Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by eytan (administrator) on LAPTOP-9VNTKIN5 (LENOVO 80TW) (03-05-2022 13:26:37)
Running from C:\Users\eytan\Downloads
Loaded Profiles: eytan & ariel
Platform: Microsoft Windows 10 Home Version 21H2 19044.1645 (X64) Language: French (France) -> English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(DeviceSettingsHeartbeatAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostAddin).exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoHardwareScanAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoSecurityAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoServiceBridgeAddin).exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(SmartInteractAddin).exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(SmartPrivacyAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\PremierOpinion\pmropn.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <2>
(C:\Program Files (x86)\PremierOpinion\pmservice.exe ->) (VOICEFIVE, INC. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\mcafee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <2>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <3>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(C:\Windows\SysWOW64\cmd.exe ->) (VOICEFIVE, INC. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn32.exe
(C:\Windows\SysWOW64\cmd.exe ->) (VOICEFIVE, INC. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmropn64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe <2>
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe <2>
(Discord Inc. -> Discord Inc.) C:\Users\eytan\AppData\Local\Discord\app-1.0.9004\Discord.exe <6>
(explorer.exe ->) (Bloom Ltd) [File not signed] C:\Users\ariel\AppData\Roaming\Bloom\Bloom.exe <8>
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe <2>
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe <2>
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe <2>
(explorer.exe ->) (Globalhop Ltd -> ) C:\Users\ariel\AppData\Local\Programs\RestMinder\RestMinder.exe
(explorer.exe ->) (LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe <2>
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <2>
(PC HELPSOFT LABS INC. -> PC Helpsoft) C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Conexant Systems, Inc.) [File not signed] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (VOICEFIVE, INC. -> VoiceFive, Inc.) C:\Program Files (x86)\PremierOpinion\pmservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <2>
(svchost.exe ->) (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\eytan\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <2>
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Users\eytan\AppData\Local\Temp\HouseCall\HouseCallX_x64\HouseCallX.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-08-31] (LENOVO -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2022-03-03] (Corel Corporation -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-858394339-3323934644-574242159-1002\...\Run: [Discord] => C:\Users\eytan\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-858394339-3323934644-574242159-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ariel\AppData\Local\Microsoft\Teams\Update.exe [2492128 2022-04-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-858394339-3323934644-574242159-1005\...\Run: [Bloom] => C:\Users\ariel\AppData\Roaming\Bloom\Bloom.exe [134332092 2022-04-21] (Bloom Ltd) [File not signed]
HKU\S-1-5-21-858394339-3323934644-574242159-1005\...\Run: [RestMinder] => C:\Users\ariel\AppData\Local\Programs\RestMinder\RestMinder.exe [199232 2021-09-06] (Globalhop Ltd -> )
