Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Exécuté par Emilien (administrateur) sur DESKTOP-UHO3APJ (09-11-2023 13:58:55)
Exécuté depuis C:\Users\Emilien\Desktop\FRST64.exe
Profils chargés: Emilien
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIVBE.EXE
(explorer.exe ->) (TP-Link Technologies Co., Ltd) [Fichier non signé] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Emilien\AppData\Local\Mozilla Firefox\firefox.exe <17>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [WPSTool] => C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe [1891840 2018-01-30] (TP-Link Technologies Co., Ltd) [Fichier non signé]
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVBE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVBE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVBE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\MountPoints2: {d8894004-c3c7-11eb-b706-5404a6a51cf8} - "E:\AutoRun.exe"
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\MountPoints2: {f5a3efe1-1e48-11ed-b71f-5404a6a51cf8} - "J:\Startme.exe"
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\WINDOWS\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON XP-352 355 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVBE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9B2A18C1-FDD2-4BC3-9845-D20D7E1FA03B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {500A0BD9-401B-4613-A57D-7D1883DB2004} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD4C74B8-19C5-48AE-BCA9-AFD2F9808D90} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e03e9baf-699d-48f3-9c40-3ccd9d9ff292" --version "6.16.10662" --silent
Task: {42F6FD39-30A8-4B19-99AF-46AB7EC2F6E2} - System32\Tasks\CCleanerSkipUAC - Emilien => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C90576CC-FE16-4061-8007-D665A4A15113} - System32\Tasks\EPSON XP-352 355 Series Update {2025CAEA-6435-4722-9DE3-9CE6A76BEFDD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {A20EAC29-D4E3-4C99-8FAE-5CF6A41C60FF} - System32\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {63F63E5B-03BE-4253-9086-2FA152D42C3D} - System32\Tasks\EPSON XP-352 355 Series Update {CE5BD7AE-D4DA-437C-AFCE-7F5F2DB53E29} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {12387C32-6693-4395-8010-DAAA14D9DE37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2B2B256-A6B6-499A-9708-C2E24C4F6F89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B941C89-00E2-422C-937A-E43AA620B6DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2CE35C66-120A-4A1F-AD88-B591625F57FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7E32EE4-8856-42D0-B437-1A2867A993E4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9548E592F56D3298 => C:\Users\Emilien\AppData\Local\Mozilla Firefox\default-browser-agent.exe [680352 2023-11-09] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {2025CAEA-6435-4722-9DE3-9CE6A76BEFDD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE:/EXE:{2025CAEA-6435-4722-9DE3-9CE6A76BEFDD} /F:UpdateWORKGROUP\DESKTOP-UHO3APJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE:/EXE:{9479E092-796C-4C6D-99C6-59F904A0373C} /F:UpdateWORKGROUP\DESKTOP-UHO3APJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {CE5BD7AE-D4DA-437C-AFCE-7F5F2DB53E29}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE:/EXE:{CE5BD7AE-D4DA-437C-AFCE-7F5F2DB53E29} /F:UpdateWORKGROUP\DESKTOP-UHO3APJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{22962f8d-74be-4794-a8b3-7b9445f5265a}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{2b065dbc-f11a-447c-a035-ba20b853262c}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{3074b402-673b-4031-b203-8a4a8ff122ba}: [DhcpNameServer] 192.168.223.91
Edge:
=======
Edge Profile: C:\Users\Emilien\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Emilien\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-05]
FireFox:
========
FF DefaultProfile: anrz4wsq.default
FF ProfilePath: C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\ght8e8pm.default-release-1 [2023-11-07]
FF ProfilePath: C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\anrz4wsq.default [2020-11-19]
FF ProfilePath: C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\y9mcwu8s.default-release-1606490344462 [2023-11-09]
FF DownloadDir: C:\Users\Emilien\Desktop
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\y9mcwu8s.default-release-1606490344462\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-11-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-10-06] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-06] (Microsoft Corporation) [Fichier non signé]
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12152784 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [328784 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-09 13:58 - 2023-11-09 13:59 - 000014427 _____ C:\Users\Emilien\Desktop\FRST.txt
2023-11-09 13:58 - 2023-11-09 13:58 - 002383872 _____ (Farbar) C:\Users\Emilien\Desktop\FRST64.exe
