Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022 Exécuté par c.scribot (administrateur) sur DSAF006802 (FUJITSU LIFEBOOK E458) (16-12-2022 08:30:24) Exécuté depuis C:\Users\c.scribot.CD2E\Downloads Profils chargés: c.scribot Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (services.exe ->) () [Fichier non signé] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe (services.exe ->) () [Fichier non signé] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe <2> (services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IDS\bin\SISIDSService.exe (services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSService.exe (services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\sisipsutil.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2020-05-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3533264 2017-11-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.) HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (Pas de fichier) HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [CiscoMeetingDaemon] => C:\Users\c.scribot.CD2E\AppData\Local\WebEx\WebexHost.exe [8022224 2022-11-24] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [b1db1d2a99978d211b27ba0e98d8603e] => "C:\Program Files (x86)\Canon\Easy-WebPrint EX\LiveUpdate.exe" --run_mode=background_check (Pas de fichier) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [Microsoft Edge Update] => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\MicrosoftEdgeUpdateCore.exe [263640 2022-11-13] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4290648588-4140737106-210224143-1115\...\Run: [MicrosoftEdgeAutoLaunch_180564FE36FDEA344D01C1D2EF56ADD2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-07] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [482816 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.DLL [83968 2013-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.) HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [16896 2013-04-23] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\C554SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [16896 2013-04-23] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\WINDOWS\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\WINDOWS\system32\CNMLMEU.DLL [1303040 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-07-30] (pdfforge GmbH) [Fichier non signé] HKLM\Software\...\AppCompatFlags\Custom\Battlegrounds.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga HKLM\Software\...\AppCompatFlags\Custom\battlegrounds_x1.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga HKLM\Software\...\AppCompatFlags\Custom\player.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb [2022-08-10] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DeskUpdate.lnk [2014-02-19] ShortcutTarget: DeskUpdate.lnk -> C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdate.exe (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions) Startup: C:\Users\c.scribot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-05-28] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-12-02] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarLeaf.lnk [2020-01-14] ShortcutTarget: StarLeaf.lnk -> C:\Users\c.scribot.CD2E\AppData\Local\StarLeaf\StarLeaf\StarLeaf.exe (StarLeaf Ltd -> StarLeaf Ltd.) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {114AE2E2-B87D-4213-8CF5-A72B5436487A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {20701A96-6747-4FA1-A458-2992BCB641E5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {291242F8-F514-4948-8767-E0C59F8DE9CC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {29B5DEBD-2D40-4C26-9D36-F9713491E075} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {31DC5AF9-64EE-48A7-B4FE-5B8E0CAC1CC5} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4290648588-4140737106-210224143-1115UA => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-11-05] (Microsoft Corporation -> Microsoft Corporation) Task: {3235105C-FFF6-436E-B454-E68ACAAEB9E4} - System32\Tasks\G2MUploadTask-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {37FE87AB-D479-49F9-BE9D-A4B70F25D209} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation) Task: {49C86FF6-9592-4E98-8615-CF06EDAB35A6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {5DE75E13-5A90-4493-85F5-35CF119CAACB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114584 2022-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {665DD75A-A859-42AE-8153-B22AEF9E4302} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-30] (Google