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01312C79-EF5B-45E3-8692-0E50E310513E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\22c2abab-12c1-4d15-9941-f6b73bebcb3f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {02A39175-C35C-473C-A1C4-62659B6D3200} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0740F482-405F-487A-96E3-F8649D1D5318} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\264979d6-174c-4ed6-a1e4-6399b0a41afd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {090093FC-4BF8-4606-BC7E-A6763871BF34} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7278362b-29d7-4bfc-804d-a4e8071f77ed => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {09D5160B-7620-46EF-9726-C2BC77E28875} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C279905-9905-483E-B69F-AC338974A06C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {0FA9CDD6-CD4E-4B50-989C-03C1ED7964CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {105DB332-0B42-4476-ABC5-65899F5F60D3} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {12BA46F1-13A4-426F-BFFB-95CEA798AC48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13F6E34D-E565-48D3-8E9B-FC939F99DA02} - System32\Tasks\Mozilla\Firefox Default Browser Agent 98E72FA8938D2797 => C:\Users\ariel\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "98E72FA8938D2797"
Task: {14D79BFE-E5D1-43DF-BD16-BD282DBB48F0} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {1CCDCF81-C3F3-4FED-BDAB-84ED4E4FFA0A} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
Task: {293B5095-0820-497E-A743-4A9CCB3FBC9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {3AE4A5F2-55CB-4AF2-BF97-97573C0F4C42} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4404A2C4-94A9-472A-80CD-7C0A9F859555} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
Task: {4D165ADC-7E1B-4E1B-97FF-AA608BE85BDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7475D2B6-81C6-400F-B360-68D2CEFE75E6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {780EBF97-9FDE-4F77-B3CE-C86F52DF1B47} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7B265444-0DE0-462F-AE09-55A8EE2347C6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {93BBB205-953E-49D5-9667-940784F8172B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5f071ab2-487c-49d7-bc65-1ded20895e19 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {9C20E8F8-D514-41C1-A88A-2A08367655DF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A4F42152-42B4-4116-B621-32089497B25F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-23] (Google LLC -> Google LLC)
Task: {A55126CC-DD12-4934-86CB-DBE80EBA707E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-858394339-3323934644-574242159-1005 => C:\Users\eytan\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {A5CE088C-DCD5-41C3-8369-12AFE53AFE51} - System32\Tasks\App Explorer => C:\Users\eytan\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7822896 2021-12-16] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {A7F10893-FA08-4F5A-A8FD-8758445A71DB} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-04-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {B043D153-DDDD-4A85-9814-63459CB0EA92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-23] (Google LLC -> Google LLC)
Task: {B854CEAF-F3DF-40A3-ACA5-3AB0AC261124} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9aeafd2a-80e7-400a-a124-b7b363f38577 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B9DF4B88-B7A0-4D3D-BFB1-19746595F21D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-858394339-3323934644-574242159-1005 => C:\Users\eytan\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {BCEF4323-DF02-498F-96BC-537D29137138} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe control iMControllerService 128
Task: {CE0923B1-8CCB-4E1D-9C95-2188952DD9A0} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {D068A728-0724-4340-8623-C17C5B4C9034} - System32\Tasks\PC Cleaner automatic scan and notifications => C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe [4346904 2022-04-07] (PC HELPSOFT LABS INC. -> PC Helpsoft) <==== ATTENTION
Task: {ED8B352F-9E8B-45CA-9C6E-B4795E205D64} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-11] (CyberLink Corp. -> CyberLink Corp.)
