Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022
Exécuté par c.scribot (administrateur) sur DSAF006802 (FUJITSU LIFEBOOK E458) (16-12-2022 08:30:24)
Exécuté depuis C:\Users\c.scribot.CD2E\Downloads
Profils chargés: c.scribot
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe <2>
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IDS\bin\SISIDSService.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSService.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\sisipsutil.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3533264 2017-11-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [CiscoMeetingDaemon] => C:\Users\c.scribot.CD2E\AppData\Local\WebEx\WebexHost.exe [8022224 2022-11-24] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [b1db1d2a99978d211b27ba0e98d8603e] => "C:\Program Files (x86)\Canon\Easy-WebPrint EX\LiveUpdate.exe" --run_mode=background_check (Pas de fichier)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [Microsoft Edge Update] => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\MicrosoftEdgeUpdateCore.exe [263640 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [MicrosoftEdgeAutoLaunch_180564FE36FDEA344D01C1D2EF56ADD2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [482816 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.DLL [83968 2013-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [16896 2013-04-23] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\C554SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [16896 2013-04-23] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\WINDOWS\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\WINDOWS\system32\CNMLMEU.DLL [1303040 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-07-30] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\...\AppCompatFlags\Custom\Battlegrounds.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\Custom\battlegrounds_x1.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\Custom\player.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb [2022-08-10]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DeskUpdate.lnk [2014-02-19]
ShortcutTarget: DeskUpdate.lnk -> C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdate.exe (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
Startup: C:\Users\c.scribot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-05-28]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-12-02]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarLeaf.lnk [2020-01-14]
ShortcutTarget: StarLeaf.lnk -> C:\Users\c.scribot.CD2E\AppData\Local\StarLeaf\StarLeaf\StarLeaf.exe (StarLeaf Ltd -> StarLeaf Ltd.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {114AE2E2-B87D-4213-8CF5-A72B5436487A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {20701A96-6747-4FA1-A458-2992BCB641E5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {291242F8-F514-4948-8767-E0C59F8DE9CC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {29B5DEBD-2D40-4C26-9D36-F9713491E075} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {31DC5AF9-64EE-48A7-B4FE-5B8E0CAC1CC5} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4290648588-4140737106-210224143-1115UA => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3235105C-FFF6-436E-B454-E68ACAAEB9E4} - System32\Tasks\G2MUploadTask-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {37FE87AB-D479-49F9-BE9D-A4B70F25D209} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation)
Task: {49C86FF6-9592-4E98-8615-CF06EDAB35A6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DE75E13-5A90-4493-85F5-35CF119CAACB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114584 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {665DD75A-A859-42AE-8153-B22AEF9E4302} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-30] (Google Inc -> Google Inc.)
Task: {6674F22D-83EA-4504-97DE-2D0B87941D10} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation)
Task: {6DFE8CB5-AD06-4616-8FFC-032AEEA2F62A} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4290648588-4140737106-210224143-1115Core => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7258CD34-26E9-4A56-ABC3-FB71875585F0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {73352B96-B251-46C1-84CB-CF701D2DA312} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114584 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7712337D-7C8C-46BA-B2D4-8357313275E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {77D60510-47C0-4335-BC2C-165242B33AE3} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation)
Task: {7E0F7ADA-0EFB-4988-ACAC-6D3416D8F7D2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {99A55825-0EDE-4A05-B611-2A832BE1EDD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-30] (Google Inc -> Google Inc.)
Task: {9DBEF69B-5264-41A5-B986-ACE2F26E5BCA} - System32\Tasks\CCleanerSkipUAC - c.scribot => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {BF3BFA96-4C65-4FD1-8E05-B5AF77BD0B68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {C1B46B12-E930-4CA5-A884-8B42A5EB3443} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {C38F072E-BFC3-444A-BD9C-AB479A0BAD06} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {C7670243-FB18-4607-9951-92BC14D3FEA4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {D434BB07-B4C3-4B18-9FA8-3B322739A205} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cf5df452-9f22-4f2a-8352-48dbcb0db756" --version "6.05.10110" --silent
Task: {E84174B1-2887-4B4B-BAA0-AF54A47CEFF4} - System32\Tasks\G2MUpdateTask-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F499B732-3AC0-4905-9DE7-66EE2ED16066} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/cCD2E\c.scr
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerCD2E\c.scr
Task: C:\WINDOWS\Tasks\EsgInstallerTask81.job => rundll32.exe Ðurl.dll,FileProtocolHandler hxxps:/www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=e36469df001c6fc50cf8b29d26e6d16a&lang=FR&purl=https%3A%2F%2Fpurchase%2Eenigmasoftware%2Ecom%2Fshwin&sid=sh C:\WINDOWS\system32CD2E\c.scr
