Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.06.2024 Ran by Ludovic Le Lay (administrator) on HAB-LUDO-PC (Microsoft Corporation Surface Pro 6) (27-06-2024 13:28:43) Running from C:\Users\Ludovic Le Lay\Desktop\FRST64.exe Loaded Profiles: Ludovic Le Lay Platform: Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) Language: English (United Kingdom) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2> (C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2> (C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe <2> (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <8> (C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\92.0.1.0\crashpad_handler.exe (C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> com.logitech) C:\ProgramData\LogiShrd\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe (C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe (C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe (C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.68\msedgewebview2.exe <24> (cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <2> (DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\lync.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe (rundll32.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dc16e5f1dbf8051f\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dc16e5f1dbf8051f\IntelCpHeciSvc.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAXSEASQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.SurfaceHub_61.24050.134.0_x64__8wekyb3d8bbwe\Services\SurfaceBroker.exe (services.exe ->) (Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe (services.exe ->) (Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm.inf_amd64_7d200f2580ecd8a5\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe (sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe (sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.232.137.0_x64__8wekyb3d8bbwe\Desktop\WDADesktopService.exe (sihost.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6> (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2423.8.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig64.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\secd.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.14326.21886.0_x64__8wekyb3d8bbwe\onenoteim.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\PrintDialog\PrintDialog.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mmgaserver.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3> (TeamViewer Germany GmbH -> ) C:\Windows\Temp\nssD376.tmp\TvUpdateInfo.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\hdxsstm.inf_amd64_7d200f2580ecd8a5\RtkAudUService64.exe [835680 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9248144 2024-06-25] (Dropbox, Inc -> Dropbox, Inc.) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.68\Installer\setup.exe [6806568 2024-06-22] (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3857086022-1456609864-141427266-1001\...\Run: [MicrosoftEdgeAutoLaunch_F3EE0FF76D1916C006D7959CDDB34155] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3883560 2024-06-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3857086022-1456609864-141427266-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26529688 2024-06-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3857086022-1456609864-141427266-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Teams\Update.exe [2593856 2024-05-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3857086022-1456609864-141427266-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\C4050iSeriesPCL Language Monitor: C:\WINDOWS\system32\KOAXNJ_L.dll [25728 2018-12-02] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon11.dll [31936 2016-09-08] (Nitro Software, Inc. -> Nitro Software, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-27] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1A720756-43F3-49C3-9398-6E350D9D0555} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {110F51E7-16C5-48A4-B466-CAF5F9209DEC} - System32\Tasks\Agent Activation Runtime\Leojapi => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-26] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\ExtraDirect\CmeanProper\C:\PROGRA~2\COMMON~1\EXTRAD~1\CMEANP~1\SVSXSF~1.DLL