Task: {F027070F-A3A1-4930-BDBB-CA008415EBF6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F14D6E88-CBDC-4829-9E7A-D2D885443C6C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{0f8a7a42-5ad6-4e11-a4ba-6cdbbbafdd06}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a28a4fa2-1312-4fa8-9a9d-ba1de50a34fe}: [DhcpNameServer] 192.168.0.254

Edge:
=======
Edge Profile: C:\Users\eytan\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-02]

FireFox:
========
FF DefaultProfile: vfwkevo9.default
FF ProfilePath: C:\Users\eytan\AppData\Roaming\Mozilla\Firefox\Profiles\vfwkevo9.default [2021-04-07]
FF ProfilePath: C:\Users\eytan\AppData\Roaming\Mozilla\Firefox\Profiles\zsykdtzt.default-release-1651512227697 [2022-05-02]
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\eytan\AppData\Local\Google\Chrome\User Data\Default [2022-05-03]
CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=PV04"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR714G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\eytan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\eytan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\eytan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [666608 2016-03-22] (LENOVO -> Lenovo)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [File not signed]
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1210352 2016-03-23] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe [29968 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8347832 2022-05-02] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [975088 2022-04-22] (McAfee, LLC -> McAfee, LLC)
R2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [2908456 2021-09-17] (VOICEFIVE, INC. -> VoiceFive, Inc.) <==== ATTENTION
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsle78035f1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CB4B9CAB-3227-43D8-8485-E02AF4C8BD26}\MpKslDrv.sys [137464 2022-05-02] (Microsoft Windows -> Microsoft Corporation)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 MpKsl5554a2ca; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{067405AD-7D11-47D7-8083-93D56EA34186}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-03 13:26 - 2022-05-03 13:33 - 000029549 _____ C:\Users\eytan\Downloads\FRST.txt
2022-05-03 13:24 - 2022-05-03 13:31 - 000000000 ____D C:\FRST
2022-05-03 13:21 - 2022-05-03 13:21 - 002366976 _____ (Farbar) C:\Users\eytan\Downloads\FRST64.exe
2022-05-02 20:57 - 2022-05-02 20:57 - 000000000 ____D C:\Users\eytan\AppData\Local\mbam
2022-05-02 20:48 - 2022-05-02 20:48 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-05-02 20:48 - 2022-05-02 20:48 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-05-02 20:48 - 2022-05-02 20:48 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-02 20:47 - 2022-05-02 20:45 - 000103888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-05-02 20:47 - 2022-05-02 20:44 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-05-02 20:43 - 2022-05-02 20:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-02 20:42 - 2022-05-02 20:43 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-02 20:41 - 2022-05-02 20:41 - 002094168 _____ (Malwarebytes) C:\Users\eytan\Downloads\MBSetup-4.4.0.222.exe
2022-05-02 20:40 - 2022-05-02 20:41 - 002443448 _____ (Malwarebytes) C:\Users\eytan\Downloads\MBSetup.exe
2022-05-02 20:15 - 2022-05-03 00:03 - 000003178 _____ C:\WINDOWS\system32\Tasks\PC Cleaner automatic scan and notifications
2022-05-02 20:14 - 2022-05-03 00:03 - 000000000 ____D C:\Program Files (x86)\PC Cleaner
2022-05-02 20:14 - 2022-05-02 20:20 - 000000000 ____D C:\ProgramData\PC Cleaner
2022-05-02 20:14 - 2022-05-02 20:14 - 006552248 _____ (PC Helpsoft ) C:\Users\eytan\Downloads\PC_Cleaner_5383 (1).exe
2022-05-02 20:14 - 2022-05-02 20:14 - 000000000 ____D C:\Users\eytan\AppData\Roaming\PC Cleaner
2022-05-02 20:14 - 2022-05-02 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
2022-05-02 20:07 - 2022-05-02 20:07 - 000989094 _____ C:\Users\eytan\AppData\Local\census.cache