2023-11-09 13:53 - 2023-11-09 13:53 - 000127221 _____ C:\Users\Emilien\Desktop\ZHPDiag.txt
2023-11-09 13:42 - 2023-11-09 13:43 - 003512992 _____ (Nicolas Coolman) C:\Users\Emilien\Desktop\ZHPSuite.exe
2023-11-09 12:24 - 2023-11-09 12:35 - 000000000 ____D C:\Users\Emilien\AppData\Local\Mozilla Firefox
2023-11-07 18:51 - 2023-11-07 18:51 - 000842290 _____ C:\Users\Emilien\Desktop\26_2023_ZDiois370_231107-1.pdf
2023-10-17 13:50 - 2023-10-18 16:57 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C}.job
2023-10-17 13:50 - 2023-10-17 13:50 - 000004156 _____ C:\WINDOWS\system32\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C}
2023-10-17 13:42 - 2023-10-17 13:42 - 000000000 ____D C:\Program Files\EpsonNet
2023-10-16 19:09 - 2023-10-16 19:09 - 000000000 ____D C:\Users\Emilien\AppData\Local\Backup
2023-10-12 09:53 - 2023-10-12 09:53 - 000000000 ____D C:\ProgramData\PLUG
2023-10-12 08:50 - 2023-10-12 08:50 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-12 08:39 - 2023-10-12 08:39 - 000000000 ___HD C:\$WinREAgent
2023-10-12 08:16 - 2023-10-12 08:16 - 000000000 ____D C:\Program Files\RUXIM
2023-10-08 10:55 - 2023-10-08 10:55 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-09 13:59 - 2022-04-25 10:59 - 000000000 ____D C:\FRST
2023-11-09 13:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-09 13:53 - 2022-04-25 10:45 - 000000000 ____D C:\Users\Emilien\AppData\Roaming\ZHP
2023-11-09 13:44 - 2020-11-27 16:02 - 000000000 ____D C:\Users\Emilien\Documents\Exploitation
2023-11-09 13:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-09 13:12 - 2022-04-26 11:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-09 12:36 - 2022-02-12 21:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-09 12:35 - 2020-11-19 20:39 - 000001290 _____ C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-09 12:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-09 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-09 12:25 - 2022-04-26 11:14 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4B1A7EDC-466C-46E0-8754-935CB7C77BCB}
2023-11-09 12:22 - 2022-04-26 11:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-07 19:49 - 2022-05-10 20:54 - 000000000 ____D C:\Users\Emilien\AppData\Local\CrashDumps
2023-11-07 19:49 - 2022-01-25 10:49 - 000000000 ____D C:\Users\Emilien\Documents\CCleaner
2023-11-07 19:48 - 2021-02-07 08:40 - 000000000 ____D C:\Program Files\CCleaner
2023-11-07 10:17 - 2020-11-19 01:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 08:57 - 2020-11-19 01:42 - 000000000 ____D C:\Users\Emilien\AppData\Local\Packages
2023-11-06 08:40 - 2022-04-26 11:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4226206055-29921812-3605555670-1001
2023-11-06 08:40 - 2022-04-26 11:14 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4226206055-29921812-3605555670-1001
2023-11-06 08:40 - 2022-04-26 11:09 - 000002434 _____ C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-06 08:31 - 2020-11-19 21:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-04 13:15 - 2022-04-26 11:08 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-31 16:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-31 15:40 - 2022-04-26 11:29 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-31 15:40 - 2022-04-26 11:29 - 000003594 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d859563a03b29e
2023-10-24 09:20 - 2022-04-26 11:16 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-24 09:20 - 2019-12-07 15:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-24 09:20 - 2019-12-07 15:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-24 09:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-10-24 09:15 - 2022-04-26 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-24 09:15 - 2021-01-02 10:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-24 09:15 - 2020-11-26 21:59 - 000000153 _____ C:\config.ini
2023-10-24 09:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-23 07:50 - 2022-10-13 19:08 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-23 07:50 - 2022-04-26 11:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:58 - 2022-04-24 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-10-17 13:58 - 2022-04-24 12:29 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2023-10-17 13:52 - 2022-04-24 12:29 - 000000000 ____D C:\ProgramData\EPSON
2023-10-12 09:53 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-12 09:50 - 2022-04-26 11:08 - 000481008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-12 09:48 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-12 09:48 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-12 09:48 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-10-12 09:48 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-12 09:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-12 08:59 - 2019-12-07 15:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-12 08:59 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-12 08:59 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-12 08:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-12 08:51 - 2020-11-19 01:23 - 000416278 __RSH C:\bootmgr