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4290648588-4140737106-210224143-1115.job => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupdate.exe C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950CD2E\c.scr
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4290648588-4140737106-210224143-1115.job => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupload.exe C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950CD2E\c.scr
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{30e4f3c4-180f-474f-9a1b-63967ff9eae7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7fd138c9-ff6e-43d4-87e3-29f297aaccf3}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{ba481211-92d1-4fff-b4ae-4293f13db54c}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: C:\Users\c.scribot.CD2E\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-15]
Edge DownloadDir: Default -> C:\Users\c.scribot.CD2E\Downloads
FireFox:
========
FF DefaultProfile: 0co0nkgu.default
FF ProfilePath: C:\Users\c.scribot.CD2E\AppData\Roaming\Mozilla\Firefox\Profiles\0co0nkgu.default [2022-11-09]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4290648588-4140737106-210224143-1115: SkypeForBusinessPlugin-16.2 -> C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4290648588-4140737106-210224143-1115: SkypeForBusinessPlugin64-16.2 -> C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default [2022-12-16]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://rapidd.developpement-durable.gouv.fr; hxxps://www.idealco.fr
CHR Extension: (Google Traduction) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-11]
CHR Extension: (Slinky Elégante) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2019-12-30]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-07]
CHR Extension: (uBlock Origin) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-11-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-05]
CHR Extension: (Evernote Web) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-06-03]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-08-11]
CHR Extension: (Creately - Diagrammes & Collaboration) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehmcgkakgfcibfkeofncglipefjcfnn [2019-06-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (diagrams.net) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlkggianjhjenigcpigpjehhpplldkc [2020-04-24]
CHR HKU\S-1-5-21-4290648588-4140737106-210224143-1115\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe [2445824 2021-02-10] () [Fichier non signé]
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 FBIOSDRVService; C:\WINDOWS\System32\DriverStore\FileRepository\fbiosdrv.inf_amd64_b0a0cc2a0826a166\fbiosdrv-service.exe [145032 2022-06-02] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
S2 Fuj02e3DriverUtilityService; C:\WINDOWS\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f13688afded4a291\fuj02e3-utility.exe [346576 2017-11-08] (Microsoft Windows Hardware Compatibility Publisher -> FUJITSU LIMITED)
S2 heCAF; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\Common Agent Framework\CAFServiceMain.exe [3717360 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-28] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [2280448 2021-02-10] () [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SepLpsService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe [157936 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe [157936 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R2 SISIDSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IDS\bin\SISIDSService.exe [3179248 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSService.exe [101104 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSUtil; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSUtil.exe [273648 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin64\snac64.exe [377984 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Data\Definitions\BASHDefs\20221208.001\BHDrvx64.sys [1705040 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [175816 2020-04-20] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 bhtsddr; C:\WINDOWS\system32\DRIVERS\bhtsddr.sys [171224 2021-05-16] (BayHub Technology Inc. -> BayHubTech)
R1 ccSettings_{FDEE1BF7-B360-4872-9ADC-558777D19563}; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\ccSetx64.sys [179360 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-01] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 FBIOSDRV; C:\WINDOWS\System32\DriverStore\FileRepository\fbiosdrv.inf_amd64_b0a0cc2a0826a166\FBIOSDRV.sys [48776 2022-06-02] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
R3 fuj02e3; C:\WINDOWS\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f13688afded4a291\fuj02e3.sys [67856 2017-11-08] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 GabiAcpi; C:\WINDOWS\System32\drivers\GabiAcpi.sys [40488 2020-07-15] (FUJITSU CLIENT COMPUTING LIMITED -> Fujitsu Technology Solutions)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Data\Definitions\IPSDefs\20221214.061\IDSvia64.sys [1488976 2021-11-03] (Symantec Corporation -> Broadcom)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 SISIDSRegDrv; C:\WINDOWS\system32\Drivers\SISIDSRegDrv.sys [50144 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSDeviceFilter; C:\WINDOWS\system32\Drivers\SISIPSDeviceFilter.sys [52712 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R1 SISIPSDriver; C:\WINDOWS\System32\Drivers\SISIPSDriver.sys [319976 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSFileFilter; C:\WINDOWS\system32\Drivers\SISIPSFileFilter.sys [84960 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S1 SISIPSNetFilter; C:\WINDOWS\System32\Drivers\SISIPSNetFilter.sys [64504 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R1 SRTSP; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SRTSP64.SYS [831064 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SRTSPX64.SYS [49240 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin64\SyDvCtrl64.sys [44568 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0603020.009\symefasi64.sys [1793104 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SymELAM.sys [24192 2018-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99920 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\Ironx64.SYS [308304 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SYMNETS.SYS [566864 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R1 SysPlant; C:\WINDOWS\System32\Drivers\SysPlant.sys [222584 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-02-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [130976 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-16 08:30 - 2022-12-16 08:31 - 000033515 _____ C:\Users\c.scribot.CD2E\Downloads\FRST.txt