2022-05-02 20:04 - 2022-05-02 20:04 - 000399558 _____ C:\Users\eytan\AppData\Local\ars.cache
2022-05-02 19:29 - 2022-05-02 19:29 - 006552248 _____ (PC Helpsoft ) C:\Users\eytan\Downloads\PC_Cleaner_5383.exe
2022-05-02 19:23 - 2022-05-02 19:23 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-05-02 19:23 - 2022-05-02 19:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-05-02 19:23 - 2022-05-02 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-05-02 19:22 - 2022-05-02 19:22 - 000336504 _____ (Mozilla) C:\Users\eytan\Downloads\Firefox Installer.exe
2022-05-02 19:14 - 2022-05-02 19:14 - 000000010 _____ C:\Users\eytan\AppData\Local\sponge.last.runtime.cache
2022-05-02 19:12 - 2022-05-02 19:12 - 000000000 ____D C:\ProgramData\Trend Micro
2022-05-02 19:11 - 2022-05-02 19:11 - 000000000 ____D C:\WINDOWS\Trend Micro
2022-05-02 19:07 - 2022-05-02 19:07 - 003333936 _____ (Trend Micro Inc.) C:\Users\eytan\Downloads\HousecallLauncher64 (2).exe
2022-05-02 19:06 - 2022-05-02 19:06 - 002405672 _____ (Trend Micro Inc.) C:\Users\eytan\Downloads\HousecallLauncher64.exe
2022-05-02 19:06 - 2022-05-02 19:06 - 002405672 _____ (Trend Micro Inc.) C:\Users\eytan\Downloads\HousecallLauncher64 (1).exe
2022-05-02 19:06 - 2022-05-02 19:06 - 000000036 _____ C:\Users\eytan\AppData\Local\housecall.guid.cache
2022-04-29 23:49 - 2022-04-29 23:49 - 000835496 _____ C:\Users\ariel\Downloads\pafgsref.webp
2022-04-29 23:47 - 2022-04-29 23:47 - 000023590 _____ C:\Users\ariel\Downloads\pageant.webp
2022-04-28 20:46 - 2022-04-28 21:11 - 000000000 ____D C:\Users\ariel\Downloads\Soulcalibur II (USA)
2022-04-28 20:08 - 2019-11-27 09:44 - 1048721408 _____ C:\Users\ariel\Downloads\Legend of Zelda, The - Twilight Princess (USA).nkit.iso
2022-04-28 20:05 - 2022-04-28 20:05 - 000000000 ____D C:\Users\ariel\Downloads\Legend of Zelda, The Collector's Edition
2022-04-28 19:39 - 2022-04-28 20:30 - 800372709 _____ C:\Users\ariel\Downloads\Soulcalibur II (USA).zip
2022-04-28 19:27 - 2022-04-28 19:54 - 710208952 _____ C:\Users\ariel\Downloads\Legend of Zelda, The - Twilight Princess (USA).7z
2022-04-28 19:22 - 2022-04-28 21:22 - 710208540 _____ C:\Users\ariel\Downloads\Legend of Zelda, The Twilight Princess.zip
2022-04-28 17:59 - 2022-04-28 20:00 - 749151991 _____ C:\Users\ariel\Downloads\Legend of Zelda, The Collector's Edition.zip
2022-04-28 14:40 - 2022-04-28 14:40 - 000604656 _____ (Mozilla Corporation) C:\Users\ariel\Downloads\firefox.exe
2022-04-28 14:38 - 2022-04-28 15:07 - 000001326 _____ C:\Users\ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-28 14:38 - 2022-04-28 14:38 - 000000000 ____D C:\Users\ariel\AppData\Local\Mozilla Firefox
2022-04-26 19:18 - 2022-04-26 19:18 - 000000000 ____D C:\Users\ariel\Downloads\Super Smash Bros. Melee (USA) (En,Ja) (v1.02)
2022-04-26 19:09 - 2022-04-26 19:12 - 1459978240 _____ C:\Users\ariel\Downloads\Super Smash Bros. Melee (USA) (En,Ja) (v1.02).iso
2022-04-26 18:51 - 2022-04-26 19:07 - 1020219440 _____ C:\Users\ariel\Downloads\Super Smash Bros. Melee (USA) (En,Ja) (v1.02).7z
2022-04-25 15:40 - 2022-04-25 15:40 - 000000000 ____D C:\Users\ariel\AppData\Local\Gh
2022-04-25 11:48 - 2022-04-25 11:50 - 081940500 _____ C:\Users\ariel\Downloads\Super Smash Bros. Melee (USA) (En,Ja) (v1.02)(1).7z
2022-04-25 00:22 - 2022-04-25 00:22 - 000109795 _____ C:\Users\ariel\Downloads\Gen2OU-2022-04-25-poketglace-uncleeyeroll.html
2022-04-24 22:48 - 2022-04-24 22:50 - 000000000 ____D C:\Users\ariel\Downloads\Viewtiful Joe
2022-04-24 22:09 - 2022-04-24 22:26 - 000000000 ____D C:\Users\ariel\Downloads\Spider-Man 2
2022-04-24 17:10 - 2022-04-24 17:10 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-24 14:01 - 2022-04-24 15:35 - 697939130 _____ C:\Users\ariel\Downloads\Viewtiful Joe.zip
2022-04-24 13:12 - 2022-04-24 16:09 - 1058502765 _____ C:\Users\ariel\Downloads\Spider-Man 2.zip
2022-04-24 12:35 - 2022-04-24 12:43 - 1250508951 _____ C:\Users\ariel\Downloads\The Legend of Zelda The Wind Waker (FR).zip