Inc -> Google Inc.) Task: {6674F22D-83EA-4504-97DE-2D0B87941D10} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation) Task: {6DFE8CB5-AD06-4616-8FFC-032AEEA2F62A} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-4290648588-4140737106-210224143-1115Core => C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-11-05] (Microsoft Corporation -> Microsoft Corporation) Task: {7258CD34-26E9-4A56-ABC3-FB71875585F0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {73352B96-B251-46C1-84CB-CF701D2DA312} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114584 2022-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {7712337D-7C8C-46BA-B2D4-8357313275E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {77D60510-47C0-4335-BC2C-165242B33AE3} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\SymErr.exe [92280 2018-06-12] (Symantec Corporation -> Symantec Corporation) Task: {7E0F7ADA-0EFB-4988-ACAC-6D3416D8F7D2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {99A55825-0EDE-4A05-B611-2A832BE1EDD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-30] (Google Inc -> Google Inc.) Task: {9DBEF69B-5264-41A5-B986-ACE2F26E5BCA} - System32\Tasks\CCleanerSkipUAC - c.scribot => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {BF3BFA96-4C65-4FD1-8E05-B5AF77BD0B68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {C1B46B12-E930-4CA5-A884-8B42A5EB3443} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-03-08] (Microsoft Windows -> Microsoft Corporation) Task: {C38F072E-BFC3-444A-BD9C-AB479A0BAD06} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-03-08] (Microsoft Windows -> Microsoft Corporation) Task: {C7670243-FB18-4607-9951-92BC14D3FEA4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform) Task: {D434BB07-B4C3-4B18-9FA8-3B322739A205} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cf5df452-9f22-4f2a-8352-48dbcb0db756" --version "6.05.10110" --silent Task: {E84174B1-2887-4B4B-BAA0-AF54A47CEFF4} - System32\Tasks\G2MUpdateTask-S-1-5-21-4290648588-4140737106-210224143-1115 => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {F499B732-3AC0-4905-9DE7-66EE2ED16066} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/cCD2E\c.scr Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerCD2E\c.scr Task: C:\WINDOWS\Tasks\EsgInstallerTask81.job => rundll32.exe Ðurl.dll,FileProtocolHandler hxxps:/www.enigmasoftware.com/congratulations-spyhunter-installed/?hwx=e36469df001c6fc50cf8b29d26e6d16a&lang=FR&purl=https%3A%2F%2Fpurchase%2Eenigmasoftware%2Ecom%2Fshwin&sid=sh C:\WINDOWS\system32CD2E\c.scr Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4290648588-4140737106-210224143-1115.job => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupdate.exe C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950CD2E\c.scr Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4290648588-4140737106-210224143-1115.job => C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950\g2mupload.exe C:\Users\c.scribot.CD2E\AppData\Local\GoToMeeting\19950CD2E\c.scr ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{30e4f3c4-180f-474f-9a1b-63967ff9eae7}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{7fd138c9-ff6e-43d4-87e3-29f297aaccf3}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{ba481211-92d1-4fff-b4ae-4293f13db54c}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Edge: ======= DownloadDir: C:\Users\c.scribot.CD2E\Downloads Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-15] Edge DownloadDir: Default -> C:\Users\c.scribot.CD2E\Downloads FireFox: ======== FF DefaultProfile: 0co0nkgu.default FF ProfilePath: C:\Users\c.scribot.CD2E\AppData\Roaming\Mozilla\Firefox\Profiles\0co0nkgu.default [2022-11-09] FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-4290648588-4140737106-210224143-1115: SkypeForBusinessPlugin-16.2 -> C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-4290648588-4140737106-210224143-1115: SkypeForBusinessPlugin64-16.2 -> C:\Users\c.scribot.CD2E\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default [2022-12-16] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://meet.google.com; hxxps://rapidd.developpement-durable.gouv.fr; hxxps://www.idealco.fr CHR Extension: (Google Traduction) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-11] CHR Extension: (Slinky Elégante) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2019-12-30] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-07] CHR Extension: (uBlock Origin) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-11-20] CHR Extension: (Google Docs hors connexion) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-05] CHR Extension: (Evernote Web) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2019-06-03] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-08-11] CHR Extension: (Creately - Diagrammes & Collaboration) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehmcgkakgfcibfkeofncglipefjcfnn [2019-06-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR Extension: (diagrams.net) - C:\Users\c.scribot.CD2E\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlkggianjhjenigcpigpjehhpplldkc [2020-04-24] CHR HKU\S-1-5-21-4290648588-4140737106-210224143-1115\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe [2445824 2021-02-10] () [Fichier non signé] S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-07] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-24] (Dropbox, Inc -> Dropbox, Inc.) S3 FBIOSDRVService; C:\WINDOWS\System32\DriverStore\FileRepository\fbiosdrv.inf_amd64_b0a0cc2a0826a166\fbiosdrv-service.exe [145032 2022-06-02] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-15] (Microsoft Corporation -> Microsoft Corporation) S2 Fuj02e3DriverUtilityService; C:\WINDOWS\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f13688afded4a291\fuj02e3-utility.exe [346576 2017-11-08] (Microsoft Windows Hardware Compatibility Publisher -> FUJITSU LIMITED) S2 heCAF; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\Common Agent Framework\CAFServiceMain.exe [3717360 2021-11-03] (Symantec Corporation -> Symantec Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-28] (Malwarebytes Inc. -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-15] (Microsoft Corporation -> Microsoft Corporation) R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [2280448 2021-02-10] () [Fichier non signé] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SepLpsService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe [157936 2018-06-12] (Symantec Corporation -> Symantec Corporation) R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin\ccSvcHst.exe [157936 2018-06-12] (Symantec Corporation -> Symantec Corporation) R2 SISIDSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IDS\bin\SISIDSService.exe [3179248 2021-11-03] (Symantec Corporation -> Symantec Corporation) R2 SISIPSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSService.exe [101104 2021-11-03] (Symantec Corporation -> Symantec Corporation) R2 SISIPSUtil; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\SAEP\IPS\bin\SISIPSUtil.exe [273648 2021-11-03] (Symantec Corporation -> Symantec Corporation) S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin64\snac64.exe [377984 2018-06-12] (Symantec Corporation -> Symantec Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Data\Definitions\BASHDefs\20221208.001\BHDrvx64.sys [1705040 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [175816 2020-04-20] (BayHub Technology Inc. -> BayHubTech/O2Micro) R3 bhtsddr; C:\WINDOWS\system32\DRIVERS\bhtsddr.sys [171224 2021-05-16] (BayHub Technology Inc. -> BayHubTech) R1 ccSettings_{FDEE1BF7-B360-4872-9ADC-558777D19563}; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\ccSetx64.sys [179360 2018-06-12] (Symantec Corporation -> Symantec Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project) R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-01] (Intel Corporation -> Intel Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 FBIOSDRV; C:\WINDOWS\System32\DriverStore\FileRepository\fbiosdrv.inf_amd64_b0a0cc2a0826a166\FBIOSDRV.sys [48776 2022-06-02] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED) R3 fuj02e3; C:\WINDOWS\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f13688afded4a291\fuj02e3.sys [67856 2017-11-08] (FUJITSU LIMITED -> FUJITSU LIMITED) R3 GabiAcpi; C:\WINDOWS\System32\drivers\GabiAcpi.sys [40488 2020-07-15] (FUJITSU CLIENT COMPUTING LIMITED -> Fujitsu Technology Solutions) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Data\Definitions\IPSDefs\20221214.061\IDSvia64.sys [1488976 2021-11-03] (Symantec Corporation -> Broadcom) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> ) S3 SISIDSRegDrv; C:\WINDOWS\system32\Drivers\SISIDSRegDrv.sys [50144 2021-11-03] (Symantec Corporation -> Symantec Corporation) S3 SISIPSDeviceFilter; C:\WINDOWS\system32\Drivers\SISIPSDeviceFilter.sys [52712 2021-11-03] (Symantec Corporation -> Symantec Corporation) R1 SISIPSDriver; C:\WINDOWS\System32\Drivers\SISIPSDriver.sys [319976 2021-11-03] (Symantec Corporation -> Symantec