2022-12-16 08:30 - 2022-12-16 08:30 - 000000000 ____D C:\Users\c.scribot.CD2E\Downloads\FRST-OlderVersion
2022-12-16 08:30 - 2022-12-16 08:30 - 000000000 ____D C:\FRST
2022-12-16 08:29 - 2022-12-16 08:30 - 002375680 _____ (Farbar) C:\Users\c.scribot.CD2E\Downloads\FRST64-2.1.exe
2022-12-16 08:25 - 2022-12-16 08:25 - 008791352 _____ (Malwarebytes) C:\Users\c.scribot.CD2E\Downloads\adwcleaner(1).exe
2022-12-16 08:14 - 2022-12-16 08:14 - 008791352 _____ (Malwarebytes) C:\Users\c.scribot.CD2E\Downloads\adwcleaner.exe
2022-12-14 16:00 - 2022-12-14 16:00 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-12-14 15:04 - 2022-12-14 15:04 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-14 15:04 - 2022-12-14 15:04 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-14 14:55 - 2022-12-14 14:55 - 000000000 ___HD C:\$WinREAgent
2022-12-11 22:02 - 2022-12-11 22:02 - 000000694 _____ C:\WINDOWS\Tasks\EsgInstallerTask81.job
2022-12-11 18:35 - 2022-12-11 18:35 - 000696907 _____ C:\Users\c.scribot.CD2E\Downloads\10475175-T102500704-A102959958-FRC263585958.pdf
2022-12-09 23:36 - 2022-12-16 07:59 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-09 23:36 - 2022-12-09 23:36 - 001427176 _____ (Google LLC) C:\Users\c.scribot.CD2E\Downloads\ChromeSetup (1).exe
2022-12-09 23:34 - 2022-12-09 23:34 - 001427176 _____ (Google LLC) C:\Users\c.scribot.CD2E\Downloads\ChromeSetup.exe
2022-12-08 22:41 - 2022-12-08 22:41 - 001016973 _____ C:\Users\c.scribot.CD2E\Downloads\Un_Sicle.pdf
2022-12-06 13:59 - 2022-12-06 13:59 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\ILOVEPDF
2022-12-06 13:59 - 2022-12-06 13:59 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\ILOVEPDF
2022-12-06 13:58 - 2022-12-06 13:58 - 010678282 _____ C:\Users\c.scribot.CD2E\Desktop\Revue de presse Assises2022 v06dec22.pdf
2022-12-06 13:58 - 2022-12-06 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLovePDF
2022-12-06 13:58 - 2022-12-06 13:58 - 000000000 ____D C:\Program Files\iLovePDF
2022-12-06 13:57 - 2022-12-06 13:57 - 000885520 _____ C:\Users\c.scribot.CD2E\Downloads\iLovePDF Desktop Installer.exe
2022-12-05 16:12 - 2022-12-13 15:50 - 000366368 _____ C:\Users\c.scribot.CD2E\Desktop\Sédimenterre - présentation.pdf
2022-12-05 11:36 - 2022-12-05 11:36 - 000000112 _____ C:\Users\c.scribot.CD2E\Desktop\Plan de développement de l’économie circulaire en Hauts-deFrance.url
2022-12-05 11:36 - 2022-12-05 11:36 - 000000105 _____ C:\Users\c.scribot.CD2E\Desktop\pac_v3_web.pdf.url
2022-12-05 09:10 - 2022-12-16 08:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-01 11:56 - 2022-12-01 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-30 14:47 - 2022-11-30 14:47 - 000362311 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669816046_13136934_badge.pdf
2022-11-30 14:47 - 2022-11-30 14:47 - 000360615 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669816040_13136828_badge.pdf
2022-11-30 14:19 - 2022-11-30 14:19 - 000362238 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669814369_13136595_badge.pdf
2022-11-30 14:08 - 2022-11-30 14:08 - 000361276 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669813692_13135899_badge.pdf
2022-11-30 14:06 - 2022-11-30 14:06 - 000361276 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669813580_13135899_badge.pdf
2022-11-30 11:12 - 2022-11-30 11:12 - 001019352 _____ (Mixbyte Inc. ) C:\Users\c.scribot.CD2E\Downloads\FreemakeVideoDownloaderSetup_9a55a9a4-aa7d-7f2f-0597-f4fdb8533855.exe
2022-11-29 22:51 - 2022-11-29 22:51 - 000241736 _____ C:\Users\c.scribot.CD2E\Downloads\note_de_cadrage.pdf
2022-11-29 22:00 - 2022-11-29 22:00 - 000441741 _____ C:\Users\c.scribot.CD2E\Downloads\CP-REV3-la-feuille-de-route-2022-2027-pour-transformer-les-Hauts-de-France.pdf
2022-11-27 20:58 - 2022-11-27 20:58 - 000000000 ____D C:\ProgramData\TechSmith
2022-11-25 13:09 - 2022-11-25 13:10 - 000000000 ____D C:\Users\c.scribot.CD2E\Downloads\Marketplace - Btwin _ Facebook_files
2022-11-25 13:09 - 2022-11-25 13:09 - 005046890 _____ C:\Users\c.scribot.CD2E\Downloads\Marketplace - Btwin _ Facebook.html
2022-11-24 16:46 - 2022-11-24 16:49 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\REPLAYS LIVESTORM
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-23 10:10 - 2022-11-23 10:10 - 000754927 _____ C:\Users\c.scribot.CD2E\Downloads\RV77_Envisan_TracabiliteCirculariteVertueuse_CMetCS_p36-40.pdf
2022-11-22 17:46 - 2022-11-22 17:46 - 000090735 _____ C:\Users\c.scribot.CD2E\Downloads\Georges AOUAD Registration Invoice.pdf
2022-11-22 10:47 - 2022-11-22 10:47 - 005144981 _____ C:\Users\c.scribot.CD2E\Downloads\ilovepdf_merged (3).pdf
2022-11-20 11:27 - 2022-11-17 21:49 - 000057228 _____ C:\Users\c.scribot.CD2E\Desktop\OPnGO_invoice_263817.pdf
2022-11-20 11:26 - 2022-11-20 11:26 - 000039671 _____ C:\Users\c.scribot.CD2E\Downloads\expenseReport.zip
2022-11-17 14:23 - 2022-11-17 14:23 - 008306776 _____ C:\Users\c.scribot.CD2E\Downloads\Photos-001 (2).zip
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-16 08:19 - 2019-08-30 14:06 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\LocalLow\Mozilla
2022-12-16 08:16 - 2018-07-30 10:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-16 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-16 07:58 - 2021-03-08 21:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-15 21:22 - 2022-09-21 08:11 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-15 21:22 - 2022-09-21 08:11 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-15 21:22 - 2021-02-24 09:47 - 000000000 ____D C:\Program Files\CCleaner