2022-04-24 00:07 - 2022-04-24 00:07 - 000003662 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2022-04-24 00:07 - 2022-04-24 00:07 - 000003660 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2022-04-24 00:04 - 2022-04-24 12:40 - 000000000 ____D C:\Users\ariel\AppData\Local\WinZip
2022-04-24 00:03 - 2022-04-24 00:06 - 000001921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Image Manager.lnk
2022-04-24 00:03 - 2022-04-24 00:03 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2022-04-24 00:03 - 2022-04-24 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2022-04-23 23:59 - 2022-04-24 10:51 - 000000000 ____D C:\ProgramData\WinZip
2022-04-23 23:58 - 2022-04-24 00:00 - 000000000 ____D C:\Program Files\WinZip
2022-04-23 23:20 - 2022-04-23 23:21 - 130652160 _____ C:\Users\ariel\Downloads\Fire Emblem Path Of Radiance.iso
2022-04-23 23:17 - 2022-04-23 23:17 - 000000000 ____D C:\ProgramData\UniqueId
2022-04-23 23:03 - 2022-04-23 23:03 - 000000000 ____D C:\Users\ariel\Downloads\Pokemon Colosseum
2022-04-23 22:27 - 2022-04-23 22:29 - 130643968 _____ C:\Users\ariel\Downloads\PokemonColosseum.iso.iso
2022-04-23 22:26 - 2022-04-23 22:27 - 130643968 _____ C:\Users\ariel\Downloads\Pokemon Colosseum.iso
2022-04-23 19:12 - 2022-04-23 19:12 - 000000000 ____D C:\Users\ariel\Downloads\The Legend of Zelda Ocarina of Time (FR)
2022-04-23 19:04 - 2022-04-23 19:04 - 001483051 _____ C:\Users\ariel\Downloads\Legend-Of-Zelda-The-Collector-s-Edition-Instal_71033.7z
2022-04-23 18:18 - 2022-04-24 11:03 - 1339788158 _____ C:\Users\ariel\Downloads\The Legend of Zelda Ocarina of Time (FR).zip
2022-04-23 17:49 - 2022-04-23 17:49 - 000000000 ____D C:\Program Files (x86)\ResoluternmStory
2022-04-23 17:48 - 2022-04-23 17:50 - 000000000 ____D C:\Users\ariel\AppData\Local\Resolutestory
2022-04-23 17:48 - 2022-04-23 17:48 - 000000000 ____D C:\Users\ariel\Downloads\Legend-Of-Zelda-The-Collector-s-Edition-Instal_71033
2022-04-23 17:48 - 2022-04-23 17:48 - 000000000 ____D C:\Program Files (x86)\ResolutegcsStory
2022-04-23 17:39 - 2022-04-23 17:39 - 000000000 ____D C:\Users\ariel\AppData\Local\FeelingavfApp
2022-04-23 17:37 - 2022-04-23 17:37 - 000000000 ____D C:\Users\ariel\AppData\Local\FeelingApp
2022-04-22 20:23 - 2022-04-24 22:07 - 000000000 ____D C:\Program Files\Dolphin
2022-04-22 20:23 - 2022-04-22 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2022-04-21 21:45 - 2022-04-21 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
2022-04-21 21:43 - 2021-09-17 02:11 - 000947496 _____ (VoiceFive, Inc.) C:\WINDOWS\system32\pmls64.dll
2022-04-21 21:43 - 2021-09-17 02:11 - 000707368 _____ (VoiceFive, Inc.) C:\WINDOWS\SysWOW64\pmls.dll
2022-04-21 21:41 - 2022-04-21 21:41 - 000000000 ____D C:\Users\ariel\AppData\LocalLow\Unknown Vendor
2022-04-21 21:05 - 2022-05-03 13:20 - 000000000 ____D C:\Program Files (x86)\PremierOpinion
2022-04-21 21:04 - 2022-04-21 21:04 - 000000000 ____D C:\Users\ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RestMinder
2022-04-21 21:03 - 2022-04-21 21:03 - 000016438 _____ C:\Users\ariel\AppData\Local\partner.bmp
2022-04-21 21:03 - 2022-04-21 21:03 - 000000000 ____D C:\Program Files (x86)\BrightTRAMPtibUtil
2022-04-21 21:03 - 2022-04-21 21:03 - 000000000 _____ C:\Users\ariel\Downloads\file
2022-04-21 21:00 - 2022-04-21 21:03 - 000000000 ____D C:\Users\ariel\AppData\Local\BrightTRAMP
2022-04-21 20:20 - 2022-04-21 20:20 - 000000000 ____D C:\Users\ariel\AppData\LocalLow\TorporGames
2022-04-21 19:44 - 2022-04-21 20:17 - 753722207 _____ C:\Users\ariel\Downloads\Suzerain.v1.1.8.zip
2022-04-21 19:05 - 2022-04-21 19:05 - 001533613 _____ (Igor Pavlov) C:\Users\ariel\Downloads\7z2107-x64.exe
2022-04-21 19:05 - 2022-04-21 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-04-21 19:05 - 2022-04-21 19:05 - 000000000 ____D C:\Program Files\7-Zip
2022-04-21 19:03 - 2022-04-21 19:04 - 000000000 ____D C:\Users\ariel\AppData\Roaming\Bloom
2022-04-21 19:00 - 2022-04-21 19:00 - 000000000 ____D C:\Users\ariel\AppData\Local\Bloom