CNBt0WSAanmpnn Task: {40AB8800-5EEF-4158-A724-884B84AA5E1C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {FBF8DD15-586C-48C3-A8D0-9F20A508874E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {28E6BD7F-EF34-4562-946A-4B6A2E2F046F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{6E3DACEE-C97A-43E5-8CFC-D29EB94208AA} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC) Task: {03E542E8-E7CF-4C32-912C-84719A289A37} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499640 2024-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {866753C0-1A58-401B-AE78-DFFACE430203} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499640 2024-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {79A1E769-CC57-47BC-9E6D-A583B20D5DAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {908E3419-4D8A-435D-9FD5-A57231841668} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {8F132785-AAD0-4CB5-A51A-26BA811E9790} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-10] (Microsoft Corporation -> Microsoft Corporation) Task: {1AE2C120-EA54-4DC2-9BCE-AFFF467AE681} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-26] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File) Task: {89F30AFB-2196-4D9D-BE2B-756A8F789936} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (No File) Task: {A96AEE45-C3B1-4831-8B92-9A192A58F296} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File) Task: {C7A1B7BC-4672-43C5-BAE7-C1A982A506F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File) Task: {F40794AA-E1EA-4592-9CE0-9C6E7332141B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {1C5048B8-37C2-4BB5-98DB-90A6ADDD0B70} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-22] (Microsoft Corporation -> Microsoft Corporation) Task: {A8B57159-BAAB-4C28-9726-8C4D3AD99886} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3857086022-1456609864-141427266-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-22] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}: [DhcpDomain] home Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}\960586F6E65602852702D202C45746F602C4C4: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}\96E66796475637D236462393: [DhcpNameServer] 10.253.0.10 Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}\96E66796475637D236462393: [DhcpDomain] finistere.fr Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}\B4542594A55434F5D445C4: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}\D44634F5537484A7: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{76e52150-94e8-467e-9b28-d11f5b870ed1}\D44634F5537484A7: [DhcpDomain] home Tcpip\..\Interfaces\{bfa56ec5-7427-48cc-ac3c-9203735d0a24}: [DhcpNameServer] 172.20.10.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-27] Edge Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com Edge HomePage: Default -> hxxp://google.fr/ Edge StartupUrls: Default -> "hxxp://google.fr/" Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-06-13] Edge Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2024-06-27] Edge Extension: (Google Docs Offline) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27] Edge Extension: (Save to Facebook) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2023-04-11] Edge Extension: (Edge relevant text changes) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (AdBlock — block ads across the web) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-06-26] Edge Extension: (Video Downloader PLUS) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2024-05-30] Edge Extension: (Free VPN for Edge - VPN Proxy VeePN) - C:\Users\Ludovic Le Lay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\panammoooggmlehahpcjckcncfeffcoi [2024-05-15] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-06-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-06-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-06-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-09-08] (Nitro Software, Inc. -> Nitro PDF) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default [2024-06-27] CHR Notifications: Default -> hxxps://app.ringover.com; hxxps://business.facebook.com; hxxps://mail.google.com; hxxps://meet.google.com CHR HomePage: Default -> hxxp://google.fr/ CHR Extension: (Google Docs hors