2022-12-15 14:09 - 2021-12-11 09:50 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-1115
2022-12-15 14:09 - 2021-09-10 11:03 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-15 14:09 - 2021-03-08 21:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-15 14:09 - 2020-01-02 09:28 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-15 14:08 - 2019-06-30 13:24 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\Dropbox
2022-12-15 14:06 - 2022-03-30 21:31 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\DropboxElectron
2022-12-15 14:06 - 2021-03-08 21:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-15 14:05 - 2018-08-16 16:21 - 000000000 __SHD C:\Users\c.scribot\IntelGraphicsProfiles
2022-12-14 18:20 - 2022-01-25 22:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-14 17:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-14 16:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-14 16:04 - 2021-11-03 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection
2022-12-14 16:04 - 2021-03-08 21:21 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-14 16:04 - 2019-12-07 15:50 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-12-14 16:04 - 2019-12-07 15:50 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-12-14 16:02 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-14 15:59 - 2021-03-08 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-14 15:59 - 2021-03-08 21:14 - 000314912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 15:59 - 2021-03-08 21:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-14 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-14 15:59 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-12-14 15:59 - 2018-07-27 14:19 - 000000000 ____D C:\Intel
2022-12-14 15:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 15:56 - 2019-06-03 09:37 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Perso
2022-12-14 15:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 15:04 - 2021-03-08 21:15 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-14 14:40 - 2018-07-30 09:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 14:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-14 12:45 - 2018-07-30 09:57 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-14 12:08 - 2022-04-27 09:40 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\OpenVPN Connect
2022-12-14 12:03 - 2018-08-16 10:34 - 000000112 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-12-14 10:39 - 2020-12-08 09:33 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\WebEx
2022-12-12 15:55 - 2019-06-03 09:23 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\Packages
2022-12-12 12:28 - 2019-12-18 15:10 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\à ranger sur réseau
2022-12-12 12:24 - 2022-08-11 13:50 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Vidéos
2022-12-12 09:03 - 2019-06-06 08:15 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\D3DSCache
2022-12-11 20:48 - 2019-06-30 13:24 - 000001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-11 20:48 - 2019-06-30 13:24 - 000001198 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-12-11 20:48 - 2018-07-30 10:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-11 10:26 - 2020-09-04 10:25 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-10 09:33 - 2018-07-31 10:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-12-09 23:36 - 2018-12-03 14:01 - 000000000 ____D C:\Program Files\Google
2022-12-09 12:12 - 2021-12-01 18:09 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-12-09 10:10 - 2022-11-07 15:08 - 000029478 _____ C:\Users\c.scribot.CD2E\Desktop\Economie régionale sédiments - V20170731.xlsx
2022-12-08 22:37 - 2021-01-10 17:01 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-12-07 14:11 - 2021-09-10 19:52 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-07 14:11 - 2021-09-10 19:52 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-12-07 14:11 - 2021-09-10 19:52 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-12-07 14:11 - 2021-09-10 19:52 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-12-05 14:46 - 2021-11-09 11:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-05 14:46 - 2018-07-30 10:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-05 10:37 - 2022-11-09 14:33 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Présentations Assises 2022
2022-12-02 10:12 - 2021-03-08 21:22 - 000004262 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-12-02 10:12 - 2021-03-08 21:22 - 000004030 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-12-01 11:56 - 2019-06-30 13:24 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-29 18:27 - 2021-02-27 17:57 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\CrashDumps
2022-11-27 20:58 - 2018-07-27 14:20 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-22 18:09 - 2020-03-05 09:13 - 000002409 _____ C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-11-21 10:43 - 2022-09-12 08:39 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\com.adobe.dunamis
2022-11-21 08:42 - 2020-10-01 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-20 20:12 - 2022-10-13 11:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-20 20:12 - 2022-10-13 11:06 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-20 20:12 - 2021-03-08 21:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-16 14:46 - 2022-02-18 10:17 - 000000000 ____D C:\Program Files\RUXIM
==================== Fichiers à la racine de certains dossiers ========
2022-08-23 15:33 - 2022-08-23 15:33 - 000000171 _____ () C:\Users\c.scribot.CD2E\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-07-10 09:54 - 2019-07-10 09:54 - 000038507 _____ () C:\Users\c.scribot.CD2E\AppData\Roaming\Valeurs séparées par une virgule.ADR
2022-11-24 10:32 - 2022-11-24 10:32 - 000045358 _____ () C:\Users\c.scribot.CD2E\AppData\Local\SplashScreen_mes-salaries_bakertilly_fr_2.png
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par c.scribot (administrateur) sur DSAF006802 (FUJITSU LIFEBOOK E458) (16-12-2022 08:30:24)