2022-04-21 18:58 - 2022-04-21 18:58 - 000000000 ____D C:\Users\ariel\AppData\Roaming\CyberLink
2022-04-21 18:56 - 2022-04-21 18:57 - 130670592 _____ C:\Users\ariel\Downloads\File Through.the.Darkest.of.Times.v1.04.03.1.z....iso
2022-04-21 17:35 - 2022-04-21 17:35 - 000000000 ___HD C:\$WinREAgent
2022-04-20 23:48 - 2022-04-20 23:48 - 000030333 _____ C:\Users\ariel\Downloads\Résumé Tartuffe et Phèdre.pdf
2022-04-16 17:47 - 2022-04-16 17:47 - 000026209 _____ C:\Users\ariel\Downloads\Fin du cours Hist 2nde Med médiévale(1).odt
2022-04-15 19:21 - 2022-04-15 19:21 - 000706084 _____ C:\Users\ariel\Downloads\_final-Copy1.ipynb
2022-04-15 17:56 - 2022-04-15 17:56 - 000026209 _____ C:\Users\ariel\Downloads\Fin du cours Hist 2nde Med médiévale.odt
2022-04-15 16:53 - 2022-04-15 16:53 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 16:53 - 2022-04-15 16:53 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 16:53 - 2022-04-15 16:53 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 16:52 - 2022-04-15 16:52 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-06 23:16 - 2022-04-06 23:16 - 000081198 _____ C:\Users\ariel\Downloads\Exposé présence arabe + maturité-1.pdf
2022-04-06 23:11 - 2022-04-06 23:11 - 000081198 _____ C:\Users\ariel\Downloads\Exposé présence arabe + maturité.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-03 13:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-03 13:33 - 2021-09-01 22:48 - 000000000 ____D C:\Users\eytan\AppData\Roaming\discord
2022-05-03 13:31 - 2021-09-01 22:48 - 000000000 ____D C:\Users\eytan\AppData\Local\Discord
2022-05-03 13:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-03 13:27 - 2021-04-07 23:11 - 000000000 ____D C:\Users\eytan\AppData\LocalLow\Mozilla
2022-05-03 13:24 - 2021-04-07 23:04 - 000000000 ____D C:\Users\eytan\AppData\Local\Host App Service
2022-05-03 13:21 - 2020-10-23 13:55 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-03 13:12 - 2021-04-20 00:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-02 20:47 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-02 19:26 - 2022-02-09 15:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-05-02 19:25 - 2021-09-24 21:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-05-02 19:02 - 2021-04-07 23:05 - 000000000 ____D C:\Users\eytan\AppData\Local\Google
2022-05-02 18:39 - 2021-04-22 18:08 - 000000000 ____D C:\Users\eytan\AppData\Local\D3DSCache
2022-05-02 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-02 11:29 - 2021-09-02 16:25 - 000000000 ____D C:\Users\ariel\AppData\LocalLow\Mozilla
2022-05-02 11:21 - 2021-09-02 16:20 - 000000000 __SHD C:\Users\ariel\IntelGraphicsProfiles
2022-05-02 11:17 - 2021-04-07 23:05 - 000000000 __SHD C:\Users\eytan\IntelGraphicsProfiles
2022-05-02 11:15 - 2021-04-20 00:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-02 11:15 - 2021-04-20 00:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-02 11:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-05-01 00:38 - 2021-02-22 21:48 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-30 23:04 - 2020-10-22 02:38 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-30 21:24 - 2021-04-08 18:29 - 000000000 ____D C:\Users\eytan\AppData\Roaming\.minecraft
2022-04-30 10:58 - 2021-09-02 16:18 - 000000000 ____D C:\Users\ariel\AppData\Local\Host App Service
2022-04-29 21:05 - 2021-04-07 23:11 - 000000000 ____D C:\Users\eytan\AppData\Roaming\Mozilla
2022-04-29 18:29 - 2021-04-20 00:25 - 000000000 ____D C:\Users\eytan
2022-04-28 23:33 - 2021-04-26 12:25 - 000003440 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7356c1ebc060
2022-04-28 23:33 - 2021-04-20 00:56 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-28 15:50 - 2021-09-02 16:20 - 000000000 ____D C:\Users\ariel\AppData\Local\Packages
2022-04-28 15:46 - 2021-09-02 16:20 - 000000000 ____D C:\Users\ariel\AppData\Local\D3DSCache
2022-04-28 15:41 - 2021-09-02 16:18 - 000000000 ____D C:\Users\ariel