connexion) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-06-27] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-06-13] CHR Extension: (Save to Facebook) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-06-21] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-03-20] CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2024-05-21] CHR Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-06-27] CHR Extension: (Video Downloader PLUS) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2024-05-28] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-06-10] CHR Profile: C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-06-10] CHR Notifications: Profile 1 -> hxxps://mail.google.com CHR Extension: (Slides) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-19] CHR Extension: (Docs) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-19] CHR Extension: (Google Drive) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-19] CHR Extension: (YouTube) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-19] CHR Extension: (Sheets) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-19] CHR Extension: (Google Docs hors connexion) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-19] CHR Extension: (Gmail) - C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-19] CHR Profile: C:\Users\Ludovic Le Lay\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-27] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKU\S-1-5-21-3857086022-1456609864-141427266-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012600 2024-06-18] (Microsoft Corporation -> Microsoft Corporation) R2 CrypKey License; C:\WINDOWS\system32\crypserv.exe [126976 2013-04-11] (CrypKey (Canada) Ltd.) [File not signed] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-06-25] (Dropbox, Inc -> Dropbox, Inc.) S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\202.4.5551\DropboxElevationService.exe [1659288 2024-06-25] (Dropbox, Inc -> Dropbox, Inc.) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.111.0602.0003\FileSyncHelper.exe [3518896 2024-06-22] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8895072 2024-06-13] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-06-13] (Malwarebytes Inc. -> Malwarebytes) R2 MSSQL$MAXSEASQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAXSEASQLEXPRESS\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation) R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327360 2016-09-08] (Nitro Software, Inc. -> Nitro Software, Inc.) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [418496 2016-09-08] (Nitro Software, Inc. -> ) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.111.0602.0003\OneDriveUpdaterService.exe [3858336 2024-06-22] (Microsoft Corporation -> Microsoft Corporation) R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [19202304 2024-06-14] (Logitech Inc -> Logitech, Inc.) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-26] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$MAXSEASQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAXSEASQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation) R2 SurfaceExperienceService-61.24050.134; C:\Program Files\WindowsApps\Microsoft.SurfaceHub_61.24050.134.0_x64__8wekyb3d8bbwe\Services\SurfaceBroker.exe [8739360 2024-06-03] (Microsoft Corporation -> Microsoft) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [19285304 2024-06-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ose64; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2024-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221136 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234856 2024-06-22] (Malwarebytes Inc. -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-06-22] (Malwarebytes Inc. -> Malwarebytes) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R1 NetworkX; C:\WINDOWS\System32\ckldrv.sys [31416 2013-04-12] (CrypKey (Canada) Inc. -> ) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2020-09-10] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-06-27 13:28 - 2024-06-27 13:29 - 000034449 _____ C:\Users\Ludovic Le Lay\Desktop\FRST.txt 2024-06-27 13:26 - 2024-06-27 13:29 - 000000000 ____D C:\FRST 2024-06-27 13:26 - 2024-06-27 13:26 - 002395648 _____ (Farbar) C:\Users\Ludovic Le