Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01 Ran by 33786 (administrator) on AMEL (LENOVO 82HS) (13-05-2024 12:54:39) Running from C:\Users\33786\Downloads\FRST64English.exe Loaded Profiles: 33786 Platform: Microsoft Windows 11 Famille Version 23H2 22631.3527 (X64) Language: Français (France) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Users\33786\AppData\Roaming\utorrent\updates\3.6.0_47082\utorrentie.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe <13> (C:\Users\33786\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\33786\AppData\Roaming\utorrent\helper\helper.exe (C:\Users\33786\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\33786\AppData\Roaming\utorrent\updates\3.6.0_47082\utorrentie.exe <2> (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2> (drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDCUserAgent.exe (DriverStore\FileRepository\cui_dch.inf_amd64_ad4654f43fda305f\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ad4654f43fda305f\igfxEMN.exe (DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_da86a3091f808822\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe (DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\FnHotkeyCapsLKNumLK.exe (DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\FnHotkeyUtility.exe (explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\33786\AppData\Roaming\utorrent\uTorrent.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <40> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_da86a3091f808822\DAX3API.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ad4654f43fda305f\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_db7985d30b50e28f\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_41eb30dc35333897\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_dd6a7ef14d856351\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe (services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe (services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe (services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.5.107.0\McCSPServiceHost.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3> (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_22_12\mcapexe.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe (services.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe <2> (services.exe ->) (Wacom Co., Ltd. -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_d4bbdb64f50c2454\WTabletServiceISD.exe <2> (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2418.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\33786\AppData\Local\Microsoft\OneDrive\24.081.0421.0003\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe [1345104 2021-09-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [424344 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [MicrosoftEdgeAutoLaunch_1644AC2AFAAA8773A3247A31E2564BAD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081208 2024-05-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [Spotify] => C:\Users\33786\AppData\Roaming\Spotify\Spotify.exe [34491720 2024-05-07] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-11-29] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37486056 2024-04-21] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [Discord] => C:\Users\33786\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [utweb] => "C:\Users\33786\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (No File) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2736744 2024-04-15] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-3598866125-3065178254-166024972-1001\...\Run: [ut] => C:\Users\33786\AppData\Roaming\utorrent\uTorrent.exe [2259464 2024-05-01] (BitTorrent Inc -> BitTorrent Limited) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.201\Installer\chrmstp.exe [2024-05-10] (Google LLC -> Google LLC) Startup: C:\Users\33786\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-08-05] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION Task: {BE6A0350-679D-40FD-B66C-1219C03743B2} - System32\Tasks\ArtificiusUpdater => C:\Program Files (x86)\Artificius Web Solutions\Artificius Web\ArtificiusUpdater.exe [1271296 2024-05-02] (Artificius Web Solutions) [File not signed] Task: {086B39F0-FC80-4BAE-91B6-8F1FEA919A5C} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4979096 2024-04-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters). Task: {B65FBF42-A6E4-4F14-8B27-8B796A03C02A} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software) Task: {4BA2EB0B-CD29-42C3-AEBA-77FA4BD6C692} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4979096 2024-04-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters). Task: {D4841AE1-7CAF-40A8-8669-E0D29F9E8F3B} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software) Task: {565230B3-FACD-4C3F-96CB-87B8C45B4214} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5201304 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {0C5187E5-AC6F-45BD-88AC-374DB66FF1D5} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5015960 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters). Task: {F6071BC1-D21F-4D69-85B4-BCB1754CEAEE} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1438616 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {F0BE1048-8077-439F-9188-287214A11653} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7498648 2024-04-26] (Avast Software s.r.o. -> Avast Software) Task: {D66535AE-05F4-458A-BB70-FDF1D46991FF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2348952 2024-04-27] (Avast Software s.r.o. -> Avast Software) Task: {F17CFE46-AC95-4864-A3D3-F3ED8444FD06} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {C5750E49-CD58-4209-A79A-B2F5A6FF5DE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c64ee89a-e864-476e-9312-3905f7a087dc" --version "6.23.11010" --silent Task: {77565FE3-2F9A-4E8F-BF8E-254FDC4E355C} - System32\Tasks\CCleanerSkipUAC - 33786 => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {3DFD2CAD-78E2-43C5-9C7B-F46710AC472E} - System32\Tasks\ChromsteraUpdater => C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe [1204192 2023-08-11] (Dragon Boss Solutions LLC -> Chromstera Solutions) Task: {4F273096-58EC-4D6B-A72C-0D71896E64FB} - System32\Tasks\copy_dlc_unlocker => C:\WINDOWS\system32\xcopy.exe [73728 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> /Y "C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\version.dll" "C:\Program Files\Electronic Arts\EA Desktop\StagedEADesktop\EA Desktop\*" Task: {7EC8C1D8-7971-4DED-AF06-C31507D96DF2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{E3A947FC-C7C7-4D6C-BE36-61FA756B0801} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC) Task: {52C321C1-4AA2-47C3-AD40-1B76BBD7DCF0} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {5261392C-CA48-4CC1-BA93-AA146E0BBAD4} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService Task: {1D2B0741-0947-42DF-8F2D-0FE61AA79C04} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {1C53E869-91B7-45F0-A6A7-62A817CA7669} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9b0eb48b-8c96-413e-9dea-eacfa407a12e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {EA0FFAE0-3A13-4249-89FA-74E195D80C5D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a9f5811b-903d-4773-a332-65579b999c57 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {37ADDC56-5C62-42E8-A1FD-7D288803EDCE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b4db2a13-9cc8-4bc5-8cde-ef22cbc9f78d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {C2B3ECF0-DD36-4F35-8991-B4A8E1001B12} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e885b0ae-2ed3-4795-a5a7-455a49a4704f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {E1508B83-EFCA-4A43-ABD7-F9E359973F2E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f6ad1a1d-686e-4980-a1f7-74960a7e98d7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {7BC59B67-7D3C-4B6E-88DF-1C3F6C24CF0D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3598866125-3065178254-166024972-1001 => C:\Users\33786\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2024-04-15] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {C6BCBEB6-2FAF-4311-BE9A-A228A348B659} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [1631640 2024-04-03] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task Task: {3D770924-716F-49AA-B524-7965E5589AAA} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1521560 2024-04-03] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch Task: {21C99227-700B-41A9-B9B4-F3DDCD3C3560} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1521560 2024-04-03] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData) Task: {C2AD72CD-B866-41B1-A33C-FBA8CE18C621} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210 Task: {BEB06B79-6D43-4A9F-BBBC-1E70BD54A16F} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90600 2023-11-02] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle Task: {16B42DAB-78CD-44A2-91DB-76DC96F4BDEE} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.) Task: {CA13CACE-40F9-4FC6-B640-0581ED54A139} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService Task: {6EE9EC4B-8946-4CFC-A29F-8A431685B252} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {79A89F00-A184-427C-8D23-2B38F0967B37} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {AF0F0418-FD90-49A2-9E22-B8B76DFBDE02} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {D3293A2B-3CCF-47E1-8E2A-F05E9C304C22} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {0A4A93F2-7B53-406D-BBD7-FA7C74E877C9} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {FD3E2A6A-A3B8-4474-8713-BBCC0E4A5EBF} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {C0E61EF0-2DFD-4474-8955-6F62F31F3AC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBoostAddin.Prompt => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe LenovoBoostAddin.Prompt (No File) Task: {5100BA4E-D7BB-4BFF-AD61-4215E70DF667} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {A6931EC1-288D-4F17-914B-82DC6596E678} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {BD76EB80-14D5-4E05-8433-BC76ED12DC5F} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File) Task: {9D659D41-F00E-4CA5-95DA-5F2D9FF1BEC2} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {AE74B8CA-2528-4251-B171-909F6BE5BF42} - System32\Tasks\Lenovo\Vantage\Schedule\SmartLock.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {01A5344F-B5CA-4A67-B0A3-25FE2DAFBAAC} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {17DC74C4-15AD-4D03-841A-CAC3D6942612} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo) Task: {8C77940E-C0D5-4D54-B864-E044EE39DCE4} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo) Task: {FE0E2FB5-6E18-428D-A937-1B73F19E16C1} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.114\DADUpdater.exe [4096576 2024-02-15] (McAfee, LLC -> McAfee, LLC) Task: {BF5A8E76-A021-415D-894A-31C8E23B6A14} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [931056 2023-02-20] (McAfee, LLC -> McAfee, LLC) Task: {E74F922E-4C54-44EB-83F9-5C923826BA83} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [931056 2023-02-20] (McAfee, LLC -> McAfee, LLC) Task: {D890FC19-97C6-4A4F-8F26-44A8276E3A25} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC) Task: {EE830634-B727-4A37-B2CC-F84030F5785C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation) Task: {034CEB5F-C96A-4740-BCBC-EF61FDFF9A2D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation) Task: {DD90F2E6-EB89-400A-A445-A6B880FA2BC0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Task: {8FEC3910-9B33-4F76-B919-2CD3CE2A6943} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Task: {94681ADE-20A4-4C00-A420-E19EB8D77FD0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-05-09] (Microsoft Corporation -> Microsoft Corporation) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {BD3E9FA3-EFDB-4C77-9F74-A057D57EFCFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EBB1C84F-9B36-46B6-A18F-D128C7B63853} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F3A9CB48-F041-4E05-8966-A3AEDA8F0E9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0A781034-F817-4EEF-AA15-0CE3CBCD1330} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {69E09286-3F54-4160-B572-1273067298D6} - System32\Tasks\Opera scheduled assistant Autoupdate 1713964214 => C:\Users\33786\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\33786\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0) Task: {6A564F73-E463-46B4-858C-60F973292477} - System32\Tasks\Opera scheduled Autoupdate 1713964208 => C:\Users\33786\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File) Task: {83AD6D88-295A-43D0-A891-22B026C9194D} - System32\Tasks\test2 => "C:\Users\33786\Appdata\Local\Diagnostics\syshelp.exe" (No File) Task: {BDB42864-FE8B-48BC-8751-327F9F243F32} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> ) Task: {1E593A78-D6D4-481F-A6E7-FE77F2FB27E1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> ) Task: {7A3D45F2-51E3-4A53-93D2-E18F996061DC} - System32\Tasks\UniversalUpdater => C:\Program Files (x86)\Web Browser Solutions\Web Browser\UniversalUpdater.exe [1271296 2024-05-07] (Web Browser Solutions) [File not signed] (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9a190ad0-52f4-4f80-8e64-dbe6299074fc}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9a190ad0-52f4-4f80-8e64-dbe6299074fc}\05545535D2359435: [DhcpNameServer] 10.7.1.1 Tcpip\..