Exécuté depuis C:\Users\c.scribot.CD2E\Downloads
Profils chargés: c.scribot
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe <2>
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IDS\bin\SISIDSService.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSService.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\sisipsutil.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3533264 2017-11-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [CiscoMeetingDaemon] => C:\Users\c.scribot.CD2E\AppData\Local\WebEx\WebexHost.exe [8022224 2022-11-24] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [b1db1d2a99978d211b27ba0e98d8603e] => "C:\Program Files (x86)\Canon\Easy-WebPrint EX\LiveUpdate.exe" --run_mode=background_check (Pas de fichier)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [Microsoft Edge Update] => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\MicrosoftEdgeUpdateCore.exe [263640 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [MicrosoftEdgeAutoLaunch_180564FE36FDEA344D01C1D2EF56ADD2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [482816 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.DLL [83968 2013-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [16896 2013-04-23] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\C554SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [16896 2013-04-23] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\WINDOWS\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\WINDOWS\system32\CNMLMEU.DLL [1303040 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-07-30] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\...\AppCompatFlags\Custom\Battlegrounds.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\Custom\battlegrounds_x1.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\Custom\player.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb [2022-08-10]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DeskUpdate.lnk [2014-02-19]
ShortcutTarget: DeskUpdate.lnk -> C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdate.exe (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
Startup: C:\Users\c.scribot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-05-28]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-12-02]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarLeaf.lnk [2020-01-14]
ShortcutTarget: StarLeaf.lnk -> C:\Users\c.scribot.CD2E\AppData\Local\StarLeaf\StarLeaf\StarLeaf.exe (StarLeaf Ltd -> StarLeaf Ltd.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {114AE2E2-B87D-4213-8CF5-A72B5436487A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {20701A96-6747-4FA1-A458-2992BCB641E5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {291242F8-F514-4948-8767-E0C59F8DE9CC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {29B5DEBD-2D40-4C26-9D36-F9713491E075} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {31DC5AF9-64EE-48A7-B4FE-5B8E0CAC1CC5} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4290648588-4140737106-210224143-1115UA => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3235105C-FFF6-436E-B454-E68ACAAEB9E4} - System32\Tasks\G2MUploadTask-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {37FE87AB-D479-49F9-BE9D-A4B70F25D209} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation)
Task: {49C86FF6-9592-4E98-8615-CF06EDAB35A6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DE75E13-5A90-4493-85F5-35CF119CAACB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114584 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {665DD75A-A859-42AE-8153-B22AEF9E4302} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-30] (Google Inc -> Google Inc.)
Task: {6674F22D-83EA-4504-97DE-2D0B87941D10} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation)
Task: {6DFE8CB5-AD06-4616-8FFC-032AEEA2F62A} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4290648588-4140737106-210224143-1115Core => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7258CD34-26E9-4A56-ABC3-FB71875585F0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {73352B96-B251-46C1-84CB-CF701D2DA312} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114584 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7712337D-7C8C-46BA-B2D4-8357313275E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {77D60510-47C0-4335-BC2C-165242B33AE3} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation)
Task: {7E0F7ADA-0EFB-4988-ACAC-6D3416D8F7D2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {99A55825-0EDE-4A05-B611-2A832BE1EDD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-30] (Google Inc -> Google Inc.)
Task: {9DBEF69B-5264-41A5-B986-ACE2F26E5BCA} - System32\Tasks\CCleanerSkipUAC - c.scribot => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {BF3BFA96-4C65-4FD1-8E05-B5AF77BD0B68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {C1B46B12-E930-4CA5-A884-8B42A5EB3443} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {C38F072E-BFC3-444A-BD9C-AB479A0BAD06} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-03-08] (Microsoft Windows -> Microsoft Corporation)
Task: {C7670243-FB18-4607-9951-92BC14D3FEA4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {D434BB07-B4C3-4B18-9FA8-3B322739A205} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cf5df452-9f22-4f2a-8352-48dbcb0db756" --version "6.05.10110" --silent
Task: {E84174B1-2887-4B4B-BAA0-AF54A47CEFF4} - System32\Tasks\G2MUpdateTask-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F499B732-3AC0-4905-9DE7-66EE2ED16066} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/cCD2E\c.scr
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerCD2E\c.scr
Task: C:\WINDOWS\Tasks\EsgInstallerTask81.job => rundll32.exe Ðurl.dll,FileProtocolHandler hxxps:/www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=e36469df001c6fc50cf8b29d26e6d16a&lang=FR&purl=https%3A%2F%2Fpurchase%2Eenigmasoftware%2Ecom%2Fshwin&sid=sh C:\WINDOWS\system32CD2E\c.scr
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4290648588-4140737106-210224143-1115.job => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupdate.exe C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950CD2E\c.scr