Corporation) S3 SISIPSFileFilter; C:\WINDOWS\system32\Drivers\SISIPSFileFilter.sys [84960 2021-11-03] (Symantec Corporation -> Symantec Corporation) S1 SISIPSNetFilter; C:\WINDOWS\System32\Drivers\SISIPSNetFilter.sys [64504 2021-11-03] (Symantec Corporation -> Symantec Corporation) R1 SRTSP; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SRTSP64.SYS [831064 2018-06-12] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SRTSPX64.SYS [49240 2018-06-12] (Symantec Corporation -> Symantec Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.758.0000.105\Bin64\SyDvCtrl64.sys [44568 2018-06-12] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0603020.009\symefasi64.sys [1793104 2021-11-03] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SymELAM.sys [24192 2018-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99920 2021-11-03] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\Ironx64.SYS [308304 2018-06-12] (Symantec Corporation -> Symantec Corporation) R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E0202F6\0000.105\x64\SYMNETS.SYS [566864 2018-06-12] (Symantec Corporation -> Symantec Corporation) R1 SysPlant; C:\WINDOWS\System32\Drivers\SysPlant.sys [222584 2021-11-03] (Symantec Corporation -> Symantec Corporation) R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-02-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [130976 2018-06-12] (Symantec Corporation -> Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-12-16 08:30 - 2022-12-16 08:31 - 000033515 _____ C:\Users\c.scribot.CD2E\Downloads\FRST.txt 2022-12-16 08:30 - 2022-12-16 08:30 - 000000000 ____D C:\Users\c.scribot.CD2E\Downloads\FRST-OlderVersion 2022-12-16 08:30 - 2022-12-16 08:30 - 000000000 ____D C:\FRST 2022-12-16 08:29 - 2022-12-16 08:30 - 002375680 _____ (Farbar) C:\Users\c.scribot.CD2E\Downloads\FRST64-2.1.exe 2022-12-16 08:25 - 2022-12-16 08:25 - 008791352 _____ (Malwarebytes) C:\Users\c.scribot.CD2E\Downloads\adwcleaner(1).exe 2022-12-16 08:14 - 2022-12-16 08:14 - 008791352 _____ (Malwarebytes) C:\Users\c.scribot.CD2E\Downloads\adwcleaner.exe 2022-12-14 16:00 - 2022-12-14 16:00 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-12-14 15:04 - 2022-12-14 15:04 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-12-14 15:04 - 2022-12-14 15:04 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-12-14 14:55 - 2022-12-14 14:55 - 000000000 ___HD C:\$WinREAgent 2022-12-11 22:02 - 2022-12-11 22:02 - 000000694 _____ C:\WINDOWS\Tasks\EsgInstallerTask81.job 2022-12-11 18:35 - 2022-12-11 18:35 - 000696907 _____ C:\Users\c.scribot.CD2E\Downloads\10475175-T102500704-A102959958-FRC263585958.pdf 2022-12-09 23:36 - 2022-12-16 07:59 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-12-09 23:36 - 2022-12-09 23:36 - 001427176 _____ (Google LLC) C:\Users\c.scribot.CD2E\Downloads\ChromeSetup (1).exe 2022-12-09 23:34 - 2022-12-09 23:34 - 001427176 _____ (Google LLC) C:\Users\c.scribot.CD2E\Downloads\ChromeSetup.exe 2022-12-08 22:41 - 2022-12-08 22:41 - 001016973 _____ C:\Users\c.scribot.CD2E\Downloads\Un_Sicle.pdf 2022-12-06 13:59 - 2022-12-06 13:59 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\ILOVEPDF 2022-12-06 13:59 - 2022-12-06 13:59 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\ILOVEPDF 2022-12-06 13:58 - 2022-12-06 13:58 - 010678282 _____ C:\Users\c.scribot.CD2E\Desktop\Revue de presse Assises2022 v06dec22.pdf 2022-12-06 13:58 - 2022-12-06 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLovePDF 2022-12-06 13:58 - 2022-12-06 13:58 - 000000000 ____D C:\Program Files\iLovePDF 2022-12-06 13:57 - 2022-12-06 13:57 - 000885520 _____ C:\Users\c.scribot.CD2E\Downloads\iLovePDF Desktop Installer.exe 2022-12-05 16:12 - 2022-12-13 15:50 - 000366368 _____ C:\Users\c.scribot.CD2E\Desktop\Sédimenterre - présentation.pdf 2022-12-05 11:36 - 2022-12-05 11:36 - 000000112 _____ C:\Users\c.scribot.CD2E\Desktop\Plan de développement de l’économie circulaire en Hauts-deFrance.url 2022-12-05 11:36 - 2022-12-05 11:36 - 000000105 _____ C:\Users\c.scribot.CD2E\Desktop\pac_v3_web.pdf.url 2022-12-05 09:10 - 2022-12-16 08:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-12-01 11:56 - 2022-12-01 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-11-30 14:47 - 2022-11-30 14:47 - 000362311 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669816046_13136934_badge.pdf 2022-11-30 14:47 - 2022-11-30 14:47 - 000360615 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669816040_13136828_badge.pdf 2022-11-30 14:19 - 2022-11-30 14:19 - 000362238 