2022-04-28 15:23 - 2021-12-10 19:25 - 000000000 ____D C:\Users\ariel\Downloads\desmume-0.9.11-win64
2022-04-28 13:16 - 2021-12-11 22:44 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-858394339-3323934644-574242159-1005
2022-04-28 13:16 - 2021-09-02 16:27 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-858394339-3323934644-574242159-1005
2022-04-28 13:16 - 2021-09-02 16:18 - 000002470 _____ C:\Users\ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-27 19:05 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-04-27 17:32 - 2021-04-20 00:39 - 001772722 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-27 17:32 - 2019-12-07 16:49 - 000791076 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-27 17:32 - 2019-12-07 16:49 - 000149556 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-27 17:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-26 17:32 - 2021-09-02 16:20 - 000000000 ____D C:\Users\ariel\AppData\Local\Google
2022-04-26 11:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-25 15:50 - 2020-10-23 13:56 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-25 11:47 - 2020-11-23 15:47 - 000008588 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2022-04-24 17:10 - 2021-11-10 13:43 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-24 15:47 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-04-24 10:46 - 2021-04-20 00:14 - 000444600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-22 20:28 - 2016-08-31 13:43 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-22 18:16 - 2021-09-06 16:38 - 000000000 ____D C:\Users\ariel\AppData\Roaming\Telegram Desktop
2022-04-21 17:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-21 17:33 - 2021-04-20 00:56 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-21 17:33 - 2021-04-20 00:56 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-20 18:56 - 2021-09-23 22:22 - 000000000 ____D C:\Users\eytan\OneDrive\Documents\Massillon
2022-04-20 17:38 - 2022-01-05 21:58 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-18 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 19:22 - 2021-10-03 09:19 - 000000000 ____D C:\Users\ariel\AppData\LocalLow\Adobe
2022-04-15 16:08 - 2020-10-23 14:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-15 16:03 - 2020-10-23 14:17 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 13:22 - 2021-11-18 19:57 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-13 13:22 - 2021-11-05 19:40 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-13 13:22 - 2021-11-05 19:40 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-13 13:22 - 2021-11-05 19:40 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-13 13:22 - 2021-11-05 19:40 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-13 13:22 - 2021-11-05 19:40 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-13 13:22 - 2021-11-05 19:40 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-12 20:19 - 2021-04-07 23:05 - 000000000 ____D C:\Users\eytan\AppData\Local\Packages
2022-04-12 17:55 - 2021-09-23 20:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-12 17:54 - 2021-09-23 20:48 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-11 17:10 - 2021-10-15 10:46 - 000002417 _____ C:\Users\ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-04-10 14:03 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\OCR
2022-04-08 14:28 - 2020-10-22 03:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-05 20:26 - 2020-10-23 14:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2022-05-02 20:04 - 2022-05-02 20:04 - 000399558 _____ () C:\Users\eytan\AppData\Local\ars.cache
2022-05-02 20:07 - 2022-05-02 20:07 - 000989094 _____ () C:\Users\eytan\AppData\Local\census.cache
2022-05-02 19:06 - 2022-05-02 19:06 - 000000036 _____ () C:\Users\eytan\AppData\Local\housecall.guid.cache
2022-05-02 19:14 - 2022-05-02 19:14 - 000000010 _____ () C:\Users\eytan\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================