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4290648588-4140737106-210224143-1115.job => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupload.exe C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950CD2E\c.scr
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{30e4f3c4-180f-474f-9a1b-63967ff9eae7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7fd138c9-ff6e-43d4-87e3-29f297aaccf3}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{ba481211-92d1-4fff-b4ae-4293f13db54c}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: C:\Users\c.scribot.CD2E\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-15]
Edge DownloadDir: Default -> C:\Users\c.scribot.CD2E\Downloads
FireFox:
========
FF DefaultProfile: 0co0nkgu.default
FF ProfilePath: C:\Users\c.scribot.CD2E\AppData\Roaming\Mozilla\Firefox\Profiles\0co0nkgu.default [2022-11-09]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4290648588-4140737106-210224143-1115: SkypeForBusinessPlugin-16.2 -> C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4290648588-4140737106-210224143-1115: SkypeForBusinessPlugin64-16.2 -> C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default [2022-12-16]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://rapidd.developpement-durable.gouv.fr; hxxps://www.idealco.fr
CHR Extension: (Google Traduction) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-11]
CHR Extension: (Slinky Elégante) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2019-12-30]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-07]
CHR Extension: (uBlock Origin) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-11-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-05]
CHR Extension: (Evernote Web) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-06-03]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-08-11]
CHR Extension: (Creately - Diagrammes & Collaboration) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehmcgkakgfcibfkeofncglipefjcfnn [2019-06-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (diagrams.net) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlkggianjhjenigcpigpjehhpplldkc [2020-04-24]
CHR HKU\S-1-5-21-4290648588-4140737106-210224143-1115\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe [2445824 2021-02-10] () [Fichier non signé]
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 FBIOSDRVService; C:\WINDOWS\System32\DriverStore\FileRepository\fbiosdrv.inf_amd64_b0a0cc2a0826a166\fbiosdrv-service.exe [145032 2022-06-02] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
S2 Fuj02e3DriverUtilityService; C:\WINDOWS\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f13688afded4a291\fuj02e3-utility.exe [346576 2017-11-08] (Microsoft Windows Hardware Compatibility Publisher -> FUJITSU LIMITED)
S2 heCAF; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\Common Agent Framework\CAFServiceMain.exe [3717360 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-28] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [2280448 2021-02-10] () [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SepLpsService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe [157936 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe [157936 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R2 SISIDSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IDS\bin\SISIDSService.exe [3179248 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSService.exe [101104 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSUtil; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSUtil.exe [273648 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin64\snac64.exe [377984 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Data\Definitions\BASHDefs\20221208.001\BHDrvx64.sys [1705040 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [175816 2020-04-20] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 bhtsddr; C:\WINDOWS\system32\DRIVERS\bhtsddr.sys [171224 2021-05-16] (BayHub Technology Inc. -> BayHubTech)
R1 ccSettings_{FDEE1BF7-B360-4872-9ADC-558777D19563}; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\ccSetx64.sys [179360 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-01] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 FBIOSDRV; C:\WINDOWS\System32\DriverStore\FileRepository\fbiosdrv.inf_amd64_b0a0cc2a0826a166\FBIOSDRV.sys [48776 2022-06-02] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
R3 fuj02e3; C:\WINDOWS\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f13688afded4a291\fuj02e3.sys [67856 2017-11-08] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 GabiAcpi; C:\WINDOWS\System32\drivers\GabiAcpi.sys [40488 2020-07-15] (FUJITSU CLIENT COMPUTING LIMITED -> Fujitsu Technology Solutions)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Data\Definitions\IPSDefs\20221214.061\IDSvia64.sys [1488976 2021-11-03] (Symantec Corporation -> Broadcom)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 SISIDSRegDrv; C:\WINDOWS\system32\Drivers\SISIDSRegDrv.sys [50144 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSDeviceFilter; C:\WINDOWS\system32\Drivers\SISIPSDeviceFilter.sys [52712 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R1 SISIPSDriver; C:\WINDOWS\System32\Drivers\SISIPSDriver.sys [319976 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSFileFilter; C:\WINDOWS\system32\Drivers\SISIPSFileFilter.sys [84960 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S1 SISIPSNetFilter; C:\WINDOWS\System32\Drivers\SISIPSNetFilter.sys [64504 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R1 SRTSP; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SRTSP64.SYS [831064 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SRTSPX64.SYS [49240 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin64\SyDvCtrl64.sys [44568 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0603020.009\symefasi64.sys [1793104 2021-11-03] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SymELAM.sys [24192 2018-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99920 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\Ironx64.SYS [308304 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SYMNETS.SYS [566864 2018-06-12] (Symantec Corporation -> Symantec Corporation)