\Interfaces\{9a190ad0-52f4-4f80-8e64-dbe6299074fc}\05545535D2359435: [DhcpDomain] localdomain Tcpip\..\Interfaces\{9a190ad0-52f4-4f80-8e64-dbe6299074fc}\960586F6E6560246560214D656C602D38D3ACD: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{9a190ad0-52f4-4f80-8e64-dbe6299074fc}\C496675626F687D244242403: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9a190ad0-52f4-4f80-8e64-dbe6299074fc}\C496675626F687D244242403: [DhcpDomain] home Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\33786\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-13] Edge Extension: (Google Docs hors connexion) - C:\Users\33786\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-09] Edge Extension: (Edge relevant text changes) - C:\Users\33786\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-09] Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\33786\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-05-09] Edge Extension: (NymphMiniica) - C:\Users\33786\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pclkbdheoglmnioljheccbbdocklibho [2024-05-09] [UpdateUrl:hxxps://crxdragonupdate.com/crx/updates.php] <==== ATTENTION Edge Extension: (Apps Helper) - C:\appsDDhelper [2024-05-03] Edge HKU\S-1-5-21-3598866125-3065178254-166024972-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl] Edge HKLM-x32\...\Edge\Extension: [pclkbdheoglmnioljheccbbdocklibho] - C:\\Users\\33786\\AppData\\Local\\apps.crx [2024-05-02] FireFox: ======== FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2023-03-01] (McAfee, LLC -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2023-03-01] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\33786\AppData\Local\Google\Chrome\User Data\Default [2024-05-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\33786\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-13] CHR Extension: (Apps Helper) - C:\appsDDhelper [2024-05-03] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [bnfckklcmhieappamomdmbgbnicakipl] - C:\\Users\\33786\\AppData\\Local\\apps.crx [2024-05-02] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9152408 2024-05-10] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [766872 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.) R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2302360 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1203608 2024-05-10] (Avast Software s.r.o. -> Gen Digital Inc.) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-04-27] (Avast Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-11-06] (BattlEye Innovations e.K. -> ) S2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18727320 2024-04-27] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248120 2024-05-07] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_da86a3091f808822\DAX3API.exe [2149944 2021-09-02] (Dolby Laboratories, Inc. -> Dolby Laboratories) R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [16925592 2024-04-27] (Avast Software s.r.o. -> AVAST Software) S4 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [14991976 2024-04-15] (Electronic Arts, Inc. -> Electronic Arts) S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [423296 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) S4 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC) S4 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-12] (HP Inc. -> HP Inc.) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_dd6a7ef14d856351\AS\IAS\IntelAudioService.exe [539816 2021-09-01] (Intel Corporation -> Intel) R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe [168776 2024-04-01] (Lenovo -> Lenovo) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo) R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1831672 2022-08-17] (Lenovo -> Lenovo(beijing) Limited) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-04-05] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_12\McApExe.exe [815376 2023-04-05] (McAfee, LLC -> McAfee, LLC) S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [604312 2021-04-22] (McAfee, LLC -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.5.107.0\McCSPServiceHost.exe [3384472 2023-02-28] (McAfee, LLC -> McAfee, LLC) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1570496 2023-02-17] (McAfee, LLC -> McAfee, LLC) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4248712 2022-10-14] (McAfee, LLC -> McAfee, LLC) S4 rsDNSClientSvc; C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe [672912 2024-04-24] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) S4 rsDNSResolver; C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe [11469968 2024-04-24] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) S4 rsDNSSvc; C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe [208528 2024-04-24] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12354968 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.) R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.) S4 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749128 2023-04-13] (Oracle Corporation -> Oracle Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 YMC; C:\WINDOWS\System32\YMC.exe [856928 2021-07-18] (Lenovo -> Lenovo Group Ltd.) S3 EasyAntiCheat_EOS; "C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe" [X] S3 McSecDashboardService; "C:\Program Files\McAfeeDashboard\McSecDashboardService.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20536 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229944 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [379960 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292920 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268856 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548920 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [935992 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695864 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203720 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306120 2024-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [78632 2024-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed] R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70880 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-21] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-21] (Intel Corporation -> Intel Corporation) R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_8dd4e6dd6061449d\IntcUSB.sys [1684544 2021-09-01] (Intel Corporation -> Intel(R) Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [491232 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [354016 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85456 2023-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Trellix US LLC.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [464080 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [949472 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [714600 2022-11-15] (Musarubra US LLC -> Trellix US LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [135024 2022-11-15] (Musarubra US LLC -> Trellix US LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [106720 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [233176 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.) S3 rsDwf; C:\WINDOWS\system32\DRIVERS\rsDwf.sys [54144 2024-04-24] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2023-04-13] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252544 2023-04-13] (Oracle Corporation -> Oracle Corporation) R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082600 2023-04-13] (Oracle Corporation -> Oracle Corporation) R3 WacHIDRouterISDF; C:\WINDOWS\System32\drivers\WacHIDRouterISDF.sys [129712 2022-08-19] (Wacom Co., Ltd. -> Wacom Technology, Corp.) S3 WacHIDRouterISDFV; C:\WINDOWS\System32\drivers\WacHIDRouterISDF.sys [129712 2022-08-19] (Wacom Co., Ltd. -> Wacom Technology, Corp.) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-05-13 12:54 - 2024-05-13 12:55 - 000048221 _____ C:\Users\33786\Downloads\FRST.txt 2024-05-13 12:54 - 2024-05-13 12:54 - 000000000 ____D C:\FRST 2024-05-13 12:53 - 2024-05-13 12:53 - 002394112 _____ (Farbar) C:\Users\33786\Downloads\FRST64English.exe 2024-05-13 12:42 - 2024-05-13 12:42 - 000774296 _____ C:\WINDOWS\system32\perfh00C.dat 2024-05-13 12:42 - 2024-05-13 12:42 - 000149372 _____ C:\WINDOWS\system32\perfc00C.dat 2024-05-13 12:38 - 2024-05-13 12:38 - 006946736 _____ (EnigmaSoft Limited) C:\Users\33786\Downloads\sp-cleaner.exe 2024-05-13 12:38 - 2024-05-13 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2024-05-13 12:21 - 2024-05-13 12:21 - 000001858 _____ C:\Users\33786\Downloads\delete_chrome_policies.bat 2024-05-10 19:59 - 2024-05-10 19:59 - 000000000 ____D C:\Users\33786\Documents\lovlyfe-1.0-dists 2024-05-10 19:29 - 2024-05-10 19:29 - 000074816 _____ C:\WINDOWS\system32\lc.dat 2024-05-10 19:04 - 2024-05-10 19:04 - 000314776 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe 2024-05-09 23:05 - 2024-05-10 19:59 - 000000000 ____D C:\Users\33786\Documents\lovlyfe 2024-05-09 23:00 - 2024-05-09 23:00 - 000000000 ____D C:\ProgramData\Web Browser Solutions 2024-05-09 22:07 - 2024-05-09 22:07 - 000004376 _____ C:\WINDOWS\system32\Tasks\UniversalUpdater 2024-05-09 22:07 - 2024-05-09 22:07 - 000000000 ____D C:\Program Files (x86)\Web Browser Solutions 2024-05-09 22:06 - 2024-05-12 12:45 - 000002409 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-05-09 22:06 - 2024-05-10 19:03 - 000002331 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-05-02 22:13 - 2024-05-03 23:08 - 000012754 _____ C:\Users\33786\AppData\Local\apps.crx 2024-05-01 13:00 - 2024-05-01 13:00 - 000000000 ____D C:\ProgramData\Artificius Web Solutions 2024-04-30 23:14 - 2024-05-03 23:08 - 000004406 _____ C:\WINDOWS\system32\Tasks\ArtificiusUpdater 2024-04-30 23:14 - 2024-05-03 23:08 - 000000000 ____D C:\appsDDhelper 2024-04-30 23:14 - 2024-04-30 23:14 - 000000000 ____D C:\Program Files (x86)\Artificius Web Solutions 2024-04-30 22:37 - 2024-04-30 22:37 - 000000222 _____ C:\Users\33786\Desktop\Life is Strange 2.url 2024-04-30 15:02 - 2024-04-30 15:02 - 000345565 _____ C:\Users\33786\Downloads\Daria Restoration Project Upscaled Complete.torrent 2024-04-29 17:23 - 2024-04-29 17:33 - 000000000 ____D C:\Users\33786\Downloads\Life is Strange - True Colors [FitGirl Repack] 2024-04-29 14:12 - 2024-04-29 18:40 - 000000000 ___HD C:\WINDOWS\msdownld.tmp 2024-04-29 13:30 - 2024-04-29 13:30 - 000001489 _____ C:\Users\Public\Desktop\Life is Strange Remastered.lnk 2024-04-29 13:01 - 2024-04-29 13:08 - 000000000 ____D C:\Users\33786\Downloads\Life is Strange Remastered [FitGirl Repack] 2024-04-27 00:15 - 2024-04-27 00:15 - 000000000 ___HD C:\$AV_ASW 2024-04-27 00:14 - 2024-04-27 00:14 - 000000000 ____D C:\Users\33786\AppData\Local\Avast Software 2024-04-27 00:13 - 2024-04-27 00:13 - 000002161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk 2024-04-27 00:13 - 2024-04-27 00:13 - 000002149 _____ C:\Users\Public\Desktop\Avast One.lnk 2024-04-27 00:13 - 2024-04-27 00:13 - 000000000 ____D C:\WINDOWS\system32\o2 2024-04-27 00:13 - 2024-04-27 00:13 - 000000000 ____D C:\Users\33786\AppData\Roaming\Avast Software 2024-04-27 00:12 - 2024-05-13 12:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2024-04-27 00:12 - 2024-04-27 00:13 - 000000000 ____D C:\Program Files\Avast Software 2024-04-27 00:12 - 2024-04-27 00:12 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe 2024-04-27 00:12 - 2024-04-27 00:12 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2024-04-27 00:11 - 2024-05-13 12:36 - 000000000 ____D C:\ProgramData\Avast Software 2024-04-27 00:11 - 2024-04-27 00:11 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll 2024-04-27 00:11 - 2024-04-27 00:11 - 000271712 _____ (AVAST Software) C:\Users\33786\Downloads\avast_one_free_antivirus.exe 2024-04-25 23:16 - 2024-04-28 20:28 - 000012288 _____ C:\Users\33786\AppData\Roaming\emp.bin 2024-04-25 22:30 - 2024-04-25 22:30 - 000000000 ____D C:\Users\33786\AppData\Roaming\EMPRESS 2024-04-25 12:45 - 2024-04-25 12:49 - 000000000 ____D C:\ProgramData\EA Desktop 2024-04-25 12:42 - 2024-04-27 21:03 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-04-24 21:01 - 2024-04-24 21:13 - 000000000 ____D C:\Users\33786\Downloads\Life is Strange - BtS Remastered [FitGirl Repack] 2024-04-24 15:15 - 2024-05-13 12:54 - 000000000 ____D C:\Users\33786\AppData\Roaming\utorrent 2024-04-24 15:15 - 2024-04-24 15:15 - 000000907 _____ C:\Users\33786\Desktop\µTorrent.lnk 2024-04-24 15:15 - 2024-04-24 15:15 - 000000887 _____ C:\Users\33786\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2024-04-24 15:15 - 2024-04-24 15:15 - 000000000 ____D C:\Users\33786\AppData\LocalLow\uTorrent.WebView2 2024-04-24 15:11 - 2024-04-24 15:11 - 000054144 _____ (Reason CyberSecurity Inc.) C:\WINDOWS\system32\Drivers\rsDwf.sys 2024-04-24 15:11 - 2024-04-24 15:11 - 000000000 ____D C:\ProgramData\DNSBackup 2024-04-24 15:10 - 2024-04-24 20:25 - 000000000 ____D C:\Users\33786\AppData\Roaming\ReasonLabs 2024-04-24 15:10 - 