Lay\Desktop\FRST64.exe 2024-06-27 12:16 - 2024-06-27 12:16 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\LocalLow\IGDump 2024-06-27 10:33 - 2024-06-27 10:33 - 000817892 _____ C:\WINDOWS\system32\perfh00C.dat 2024-06-27 10:33 - 2024-06-27 10:33 - 000162704 _____ C:\WINDOWS\system32\perfc00C.dat 2024-06-26 10:24 - 2024-06-26 10:24 - 000321970 _____ C:\Users\Ludovic Le Lay\Desktop\Virement_TDUK_26062024.pdf 2024-06-26 10:22 - 2024-06-26 10:22 - 000070495 _____ C:\Users\Ludovic Le Lay\Downloads\justificatif virement_HENT AR BUGALE_26_06_2024.pdf 2024-06-26 09:55 - 2024-06-26 09:55 - 003793851 _____ C:\Users\Ludovic Le Lay\Desktop\Devis DE00000457.pdf 2024-06-26 09:14 - 2024-06-26 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2024-06-25 13:18 - 2024-06-25 13:18 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2024-06-25 11:52 - 2024-06-25 11:52 - 000169519 _____ C:\Users\Ludovic Le Lay\Desktop\Analytique 06-2024_Estimation_Revision.pdf 2024-06-25 11:08 - 2024-06-25 11:08 - 000806272 _____ C:\Users\Ludovic Le Lay\Desktop\Analytique 06-2024_Estimation_Revision+AideGO.xlsx 2024-06-25 10:12 - 2024-06-25 10:12 - 000054444 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i24053006431.pdf 2024-06-25 08:45 - 2024-06-25 08:46 - 000271017 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i24060307330 (1).pdf 2024-06-24 13:11 - 2024-06-24 13:11 - 000126274 _____ C:\Users\Ludovic Le Lay\Desktop\E-Relevés de factures_CA_HAV.pdf 2024-06-24 13:09 - 2024-06-27 13:26 - 000000000 ___HD C:\Users\Ludovic Le Lay\Downloads\.tmp.driveupload 2024-06-24 13:09 - 2024-06-24 13:09 - 000126274 _____ C:\Users\Ludovic Le Lay\Downloads\E-Relevés de factures.pdf 2024-06-23 21:18 - 2024-06-23 21:18 - 000287509 _____ C:\Users\Ludovic Le Lay\Desktop\ARLAERES_23062024.pdf 2024-06-22 10:35 - 2024-06-27 13:29 - 000000000 ___HD C:\Users\Ludovic Le Lay\Desktop\.tmp.driveupload 2024-06-22 10:31 - 2024-06-22 10:31 - 000234856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys 2024-06-22 10:31 - 2024-06-22 10:31 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-06-19 18:22 - 2024-06-19 18:22 - 000184880 _____ C:\Users\Ludovic Le Lay\Downloads\HENT AR BUGALE - Actes du 20-03-2024.pdf 2024-06-19 12:45 - 2024-06-23 21:19 - 000093991 _____ C:\Users\Ludovic Le Lay\Desktop\LISTE EQUIPAGE FLOTTE.xlsx 2024-06-19 08:55 - 2024-06-19 08:55 - 000151060 _____ C:\Users\Ludovic Le Lay\Desktop\HYPOTHEQUES_STA_2023.pdf 2024-06-19 08:49 - 2024-06-19 08:49 - 000450483 _____ C:\Users\Ludovic Le Lay\Desktop\HYPOTHEQUES_HAM+HAH+STA_2023.pdf 2024-06-18 16:39 - 2024-06-18 16:39 - 000113472 _____ C:\Users\Ludovic Le Lay\Desktop\CHIFFRES ABAPP 2023 - 2024.xlsx 2024-06-18 14:32 - 2024-06-18 14:32 - 000143058 _____ C:\Users\Ludovic Le Lay\Desktop\LOCTUDY POLE PECHE - APC 2024 - Pouvoir.pdf 2024-06-18 14:27 - 2024-06-18 14:27 - 000029759 _____ C:\Users\Ludovic Le Lay\Desktop\2Nde Convocation_AG_LPP_270620224.pdf 2024-06-18 09:16 - 2024-06-18 09:17 - 000027546 _____ C:\Users\Ludovic Le Lay\Downloads\Compte_33121727714 (2).pdf 2024-06-17 13:33 - 2024-06-17 13:33 - 000000931 _____ C:\Users\Ludovic Le Lay\Downloads\2024-06-06T160110_DGFIP-4166a30f704c97c42a8d11c4-1-2-OK-TOPAZE-0322681253_20240606133519_52106288500012.xml 2024-06-17 08:23 - 2024-06-17 08:24 - 000000000 ____D C:\Program Files\LogiOptionsPlus 2024-06-17 08:23 - 2024-06-17 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2024-06-13 17:48 - 2024-06-19 12:26 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\CrashDumps 2024-06-13 17:15 - 2024-06-13 17:22 - 000000097 _____ C:\Users\Ludovic 2024-06-13 17:14 - 2024-06-13 17:33 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\ZHP 2024-06-13 17:14 - 2024-06-13 17:14 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\ZHP 2024-06-13 16:47 - 2024-06-27 13:25 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\Malwarebytes 2024-06-13 16:47 - 2024-06-13 16:47 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-06-13 16:47 - 2024-06-13 16:47 - 000002091 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-06-13 16:45 - 2024-06-13 16:45 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-06-13 16:45 - 2024-06-13 16:45 - 000000000 ____D C:\Program Files\Malwarebytes 2024-06-13 16:44 - 2024-06-13 16:44 - 002591712 _____ (Malwarebytes) C:\Users\Ludovic Le Lay\Downloads\MBSetup.exe 2024-06-13 09:51 - 2024-06-13 09:51 - 000117230 _____ C:\Users\Ludovic Le Lay\Downloads\Relevé n°001 du 30_09_2023.pdf 2024-06-13 09:32 - 2024-06-13 09:32 - 002180222 _____ C:\Users\Ludovic Le Lay\Downloads\facebook-ludolelay-13_06_2024-zt0QWQg3.zip 2024-06-12 19:35 - 2024-06-12 19:35 - 000385428 _____ C:\Users\Ludovic Le Lay\Downloads\UK Foreign Vessel Licence (DSS) (BYC) 2024.pdf 2024-06-12 18:38 - 2024-06-12 18:38 - 000062744 _____ C:\Users\Ludovic Le Lay\Downloads\gv_rdc_21090714580.pdf 2024-06-12 09:12 - 2024-06-12 09:12 - 000125236 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_CONNEMARA_5-2011 (1).pdf 2024-06-12 09:11 - 2024-06-12 09:11 - 000152325 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_CONNEMARA_4-2013 (1).pdf 2024-06-12 08:21 - 2024-06-12 08:21 - 000163976 _____ C:\Users\Ludovic Le Lay\Downloads\20240607_IM_MR_776899554_TTTF110AA (1).pdf 2024-06-11 15:59 - 2024-06-11 15:59 - 000113688 _____ C:\Users\Ludovic Le Lay\Downloads\E-Avis de réalisation et tableau d'amortissement(31_05_2024).pdf 2024-06-11 15:57 - 2024-06-11 15:57 - 000101578 _____ C:\Users\Ludovic Le Lay\Downloads\Tableau d'amortissement banque - 09253764 - 20240430.pdf 2024-06-11 15:46 - 2024-06-11 15:46 - 000080709 _____ C:\Users\Ludovic Le Lay\Downloads\Extrait de compte - 33121727714 - 20240502.pdf 2024-06-11 15:45 - 2024-06-11 15:45 - 000081016 _____ C:\Users\Ludovic Le Lay\Downloads\Extrait de compte - 33121727714 - 20240531.pdf 2024-06-11 15:39 - 2024-06-11 15:39 - 000115944 _____ C:\Users\Ludovic Le Lay\Downloads\Relevé n°001 du 30_04_2024 (1).pdf 2024-06-11 15:32 - 2024-06-11 15:32 - 000117303 _____ C:\Users\Ludovic Le Lay\Downloads\Relevé n°002 du 31_05_2024.pdf 2024-06-11 15:32 - 2024-06-11 15:32 - 000114384 _____ C:\Users\Ludovic Le Lay\Downloads\Relevé n°001 du 30_04_2024.pdf 2024-06-11 15:07 - 2024-06-22 10:30 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2024-06-11 15:07 - 2024-06-11 15:07 - 000000000 ____D C:\WINDOWS\system32\%userprofile% 2024-06-11 15:03 - 2024-06-11 15:03 - 000000841 _____ C:\Users\Ludovic Le Lay\Desktop\PAX VOBIS.lnk 2024-06-10 17:17 - 2024-06-10 17:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-06-10 16:40 - 2024-06-22 10:34 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\Custom Office Templates 2024-06-10 15:21 - 2024-06-22 10:30 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2024-06-10 15:21 - 2024-06-22 10:30 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-06-10 15:21 - 2024-06-11 15:07 - 000000000 ___RD C:\Users\Default\OneDrive 2024-06-10 15:18 - 2024-06-10 15:18 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2024-06-10 15:18 - 2024-06-10 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2024-06-10 15:15 - 2024-06-22 10:30 - 000000000 ____D C:\Program Files\Microsoft Office 2024-06-10 15:15 - 2024-06-10 15:15 - 000000000 ____D C:\Program Files\Microsoft Office 15 2024-06-10 15:13 - 2024-06-10 12:50 - 030883473 _____ C:\Users\Ludovic Le Lay\Downloads\Non confirmé 180301.crdownload 2024-06-10 14:24 - 2024-06-13 16:58 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2024-06-10 12:16 - 2024-06-10 12:16 - 003211264 _____ (as) C:\ProgramData\GCAFCAFHJJ.exe 2024-06-10 12:11 - 2024-06-10 12:12 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll 2024-06-10 12:04 - 2024-06-10 12:04 - 000000000 ____D C:\Users\Ludovic Le Lay\.oracle_jre_usage 2024-06-10 12:03 - 2024-06-10 12:03 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\WinRAR 2024-06-10 12:03 - 2024-06-10 12:03 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-06-10 12:03 - 2024-06-10 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-06-10 12:03 - 2024-06-10 12:03 - 000000000 ____D C:\Program Files\WinRAR 2024-06-09 22:52 - 2024-06-09 22:52 - 000990128 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_STALOUR_4_2024.pdf 2024-06-09 22:46 - 2024-06-09 22:46 - 000993289 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_STALOUR_5_2024.pdf 2024-06-09 09:46 - 2024-06-09 09:46 - 000125236 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_CONNEMARA_5-2011.pdf 2024-06-09 09:45 - 2024-06-09 09:45 - 000152325 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_CONNEMARA_4-2013.pdf 