R1 SysPlant; C:\WINDOWS\System32\Drivers\SysPlant.sys [222584 2021-11-03] (Symantec Corporation -> Symantec Corporation)
R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-02-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [130976 2018-06-12] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-16 08:30 - 2022-12-16 08:31 - 000033515 _____ C:\Users\c.scribot.CD2E\Downloads\FRST.txt
2022-12-16 08:30 - 2022-12-16 08:30 - 000000000 ____D C:\Users\c.scribot.CD2E\Downloads\FRST-OlderVersion
2022-12-16 08:30 - 2022-12-16 08:30 - 000000000 ____D C:\FRST
2022-12-16 08:29 - 2022-12-16 08:30 - 002375680 _____ (Farbar) C:\Users\c.scribot.CD2E\Downloads\FRST64-2.1.exe
2022-12-16 08:25 - 2022-12-16 08:25 - 008791352 _____ (Malwarebytes) C:\Users\c.scribot.CD2E\Downloads\adwcleaner(1).exe
2022-12-16 08:14 - 2022-12-16 08:14 - 008791352 _____ (Malwarebytes) C:\Users\c.scribot.CD2E\Downloads\adwcleaner.exe
2022-12-14 16:00 - 2022-12-14 16:00 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-12-14 15:04 - 2022-12-14 15:04 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-14 15:04 - 2022-12-14 15:04 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-14 14:55 - 2022-12-14 14:55 - 000000000 ___HD C:\$WinREAgent
2022-12-11 22:02 - 2022-12-11 22:02 - 000000694 _____ C:\WINDOWS\Tasks\EsgInstallerTask81.job
2022-12-11 18:35 - 2022-12-11 18:35 - 000696907 _____ C:\Users\c.scribot.CD2E\Downloads\10475175-T102500704-A102959958-FRC263585958.pdf
2022-12-09 23:36 - 2022-12-16 07:59 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-09 23:36 - 2022-12-09 23:36 - 001427176 _____ (Google LLC) C:\Users\c.scribot.CD2E\Downloads\ChromeSetup (1).exe
2022-12-09 23:34 - 2022-12-09 23:34 - 001427176 _____ (Google LLC) C:\Users\c.scribot.CD2E\Downloads\ChromeSetup.exe
2022-12-08 22:41 - 2022-12-08 22:41 - 001016973 _____ C:\Users\c.scribot.CD2E\Downloads\Un_Sicle.pdf
2022-12-06 13:59 - 2022-12-06 13:59 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\ILOVEPDF
2022-12-06 13:59 - 2022-12-06 13:59 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\ILOVEPDF
2022-12-06 13:58 - 2022-12-06 13:58 - 010678282 _____ C:\Users\c.scribot.CD2E\Desktop\Revue de presse Assises2022 v06dec22.pdf
2022-12-06 13:58 - 2022-12-06 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLovePDF
2022-12-06 13:58 - 2022-12-06 13:58 - 000000000 ____D C:\Program Files\iLovePDF
2022-12-06 13:57 - 2022-12-06 13:57 - 000885520 _____ C:\Users\c.scribot.CD2E\Downloads\iLovePDF Desktop Installer.exe
2022-12-05 16:12 - 2022-12-13 15:50 - 000366368 _____ C:\Users\c.scribot.CD2E\Desktop\Sédimenterre - présentation.pdf
2022-12-05 11:36 - 2022-12-05 11:36 - 000000112 _____ C:\Users\c.scribot.CD2E\Desktop\Plan de développement de l’économie circulaire en Hauts-deFrance.url
2022-12-05 11:36 - 2022-12-05 11:36 - 000000105 _____ C:\Users\c.scribot.CD2E\Desktop\pac_v3_web.pdf.url
2022-12-05 09:10 - 2022-12-16 08:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-01 11:56 - 2022-12-01 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-30 14:47 - 2022-11-30 14:47 - 000362311 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669816046_13136934_badge.pdf
2022-11-30 14:47 - 2022-11-30 14:47 - 000360615 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669816040_13136828_badge.pdf
2022-11-30 14:19 - 2022-11-30 14:19 - 000362238 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669814369_13136595_badge.pdf
2022-11-30 14:08 - 2022-11-30 14:08 - 000361276 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669813692_13135899_badge.pdf
2022-11-30 14:06 - 2022-11-30 14:06 - 000361276 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669813580_13135899_badge.pdf
2022-11-30 11:12 - 2022-11-30 11:12 - 001019352 _____ (Mixbyte Inc. ) C:\Users\c.scribot.CD2E\Downloads\FreemakeVideoDownloaderSetup_9a55a9a4-aa7d-7f2f-0597-f4fdb8533855.exe
2022-11-29 22:51 - 2022-11-29 22:51 - 000241736 _____ C:\Users\c.scribot.CD2E\Downloads\note_de_cadrage.pdf
2022-11-29 22:00 - 2022-11-29 22:00 - 000441741 _____ C:\Users\c.scribot.CD2E\Downloads\CP-REV3-la-feuille-de-route-2022-2027-pour-transformer-les-Hauts-de-France.pdf
2022-11-27 20:58 - 2022-11-27 20:58 - 000000000 ____D C:\ProgramData\TechSmith
2022-11-25 13:09 - 2022-11-25 13:10 - 000000000 ____D C:\Users\c.scribot.CD2E\Downloads\Marketplace - Btwin _ Facebook_files
2022-11-25 13:09 - 2022-11-25 13:09 - 005046890 _____ C:\Users\c.scribot.CD2E\Downloads\Marketplace - Btwin _ Facebook.html
2022-11-24 16:46 - 2022-11-24 16:49 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\REPLAYS LIVESTORM
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-24 04:30 - 2022-11-24 04:30 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-23 10:10 - 2022-11-23 10:10 - 000754927 _____ C:\Users\c.scribot.CD2E\Downloads\RV77_Envisan_TracabiliteCirculariteVertueuse_CMetCS_p36-40.pdf
2022-11-22 17:46 - 2022-11-22 17:46 - 000090735 _____ C:\Users\c.scribot.CD2E\Downloads\Georges AOUAD Registration Invoice.pdf
2022-11-22 10:47 - 2022-11-22 10:47 - 005144981 _____ C:\Users\c.scribot.CD2E\Downloads\ilovepdf_merged (3).pdf
2022-11-20 11:27 - 2022-11-17 21:49 - 000057228 _____ C:\Users\c.scribot.CD2E\Desktop\OPnGO_invoice_263817.pdf
2022-11-20 11:26 - 2022-11-20 11:26 - 000039671 _____ C:\Users\c.scribot.CD2E\Downloads\expenseReport.zip
2022-11-17 14:23 - 2022-11-17 14:23 - 008306776 _____ C:\Users\c.scribot.CD2E\Downloads\Photos-001 (2).zip
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-16 08:19 - 2019-08-30 14:06 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\LocalLow\Mozilla
2022-12-16 08:16 - 2018-07-30 10:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-16 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-16 07:58 - 2021-03-08 21:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-15 21:22 - 2022-09-21 08:11 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-15 21:22 - 2022-09-21 08:11 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-15 21:22 - 2021-02-24 09:47 - 000000000 ____D C:\Program Files\CCleaner