2024-04-24 15:10 - 000004486 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1713964214 2024-04-24 15:10 - 2024-04-24 15:10 - 000004230 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1713964208 2024-04-24 15:09 - 2024-04-24 20:25 - 000000000 ____D C:\ProgramData\ReasonLabs 2024-04-24 15:09 - 2024-04-24 20:25 - 000000000 ____D C:\Program Files\ReasonLabs 2024-04-22 18:00 - 2024-04-22 18:00 - 000050124 _____ C:\Users\33786\Documents\Amel De angeli (2).pdf 2024-04-22 16:06 - 2024-04-22 16:06 - 000050117 _____ C:\Users\33786\Documents\Amel De angeli.pdf 2024-04-20 13:00 - 2024-04-20 13:00 - 000000000 ____D C:\ProgramData\Universal Browser Solutions 2024-04-19 19:09 - 2024-04-19 19:09 - 000000000 ____D C:\Users\33786\AppData\Roaming\Universal Browser Solutions 2024-04-19 19:09 - 2024-04-19 19:09 - 000000000 ____D C:\Program Files (x86)\Universal Browser Solutions 2024-04-19 19:09 - 2024-04-19 19:09 - 000000000 ____D C:\apps-helper 2024-04-13 22:06 - 2024-04-13 22:06 - 000001838 _____ C:\Users\33786\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Life is Strange - Before the Storm.lnk 2024-04-13 12:50 - 2024-04-13 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs 2024-04-13 12:00 - 2024-04-13 12:00 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-04-13 12:00 - 2024-04-13 12:00 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-05-13 12:46 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-05-13 12:42 - 2023-06-04 17:58 - 001713450 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-05-13 12:42 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2024-05-13 12:37 - 2023-08-05 16:11 - 000000000 ____D C:\Users\33786\AppData\Local\BitTorrentHelper 2024-05-13 12:37 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-13 12:36 - 2023-08-27 23:21 - 000000000 ____D C:\Program Files\CCleaner 2024-05-13 12:36 - 2023-06-04 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-05-13 12:36 - 2023-05-03 19:46 - 000000000 ____D C:\Users\33786\AppData\Local\Spotify 2024-05-13 12:36 - 2023-05-03 19:45 - 000000000 ____D C:\Users\33786\AppData\Roaming\Spotify 2024-05-13 12:35 - 2023-06-28 10:40 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2024-05-13 12:35 - 2023-06-04 17:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-05-13 12:35 - 2023-05-03 18:53 - 000000000 __SHD C:\Users\33786\IntelGraphicsProfiles 2024-05-13 12:35 - 2022-06-29 03:14 - 000000000 ___HD C:\Intel 2024-05-13 12:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-05-13 12:35 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-05-13 12:35 - 2021-09-29 23:08 - 000012288 ___SH C:\DumpStack.log.tmp 2024-05-12 17:10 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-12 17:10 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-05-12 17:09 - 2023-06-04 17:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2024-05-12 17:09 - 2023-06-04 15:58 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-05-12 12:45 - 2021-09-29 23:09 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-10 20:33 - 2023-06-19 21:25 - 000000000 ____D C:\Users\33786\AppData\Roaming\Atom 2024-05-10 19:58 - 2023-06-19 19:58 - 000000000 ____D C:\Users\33786\Downloads\renpy-8.1.1-sdk 2024-05-10 19:04 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-05-10 19:01 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-05-09 23:22 - 2023-06-04 17:33 - 000000000 ____D C:\Users\33786 2024-05-09 23:05 - 2023-06-19 20:19 - 000000000 ____D C:\Users\33786\AppData\Roaming\RenPy 2024-05-09 22:59 - 2023-06-01 18:14 - 000000000 ____D C:\Games 2024-05-09 22:37 - 2023-05-03 18:53 - 000000000 ____D C:\Users\33786\AppData\Local\Packages 2024-05-09 22:14 - 2022-06-29 03:09 - 000000000 ____D C:\Program Files\Microsoft Office 2024-05-07 21:40 - 2022-06-29 03:16 - 000000000 ____D C:\Program Files (x86)\Lenovo 2024-05-07 21:36 - 2023-06-04 17:49 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3598866125-3065178254-166024972-1001 2024-05-07 21:36 - 2023-06-04 17:49 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3598866125-3065178254-166024972-1001 2024-05-07 21:36 - 2023-05-03 18:54 - 000002428 _____ C:\Users\33786\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-05-07 21:35 - 2023-06-04 17:49 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-07 21:35 - 2023-06-04 17:49 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-05 15:08 - 2023-05-11 17:53 - 