData\Roaming\vlc 2021-11-13 18:50 - 2020-04-02 11:11 - 000009728 ___SH C:\Users\fred\Thumbs.db 2021-11-13 09:56 - 2020-11-03 18:46 - 000000000 ____D C:\Users\fred\AppData\Roaming\Slack 2021-11-13 08:06 - 2021-09-06 11:29 - 000000000 ____D C:\Users\fred\AppData\Local\CrashDumps 2021-11-13 08:06 - 2018-11-23 10:20 - 000000000 ____D C:\Windows\Minidump 2021-11-12 23:02 - 2018-11-21 17:07 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-12 15:22 - 2021-09-04 22:42 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - fred 2021-11-12 15:22 - 2020-02-20 09:45 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-11-12 15:22 - 2020-02-20 09:45 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2021-11-12 15:22 - 2019-02-19 12:27 - 000002746 _____ C:\Windows\system32\Tasks\FreeDownloadManagerNetworkMonitor 2021-11-12 15:22 - 2018-12-10 13:39 - 000004470 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2021-11-12 15:22 - 2018-11-29 14:18 - 000004458 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2021-11-12 15:22 - 2018-11-29 14:18 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2021-11-12 15:22 - 2018-11-24 10:24 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2021-11-12 15:22 - 2018-11-22 10:09 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2021-11-12 15:22 - 2018-11-21 17:07 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-11-12 15:22 - 2018-11-21 17:07 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-11-12 15:22 - 2018-11-21 17:02 - 000003918 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{DF064503-A5F0-4234-86EB-481D402B5BF7} 2021-11-12 08:06 - 2020-03-24 19:22 - 000000000 ____D C:\Users\fred\AppData\Roaming\FAHClient 2021-11-12 08:03 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-11-11 20:54 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2021-11-11 20:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2021-11-11 09:13 - 2018-11-21 19:37 - 000000000 ____D C:\Windows\system32\MRT 2021-11-11 09:08 - 2018-11-21 19:37 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-11-10 10:45 - 2018-11-22 10:09 - 000317696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2021-11-07 07:19 - 2019-03-14 14:29 - 000002003 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2021-11-06 10:45 - 2020-10-15 01:49 - 000184648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2021-11-06 10:45 - 2020-04-15 08:00 - 000538976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2021-11-06 10:45 - 2019-01-04 10:27 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2021-11-06 10:45 - 2019-01-04 10:27 - 000099344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2021-11-06 10:45 - 2018-11-22 10:09 - 000557648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2021-11-06 10:45 - 2018-11-22 10:09 - 000107848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2021-11-06 10:45 - 2018-11-22 10:09 - 000082904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2021-11-06 10:45 - 2018-11-22 10:09 - 000041344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2021-11-06 10:45 - 2018-11-22 10:09 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2021-11-06 10:44 - 2019-01-14 18:14 - 000372232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2021-11-06 10:44 - 2019-01-04 10:27 - 000035704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2021-11-06 10:44 - 2018-11-22 10:09 - 000852216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2021-11-06 10:44 - 2018-11-22 10:09 - 000222112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2021-11-01 11:59 - 2021-10-02 22:30 - 000000000 ____D C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome ==================== Files in the root of some directories ======== 2021-03-26 00:27 - 2021-03-26 00:27 - 010055680 _____ () C:\Program Files (x86)\GUT9639.tmp ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\system32\dllhost.exe => MD5 is legit C:\Windows\SysWOW64\dllhost.exe => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2021-11-08 09:46 ==================== End of FRST.txt ========================