2024-06-09 09:44 - 2024-06-09 09:44 - 000152441 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_LAURA-4-2013 (1).pdf 2024-06-09 09:44 - 2024-06-09 09:44 - 000136349 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_LAURA-5-2012.pdf 2024-06-08 15:06 - 2024-06-08 15:06 - 000163976 _____ C:\Users\Ludovic Le Lay\Downloads\20240607_IM_MR_776899554_TTTF110AA.pdf 2024-06-07 16:08 - 2024-06-07 16:08 - 000725281 _____ C:\Users\Ludovic Le Lay\Downloads\decision_effectif_st_alour2015 (1).pdf 2024-06-07 10:39 - 2024-06-07 10:39 - 000056269 _____ C:\Users\Ludovic Le Lay\Downloads\2024-AES013357-XYTSKG-20240130.pdf 2024-06-06 18:39 - 2024-06-06 18:39 - 000417691 _____ C:\Users\Ludovic Le Lay\Desktop\Analytique_HAB_31052024.pdf 2024-06-06 18:19 - 2024-06-06 18:19 - 000725281 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_ST_ALOUR2015.pdf 2024-06-06 18:18 - 2024-06-06 18:19 - 000161792 _____ C:\Users\Ludovic Le Lay\Downloads\Decision_Effectif_ST_ALOUR_2012 (1).pdf 2024-06-06 11:37 - 2024-06-06 11:37 - 003067621 _____ C:\Users\Ludovic Le Lay\Downloads\107XX_MB_Marine_Product_Guide_May2023_RevL_Web.pdf 2024-06-06 11:37 - 2024-06-06 11:37 - 002434845 _____ C:\Users\Ludovic Le Lay\Downloads\10707_6M33.2_Spec-Sheet_revD.pdf 2024-06-05 15:29 - 2024-06-05 15:29 - 002124707 _____ C:\Users\Ludovic Le Lay\Downloads\StALOUR2024.pdf 2024-06-05 15:15 - 2024-06-05 15:16 - 021046536 _____ C:\Users\Ludovic Le Lay\Downloads\D.U.E.R _Saint_ALOUR_2024_opt3.pdf 2024-06-05 15:11 - 2024-06-05 15:12 - 025468567 _____ C:\Users\Ludovic Le Lay\Downloads\D.U.E.R _Saint_ALOUR_2024_opt2.pdf 2024-06-05 15:10 - 2024-06-05 15:10 - 034351824 _____ C:\Users\Ludovic Le Lay\Downloads\D.U.E.R _Saint_ALOUR_2024_opt.pdf 2024-06-05 14:39 - 2024-06-05 14:39 - 034857892 _____ C:\Users\Ludovic Le Lay\Downloads\D.U.E.R _Saint_ALOUR_2024.pdf 2024-06-05 12:54 - 2024-06-05 12:54 - 000027546 _____ C:\Users\Ludovic Le Lay\Downloads\Compte_33121727714 (1).pdf 2024-06-03 18:14 - 2024-06-25 10:58 - 000806266 _____ C:\Users\Ludovic Le Lay\Desktop\Analytique 06-2024_Estimation_Revision.xlsx 2024-06-03 13:29 - 2024-06-03 13:29 - 000268342 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i24060307330.pdf 2024-05-30 13:54 - 2024-05-30 13:54 - 000046053 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i23041313270.pdf 2024-05-30 13:52 - 2024-05-30 13:52 - 000095873 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i23041313280.pdf 2024-05-30 12:51 - 2024-05-30 12:51 - 000029061 _____ C:\Users\Ludovic Le Lay\Downloads\GCFRD0005711460 (1).pdf 2024-05-30 12:51 - 2024-05-30 12:51 - 000000247 _____ C:\Users\Ludovic Le Lay\Downloads\account_activities_202404 (1).csv 2024-05-30 00:39 - 2024-05-30 00:39 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-05-30 00:38 - 2024-05-30 00:38 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-05-29 13:19 - 2024-05-29 13:19 - 000478443 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i24052207360.Zeendoc.pdf 2024-05-29 13:19 - 2024-05-29 13:19 - 000122364 _____ C:\Users\Ludovic Le Lay\Downloads\SKM_C3350i24052207360.pdf 2024-05-28 17:36 - 2024-05-28 17:36 - 000070331 _____ C:\Users\Ludovic Le Lay\Downloads\justificatif virement_HENT AR BUGALE_28_05_2024.pdf 2024-05-28 16:29 - 2024-05-28 16:29 - 000037890 _____ C:\Users\Ludovic Le Lay\Downloads\3036078702893046_payment.pdf 2024-05-28 15:19 - 2024-05-28 15:19 - 000037797 _____ C:\Users\Ludovic Le Lay\Downloads\3033339896033046_payment (1).pdf 2024-05-28 13:47 - 2024-05-28 13:47 - 000029061 _____ C:\Users\Ludovic Le Lay\Downloads\GCFRD0005711460.pdf 2024-05-28 13:46 - 2024-05-28 13:46 - 000028702 _____ C:\Users\Ludovic Le Lay\Downloads\GCFRD0005441183.pdf 2024-05-28 13:44 - 2024-05-28 13:44 - 000028936 _____ C:\Users\Ludovic Le Lay\Downloads\GCFRD0005730509.pdf 2024-05-28 13:42 - 2024-05-28 13:42 - 000029074 _____ C:\Users\Ludovic Le Lay\Downloads\GCFRD0006011352.pdf 2024-05-28 13:30 - 2024-05-28 13:30 - 000037896 _____ C:\Users\Ludovic Le Lay\Downloads\FA592216 (1).pdf 2024-05-28 13:29 - 2024-05-28 13:29 - 000038135 _____ C:\Users\Ludovic Le Lay\Downloads\FA592507 (1).pdf 2024-05-28 13:27 - 2024-05-28 13:27 - 000000247 _____ C:\Users\Ludovic Le Lay\Downloads\account_activities_202404.csv 2024-05-28 08:42 - 2024-05-28 08:42 - 000027546 _____ C:\Users\Ludovic Le Lay\Downloads\Compte_33121727714.