000000000 ____D C:\Users\33786\AppData\Local\CrashDumps 2024-05-04 20:09 - 2023-05-04 16:57 - 000000000 ____D C:\Users\33786\AppData\Roaming\Microsoft\Word 2024-05-02 18:15 - 2023-06-04 17:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2024-05-01 00:06 - 2023-08-24 22:51 - 000000000 ____D C:\Users\33786\Downloads\Profil de AmelLaMamelle140_files 2024-05-01 00:06 - 2023-05-05 13:56 - 000000000 ____D C:\Users\33786\AppData\Roaming\Code 2024-05-01 00:06 - 2023-05-03 22:19 - 000000000 ____D C:\Program Files (x86)\Steam 2024-05-01 00:05 - 2024-02-26 14:53 - 000000000 ____D C:\Users\33786\Downloads\Images 2024-04-30 23:51 - 2023-05-03 19:29 - 000000000 ____D C:\Users\33786\AppData\Roaming\Notepad++ 2024-04-30 23:51 - 2023-05-03 18:53 - 000000000 ____D C:\ProgramData\Packages 2024-04-30 23:49 - 2024-02-26 15:19 - 000000000 ____D C:\Users\33786\Downloads\Gmail 2024-04-30 22:46 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-04-29 19:37 - 2023-05-03 18:53 - 000000000 ____D C:\Users\33786\AppData\Local\D3DSCache 2024-04-29 18:41 - 2023-06-02 12:58 - 000001973 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback 2024-04-29 18:41 - 2023-05-04 13:06 - 000000000 ____D C:\Users\33786\Documents\my games 2024-04-29 18:40 - 2023-08-05 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2024-04-29 12:54 - 2023-06-01 18:14 - 000000017 _____ C:\Users\33786\AppData\Roaming\.cache3678791056.dat 2024-04-28 22:29 - 2023-05-04 06:08 - 000000000 ____D C:\Users\33786\AppData\Local\Steam 2024-04-27 21:03 - 2023-08-30 16:45 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-26 23:43 - 2023-09-11 22:10 - 000000000 ____D C:\Users\33786\AppData\Local\ElevatedDiagnostics 2024-04-25 22:30 - 2023-05-31 14:59 - 000000000 ____D C:\Users\33786\AppData\Local\Dontnod 2024-04-25 17:05 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-04-25 15:46 - 2023-06-04 17:46 - 000617328 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-04-25 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-04-25 15:45 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing 2024-04-25 15:44 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-04-25 15:43 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2024-04-25 15:43 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2024-04-25 15:39 - 2023-06-04 17:49 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-04-25 14:42 - 2023-08-27 23:21 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-04-25 13:23 - 2023-11-10 20:51 - 000000000 ____D C:\Users\33786\Downloads\sims-4-updater-v1.2.3 2024-04-25 13:05 - 2023-06-23 15:21 - 000003570 _____ C:\WINDOWS\system32\Tasks\copy_dlc_unlocker 2024-04-25 13:05 - 2023-05-11 15:22 - 000000000 ____D C:\Users\33786\AppData\Local\anadius 2024-04-25 12:45 - 2023-05-05 06:50 - 000000000 ____D C:\Program Files\Electronic Arts 2024-04-25 12:45 - 2023-05-04 13:07 - 000000000 ____D C:\ProgramData\Package Cache 2024-04-24 15:09 - 2023-08-05 16:10 - 000001876 _____ C:\Users\33786\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2024-04-20 14:38 - 2024-01-13 17:55 - 000000000 ____D C:\Users\33786\Documents\v2 2024-04-18 18:58 - 2023-08-27 23:21 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-04-18 18:58 - 2023-08-27 23:21 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-04-18 18:58 - 2023-08-08 16:45 - 000000000 ____D C:\Users\33786\AppData\Local\LenovoServiceBridge 2024-04-17 19:17 - 2023-05-05 13:56 - 000000000 ____D C:\Users\33786\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2024-04-13 12:50 - 2023-10-12 23:01 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-04-13 12:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-04-13 12:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2024-04-13 12:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning ==================== Files in the root of some directories ======== 2023-06-01 18:14 - 2024-04-29 12:54 - 000000017 _____ () C:\Users\33786\AppData\Roaming\.cache3678791056.dat 2024-04-25 23:16 - 2024-04-28 20:28 - 000012288 _____ () C:\Users\33786\AppData\Roaming\emp.bin 2024-05-02 22:13 - 2024-05-03 23:08 - 000012754 _____ () C:\Users\33786\AppData\Local\apps.crx 2023-05-04 13:59 - 2023-05-07 12:46 - 000000128 _____ () C:\Users\33786\AppData\Local\PUTTY.RND 2024-01-14 20:47 - 2024-01-14 20:47 - 000003714 _____ () C:\Users\33786\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================