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669814369_13136595_badge.pdf 2022-11-30 14:08 - 2022-11-30 14:08 - 000361276 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669813692_13135899_badge.pdf 2022-11-30 14:06 - 2022-11-30 14:06 - 000361276 _____ C:\Users\c.scribot.CD2E\Downloads\31484_1669813580_13135899_badge.pdf 2022-11-30 11:12 - 2022-11-30 11:12 - 001019352 _____ (Mixbyte Inc. ) C:\Users\c.scribot.CD2E\Downloads\FreemakeVideoDownloaderSetup_9a55a9a4-aa7d-7f2f-0597-f4fdb8533855.exe 2022-11-29 22:51 - 2022-11-29 22:51 - 000241736 _____ C:\Users\c.scribot.CD2E\Downloads\note_de_cadrage.pdf 2022-11-29 22:00 - 2022-11-29 22:00 - 000441741 _____ C:\Users\c.scribot.CD2E\Downloads\CP-REV3-la-feuille-de-route-2022-2027-pour-transformer-les-Hauts-de-France.pdf 2022-11-27 20:58 - 2022-11-27 20:58 - 000000000 ____D C:\ProgramData\TechSmith 2022-11-25 13:09 - 2022-11-25 13:10 - 000000000 ____D C:\Users\c.scribot.CD2E\Downloads\Marketplace - Btwin _ Facebook_files 2022-11-25 13:09 - 2022-11-25 13:09 - 005046890 _____ C:\Users\c.scribot.CD2E\Downloads\Marketplace - Btwin _ Facebook.html 2022-11-24 16:46 - 2022-11-24 16:49 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\REPLAYS LIVESTORM 2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-11-24 04:30 - 2022-11-24 04:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-11-24 04:30 - 2022-11-24 04:30 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-11-23 10:10 - 2022-11-23 10:10 - 000754927 _____ C:\Users\c.scribot.CD2E\Downloads\RV77_Envisan_TracabiliteCirculariteVertueuse_CMetCS_p36-40.pdf 2022-11-22 17:46 - 2022-11-22 17:46 - 000090735 _____ C:\Users\c.scribot.CD2E\Downloads\Georges AOUAD Registration Invoice.pdf 2022-11-22 10:47 - 2022-11-22 10:47 - 005144981 _____ C:\Users\c.scribot.CD2E\Downloads\ilovepdf_merged (3).pdf 2022-11-20 11:27 - 2022-11-17 21:49 - 000057228 _____ C:\Users\c.scribot.CD2E\Desktop\OPnGO_invoice_263817.pdf 2022-11-20 11:26 - 2022-11-20 11:26 - 000039671 _____ C:\Users\c.scribot.CD2E\Downloads\expenseReport.zip 2022-11-17 14:23 - 2022-11-17 14:23 - 008306776 _____ C:\Users\c.scribot.CD2E\Downloads\Photos-001 (2).zip ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-12-16 08:19 - 2019-08-30 14:06 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\LocalLow\Mozilla 2022-12-16 08:16 - 2018-07-30 10:46 - 000000000 ____D C:\Program Files (x86)\Google 2022-12-16 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-12-16 07:58 - 2021-03-08 21:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-12-15 21:22 - 2022-09-21 08:11 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2022-12-15 21:22 - 2022-09-21 08:11 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2022-12-15 21:22 - 2021-02-24 09:47 - 000000000 ____D C:\Program Files\CCleaner 2022-12-15 14:09 - 2021-12-11 09:50 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4290648588-4140737106-210224143-1115 2022-12-15 14:09 - 2021-09-10 11:03 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-12-15 14:09 - 2021-03-08 21:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-12-15 14:09 - 2020-01-02 09:28 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-12-15 14:08 - 2019-06-30 13:24 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\Dropbox 2022-12-15 14:06 - 2022-03-30 21:31 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\DropboxElectron 2022-12-15 14:06 - 2021-03-08 21:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-12-15 14:05 - 2018-08-16 16:21 - 000000000 __SHD C:\Users\c.scribot\IntelGraphicsProfiles 2022-12-14 18:20 - 2022-01-25 22:11 - 000000000 ____D C:\Program Files (x86)\Steam 2022-12-14 17:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-12-14 16:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-12-14 16:04 - 2021-11-03 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection 2022-12-14 16:04 - 2021-03-08 21:21 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-12-14 16:04 - 2019-12-07 15:50 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2022-12-14 16:04 - 2019-12-07 15:50 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2022-12-14 16:02 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-12-14 15:59 - 2021-03-08 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-12-14 15:59 - 2021-03-08 21:14 - 000314912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-12-14 15:59 - 2021-03-08 21:14 - 000008192 ___SH C:\DumpStack.log.tmp 2022-12-14 15:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-12-14 15:59 