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-06-27 13:27 - 2019-05-02 06:38 - 000000000 ___SD C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Credentials 2024-06-27 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-06-27 12:55 - 2019-05-02 13:51 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Excel 2024-06-27 12:35 - 2022-09-28 17:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-06-27 12:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2024-06-27 10:33 - 2022-09-28 17:52 - 001905844 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-06-27 10:33 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2024-06-27 10:29 - 2024-04-05 09:38 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\LogiOptionsPlus 2024-06-27 08:32 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-06-27 08:32 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-06-27 08:32 - 2019-05-02 11:24 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-06-26 12:16 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-06-26 09:55 - 2019-05-24 14:46 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\NitroSpoolDir 2024-06-26 09:54 - 2019-05-02 13:12 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Nitro 2024-06-26 09:47 - 2019-05-02 19:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-06-26 09:15 - 2019-07-31 16:44 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\Dropbox 2024-06-26 09:14 - 2019-07-31 16:44 - 000000000 ____D C:\Program Files (x86)\Dropbox 2024-06-24 13:07 - 2019-05-02 14:45 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\D3DSCache 2024-06-24 09:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-06-22 10:49 - 2019-05-02 10:54 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Word 2024-06-22 10:47 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-06-22 10:34 - 2024-05-23 10:39 - 000000000 ___RD C:\Users\Ludovic Le Lay\Downloads\Pack_Armateur_5.0 2024-06-22 10:34 - 2024-05-05 14:55 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\ApowerPDF 2024-06-22 10:34 - 2023-11-29 10:38 - 000000000 ___RD C:\Users\Ludovic Le Lay\iCloudDrive 2024-06-22 10:34 - 2023-09-15 11:14 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\Interpro Loctudy 2024-06-22 10:34 - 2022-12-08 11:23 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\HENT AR VAG 2024-06-22 10:34 - 2020-09-09 15:31 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\PLANS AR LAERES 2024-06-22 10:34 - 2020-09-09 09:50 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\CLE ADATA 2024-06-22 10:34 - 2020-01-23 16:13 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\Blocs-notes OneNote 2024-06-22 10:34 - 2020-01-17 12:07 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\Photos Flotte 2024-06-22 10:34 - 2019-05-05 16:56 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\Perso HAB 2024-06-22 10:34 - 2019-05-02 13:56 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\Modèles Office personnalisés 2024-06-22 10:34 - 2019-05-02 11:42 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\IT Support 2024-06-22 10:34 - 2015-06-01 16:45 - 000000000 ___RD C:\Users\Ludovic Le Lay\Documents\CONTENU CLE USB DOTATION B 2015 2024-06-22 10:32 - 2019-09-04 13:40 - 000000000 __SHD C:\Users\Ludovic Le Lay\IntelGraphicsProfiles 2024-06-22 10:32 - 2019-05-02 06:38 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Local\Packages 2024-06-22 10:32 - 2018-04-12 01:38 - 000000096 _____ C:\WINDOWS\win.ini 2024-06-22 10:31 - 2022-09-28 17:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-06-22 10:31 - 2022-09-28 17:42 - 000556240 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-06-22 10:31 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-06-22 10:31 - 2021-02-12 01:17 - 000041448 _____ C:\WINDOWS\system32\OV8865_REAR.aiqd 2024-06-22 10:31 - 2020-07-06 23:28 - 000012288 ___SH C:\DumpStack.log.tmp 2024-06-22 10:31 - 2019-07-31 16:45 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2024-06-22 10:31 - 2019-07-31 16:45 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2024-06-22 10:31 - 2019-05-17 17:32 - 000041448 _____ C:\WINDOWS\system32\OV7251_FRONT.aiqd 2024-06-22 10:31 - 2019-05-17 17:32 - 000041448 _____ C:\WINDOWS\system32\OV5693_FRONT.aiqd 2024-06-22 10:31 - 2018-12-21 04:59 - 000000000 ____D C:\Intel 2024-06-22 10:30 - 2023-09-28 03:02 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-06-22 10:30 - 2022-09-28 17:50 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3857086022-1456609864-141427266-1001 2024-06-22 10:30 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-06-22 10:30 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-06-22 10:30 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-06-22 10:25 - 2020-07-04 20:34 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-06-21 14:40 - 2021-03-31 14:59 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Teams 2024-06-21 14:16 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-06-21 14:03 - 2022-09-28 17:45 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-06-21 13:55 - 2019-05-02 09:42 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-06-21 13:51 - 2019-05-02 09:42 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-06-20 09:48 - 2022-09-28 17:50 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2024-06-20 09:48 - 2022-09-28 17:50 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2024-06-18 07:50 - 2024-03-20 15:24 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-06-17 12:55 - 2022-10-21 17:58 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-06-17 12:55 - 2022-09-28 17:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-06-14 00:58 - 2019-07-31 16:46 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Dropbox 2024-06-13 16:47 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-06-13 16:40 - 2024-03-23 15:29 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2024-06-13 09:14 - 2022-09-28 17:43 - 000000000 ____D C:\Users\Ludovic Le Lay 2024-06-12 11:38 - 2019-05-02 06:54 - 000000000 ____D C:\ProgramData\Packages 2024-06-10 15:25 - 2019-05-02 14:29 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Signatures 2024-06-10 15:19 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-06-10 14:29 - 2020-02-21 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft 2024-06-10 14:29 - 2020-02-21 11:13 - 000000000 ____D C:\Program Files (x86)\Apowersoft 2024-06-10 14:27 - 2021-01-22 13:25 - 000000000 ____D C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2024-06-10 14:25 - 2020-02-11 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995 2024-06-10 14:25 - 2020-02-11 09:30 - 000000000 ____D C:\Program Files (x86)\pdf995 2024-06-10 14:25 - 2018-10-30 13:07 - 000000000 ____D C:\ProgramData\Package Cache 2024-06-10 14:24 - 2021-07-13 08:43 - 000000070 _____ C:\WINDOWS\RP121032.ini 2024-06-10 14:24 - 2021-07-13 08:43 - 000000000 ____D C:\Program Files (x86)\Caterpillar Inc 2024-06-10 12:16 - 2022-09-28 17:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2024-06-08 10:38 - 2022-09-28 17:50 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-06-08 10:38 - 2022-09-28 17:50 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-06-05 11:31 - 2018-10-30 12:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-05-30 13:55 - 2024-03-28 20:27 - 000002469 _____ C:\Users\Ludovic Le Lay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk 2024-05-30 03:06 - 2022-05-07 12:16 - 000000000 ____D C:\WINDOWS\InboxApps 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-05-30 03:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-05-30 03:06 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing 2024-05-30 00:43 - 2022-05-07 12:16 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2024-05-30 00:43 - 2022-05-07 12:16 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2024-05-30 00:43 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2024-05-30 00:43 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll ==================== Files in the root of some directories ======== 2024-06-10 12:16 - 2024-06-10 12:16 - 003211264 _____ (as) C:\ProgramData\GCAFCAFHJJ.exe 2023-12-28 15:46 - 2023-12-28 15:46 - 000001517 _____ () C:\Users\Ludovic Le Lay\AppData\Local\recently-used.xbel 2021-05-10 08:15 - 2021-05-10 08:15 - 000000000 _____ () C:\Users\Ludovic Le Lay\AppData\Local\{FEBDCCBC-C128-4895-B642-F09E439CE0CD} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================