2022-12-15 14:09 - 2021-12-11 09:50 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-1115
2022-12-15 14:09 - 2021-09-10 11:03 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-15 14:09 - 2021-03-08 21:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-15 14:09 - 2020-01-02 09:28 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-15 14:08 - 2019-06-30 13:24 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\Dropbox
2022-12-15 14:06 - 2022-03-30 21:31 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\DropboxElectron
2022-12-15 14:06 - 2021-03-08 21:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-15 14:05 - 2018-08-16 16:21 - 000000000 __SHD C:\Users\c.scribot\IntelGraphicsProfiles
2022-12-14 18:20 - 2022-01-25 22:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-14 17:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-14 16:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-14 16:04 - 2021-11-03 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection
2022-12-14 16:04 - 2021-03-08 21:21 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-14 16:04 - 2019-12-07 15:50 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-12-14 16:04 - 2019-12-07 15:50 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-12-14 16:02 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-14 15:59 - 2021-03-08 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-14 15:59 - 2021-03-08 21:14 - 000314912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 15:59 - 2021-03-08 21:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-14 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-14 15:59 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-12-14 15:59 - 2018-07-27 14:19 - 000000000 ____D C:\Intel
2022-12-14 15:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 15:56 - 2019-06-03 09:37 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Perso
2022-12-14 15:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 15:04 - 2021-03-08 21:15 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-14 14:40 - 2018-07-30 09:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 14:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-14 12:45 - 2018-07-30 09:57 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-14 12:08 - 2022-04-27 09:40 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\OpenVPN Connect
2022-12-14 12:03 - 2018-08-16 10:34 - 000000112 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-12-14 10:39 - 2020-12-08 09:33 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\WebEx
2022-12-12 15:55 - 2019-06-03 09:23 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\Packages
2022-12-12 12:28 - 2019-12-18 15:10 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\à ranger sur réseau
2022-12-12 12:24 - 2022-08-11 13:50 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Vidéos
2022-12-12 09:03 - 2019-06-06 08:15 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\D3DSCache
2022-12-11 20:48 - 2019-06-30 13:24 - 000001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-11 20:48 - 2019-06-30 13:24 - 000001198 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-12-11 20:48 - 2018-07-30 10:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-11 10:26 - 2020-09-04 10:25 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-10 09:33 - 2018-07-31 10:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-12-09 23:36 - 2018-12-03 14:01 - 000000000 ____D C:\Program Files\Google
2022-12-09 12:12 - 2021-12-01 18:09 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-12-09 10:10 - 2022-11-07 15:08 - 000029478 _____ C:\Users\c.scribot.CD2E\Desktop\Economie régionale sédiments - V20170731.xlsx
2022-12-08 22:37 - 2021-01-10 17:01 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-12-07 14:11 - 2021-09-10 19:52 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-07 14:11 - 2021-09-10 19:52 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-12-07 14:11 - 2021-09-10 19:52 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-12-07 14:11 - 2021-09-10 19:52 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-12-05 14:46 - 2021-11-09 11:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-05 14:46 - 2018-07-30 10:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-05 10:37 - 2022-11-09 14:33 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Présentations Assises 2022
2022-12-02 10:12 - 2021-03-08 21:22 - 000004262 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-12-02 10:12 - 2021-03-08 21:22 - 000004030 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-12-01 11:56 - 2019-06-30 13:24 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-29 18:27 - 2021-02-27 17:57 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\CrashDumps
2022-11-27 20:58 - 2018-07-27 14:20 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-22 18:09 - 2020-03-05 09:13 - 000002409 _____ C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-11-21 10:43 - 2022-09-12 08:39 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\com.adobe.dunamis
2022-11-21 08:42 - 2020-10-01 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-20 20:12 - 2022-10-13 11:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-20 20:12 - 2022-10-13 11:06 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-20 20:12 - 2021-03-08 21:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-16 14:46 - 2022-02-18 10:17 - 000000000 ____D C:\Program Files\RUXIM
==================== Fichiers à la racine de certains dossiers ========
2022-08-23 15:33 - 2022-08-23 15:33 - 000000171 _____ () C:\Users\c.scribot.CD2E\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-07-10 09:54 - 2019-07-10 09:54 - 000038507 _____ () C:\Users\c.scribot.CD2E\AppData\Roaming\Valeurs séparées par une virgule.ADR
2022-11-24 10:32 - 2022-11-24 10:32 - 000045358 _____ () C:\Users\c.scribot.CD2E\AppData\Local\SplashScreen_mes-salaries_bakertilly_fr_2.png
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================