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-12-14 15:59 - 2018-07-27 14:19 - 000000000 ____D C:\Intel 2022-12-14 15:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-12-14 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-12-14 15:56 - 2019-06-03 09:37 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Perso 2022-12-14 15:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-12-14 15:04 - 2021-03-08 21:15 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-12-14 14:40 - 2018-07-30 09:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-12-14 14:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-12-14 12:45 - 2018-07-30 09:57 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-12-14 12:08 - 2022-04-27 09:40 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\OpenVPN Connect 2022-12-14 12:03 - 2018-08-16 10:34 - 000000112 _____ C:\WINDOWS\system32\config\netlogon.ftl 2022-12-14 10:39 - 2020-12-08 09:33 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\WebEx 2022-12-12 15:55 - 2019-06-03 09:23 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\Packages 2022-12-12 12:28 - 2019-12-18 15:10 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\à ranger sur réseau 2022-12-12 12:24 - 2022-08-11 13:50 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Vidéos 2022-12-12 09:03 - 2019-06-06 08:15 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\D3DSCache 2022-12-11 20:48 - 2019-06-30 13:24 - 000001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2022-12-11 20:48 - 2019-06-30 13:24 - 000001198 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2022-12-11 20:48 - 2018-07-30 10:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-12-11 10:26 - 2020-09-04 10:25 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-12-10 09:33 - 2018-07-31 10:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-12-09 23:36 - 2018-12-03 14:01 - 000000000 ____D C:\Program Files\Google 2022-12-09 12:12 - 2021-12-01 18:09 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-12-09 10:10 - 2022-11-07 15:08 - 000029478 _____ C:\Users\c.scribot.CD2E\Desktop\Economie régionale sédiments - V20170731.xlsx 2022-12-08 22:37 - 2021-01-10 17:01 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-12-07 14:11 - 2021-09-10 19:52 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-12-07 14:11 - 2021-09-10 19:52 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk 2022-12-07 14:11 - 2021-09-10 19:52 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2022-12-07 14:11 - 2021-09-10 19:52 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk 2022-12-05 14:46 - 2021-11-09 11:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-12-05 14:46 - 2018-07-30 10:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-12-05 10:37 - 2022-11-09 14:33 - 000000000 ____D C:\Users\c.scribot.CD2E\Desktop\Présentations Assises 2022 2022-12-02 10:12 - 2021-03-08 21:22 - 000004262 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2022-12-02 10:12 - 2021-03-08 21:22 - 000004030 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2022-12-01 11:56 - 2019-06-30 13:24 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-11-29 18:27 - 2021-02-27 17:57 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Local\CrashDumps 2022-11-27 20:58 - 2018-07-27 14:20 - 000000000 ____D C:\ProgramData\Package Cache 2022-11-22 18:09 - 2020-03-05 09:13 - 000002409 _____ C:\Users\c.scribot.CD2E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-11-21 10:43 - 2022-09-12 08:39 - 000000000 ____D C:\Users\c.scribot.CD2E\AppData\Roaming\com.adobe.dunamis 2022-11-21 08:42 - 2020-10-01 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-11-20 20:12 - 2022-10-13 11:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-11-20 20:12 - 2022-10-13 11:06 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2022-11-20 20:12 - 2021-03-08 21:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-11-16 14:46 - 2022-02-18 10:17 - 000000000 ____D C:\Program Files\RUXIM ==================== Fichiers à la racine de certains dossiers ======== 2022-08-23 15:33 - 2022-08-23 15:33 - 000000171 _____ () C:\Users\c.scribot.CD2E\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 2019-07-10 09:54 - 2019-07-10 09:54 - 000038507 _____ () C:\Users\c.scribot.CD2E\AppData\Roaming\Valeurs séparées par une virgule.ADR 2022-11-24 10:32 - 2022-11-24 10:32 - 000045358 _____ () C:\Users\c.scribot.CD2E\AppData\Local\SplashScreen_mes-salaries_bakertilly_fr_2.png ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================