2023-10-12 08:49 - 2022-04-26 11:08 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-12 08:32 - 2020-11-19 21:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-12 08:29 - 2020-11-19 21:05 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2023-01-27 16:44 - 2023-03-20 10:27 - 312945264 _____ (CANON INC.) C:\Program Files\dppw4.17.20-installer.exe
2020-11-27 16:02 - 2020-10-01 10:35 - 002041448 _____ (Malwarebytes) C:\Program Files\MBSetup.exe
2023-02-13 16:52 - 2023-05-07 17:06 - 000000574 _____ () C:\Users\Emilien\AppData\Roaming\logfly.log
2023-05-07 17:06 - 2023-05-07 17:06 - 000000286 _____ () C:\Users\Emilien\AppData\Roaming\logfly.log.1
2023-02-10 10:31 - 2023-02-10 10:32 - 000000942 _____ () C:\Users\Emilien\AppData\Roaming\logfly.properties
2023-02-09 11:37 - 2023-02-09 11:37 - 000001729 _____ () C:\Users\Emilien\AppData\Local\recently-used.xbel
2022-01-12 10:01 - 2023-02-10 11:04 - 000007605 _____ () C:\Users\Emilien\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2023-02-10 10:03 - 2023-02-13 16:59 - 000159764 _____ C:\WINDOWS\FlyChart Uninstaller.exe
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2023-11-09 13:58 - 2023-11-09 13:58 - 002383872 _____ (Farbar) C:\Users\Emilien\Desktop\FRST64.exe
2022-05-10 18:52 - 2022-05-10 18:52 - 004833792 _____ (Geza Kovacs) C:\Users\Emilien\Desktop\unetbootin-windows-677.exe
2023-11-09 13:42 - 2023-11-09 13:43 - 003512992 _____ (Nicolas Coolman) C:\Users\Emilien\Desktop\ZHPSuite.exe
2021-12-20 13:49 - 2021-12-20 13:50 - 054180104 _____ C:\Users\Emilien\Downloads\RiseupVPN-win-latest.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {184a604c-c551-11ec-bb80-ec67df7ec0be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {d67d66e8-c548-11ec-b717-ab3760553fd3}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {184a604c-c551-11ec-bb80-ec67df7ec0be}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {d67d66e8-c548-11ec-b717-ab3760553fd3}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{d67d66e9-c548-11ec-b717-ab3760553fd3}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{d67d66e9-c548-11ec-b717-ab3760553fd3}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {184a604c-c551-11ec-bb80-ec67df7ec0be}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {d67d66e8-c548-11ec-b717-ab3760553fd3}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {d67d66e9-c548-11ec-b717-ab3760553fd3}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Emilien (administrateur) sur DESKTOP-UHO3APJ (09-11-2023 13:58:55)
Exécuté depuis C:\Users\Emilien\Desktop\FRST64.exe
Profils chargés: Emilien
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIVBE.EXE
(explorer.exe ->) (TP-Link Technologies Co., Ltd) [Fichier non signé] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Emilien\AppData\Local\Mozilla Firefox\firefox.exe <17>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [WPSTool] => C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe [1891840 2018-01-30] (TP-Link Technologies Co., Ltd) [Fichier non signé]
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVBE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVBE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVBE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\MountPoints2: {d8894004-c3c7-11eb-b706-5404a6a51cf8} - "E:\AutoRun.exe"
HKU\S-1-5-21-4226206055-29921812-3605555670-1001\...\MountPoints2: {f5a3efe1-1e48-11ed-b71f-5404a6a51cf8} - "J:\Startme.exe"
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\WINDOWS\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON XP-352 355 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVBE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9B2A18C1-FDD2-4BC3-9845-D20D7E1FA03B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {500A0BD9-401B-4613-A57D-7D1883DB2004} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD4C74B8-19C5-48AE-BCA9-AFD2F9808D90} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e03e9baf-699d-48f3-9c40-3ccd9d9ff292" --version "6.16.10662" --silent
Task: {42F6FD39-30A8-4B19-99AF-46AB7EC2F6E2} - System32\Tasks\CCleanerSkipUAC - Emilien => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C90576CC-FE16-4061-8007-D665A4A15113} - System32\Tasks\EPSON XP-352 355 Series Update {2025CAEA-6435-4722-9DE3-9CE6A76BEFDD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {A20EAC29-D4E3-4C99-8FAE-5CF6A41C60FF} - System32\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {63F63E5B-03BE-4253-9086-2FA152D42C3D} - System32\Tasks\EPSON XP-352 355 Series Update {CE5BD7AE-D4DA-437C-AFCE-7F5F2DB53E29} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {12387C32-6693-4395-8010-DAAA14D9DE37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2B2B256-A6B6-499A-9708-C2E24C4F6F89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B941C89-00E2-422C-937A-E43AA620B6DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2CE35C66-120A-4A1F-AD88-B591625F57FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7E32EE4-8856-42D0-B437-1A2867A993E4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9548E592F56D3298 => C:\Users\Emilien\AppData\Local\Mozilla Firefox\default-browser-agent.exe [680352 2023-11-09] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {2025CAEA-6435-4722-9DE3-9CE6A76BEFDD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE:/EXE:{2025CAEA-6435-4722-9DE3-9CE6A76BEFDD} /F:UpdateWORKGROUP\DESKTOP-UHO3APJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE:/EXE:{9479E092-796C-4C6D-99C6-59F904A0373C} /F:UpdateWORKGROUP\DESKTOP-UHO3APJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {CE5BD7AE-D4DA-437C-AFCE-7F5F2DB53E29}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVBE.EXE:/EXE:{CE5BD7AE-D4DA-437C-AFCE-7F5F2DB53E29} /F:UpdateWORKGROUP\DESKTOP-UHO3APJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{22962f8d-74be-4794-a8b3-7b9445f5265a}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{2b065dbc-f11a-447c-a035-ba20b853262c}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{3074b402-673b-4031-b203-8a4a8ff122ba}: [DhcpNameServer] 192.168.223.91
Edge:
=======
Edge Profile: C:\Users\Emilien\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Emilien\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-05]
FireFox:
========
FF DefaultProfile: anrz4wsq.default
FF ProfilePath: C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\ght8e8pm.default-release-1 [2023-11-07]
FF ProfilePath: C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\anrz4wsq.default [2020-11-19]
FF ProfilePath: C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\y9mcwu8s.default-release-1606490344462 [2023-11-09]
FF DownloadDir: C:\Users\Emilien\Desktop
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\y9mcwu8s.default-release-1606490344462\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-11-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-10-06] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-06] (Microsoft Corporation) [Fichier non signé]
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12152784 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [328784 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-09 13:58 - 2023-11-09 13:59 - 000014427 _____ C:\Users\Emilien\Desktop\FRST.txt
2023-11-09 13:58 - 2023-11-09 13:58 - 002383872 _____ (Farbar) C:\Users\Emilien\Desktop\FRST64.exe
2023-11-09 13:53 - 2023-11-09 13:53 - 000127221 _____ C:\Users\Emilien\Desktop\ZHPDiag.txt
2023-11-09 13:42 - 2023-11-09 13:43 - 003512992 _____ (Nicolas Coolman) C:\Users\Emilien\Desktop\ZHPSuite.exe
2023-11-09 12:24 - 2023-11-09 12:35 - 000000000 ____D C:\Users\Emilien\AppData\Local\Mozilla Firefox
2023-11-07 18:51 - 2023-11-07 18:51 - 000842290 _____ C:\Users\Emilien\Desktop\26_2023_ZDiois370_231107-1.pdf
2023-10-17 13:50 - 2023-10-18 16:57 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C}.job
2023-10-17 13:50 - 2023-10-17 13:50 - 000004156 _____ C:\WINDOWS\system32\Tasks\EPSON XP-352 355 Series Update {9479E092-796C-4C6D-99C6-59F904A0373C}
2023-10-17 13:42 - 2023-10-17 13:42 - 000000000 ____D C:\Program Files\EpsonNet
2023-10-16 19:09 - 2023-10-16 19:09 - 000000000 ____D C:\Users\Emilien\AppData\Local\Backup
2023-10-12 09:53 - 2023-10-12 09:53 - 000000000 ____D C:\ProgramData\PLUG
2023-10-12 08:50 - 2023-10-12 08:50 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-12 08:39 - 2023-10-12 08:39 - 000000000 ___HD C:\$WinREAgent
2023-10-12 08:16 - 2023-10-12 08:16 - 000000000 ____D C:\Program Files\RUXIM
2023-10-08 10:55 - 2023-10-08 10:55 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-09 13:59 - 2022-04-25 10:59 - 000000000 ____D C:\FRST
2023-11-09 13:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-09 13:53 - 2022-04-25 10:45 - 000000000 ____D C:\Users\Emilien\AppData\Roaming\ZHP
2023-11-09 13:44 - 2020-11-27 16:02 - 000000000 ____D C:\Users\Emilien\Documents\Exploitation
2023-11-09 13:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-09 13:12 - 2022-04-26 11:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-09 12:36 - 2022-02-12 21:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-09 12:35 - 2020-11-19 20:39 - 000001290 _____ C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-09 12:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-09 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-09 12:25 - 2022-04-26 11:14 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4B1A7EDC-466C-46E0-8754-935CB7C77BCB}
2023-11-09 12:22 - 2022-04-26 11:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-07 19:49 - 2022-05-10 20:54 - 000000000 ____D C:\Users\Emilien\AppData\Local\CrashDumps
2023-11-07 19:49 - 2022-01-25 10:49 - 000000000 ____D C:\Users\Emilien\Documents\CCleaner
2023-11-07 19:48 - 2021-02-07 08:40 - 000000000 ____D C:\Program Files\CCleaner
2023-11-07 10:17 - 2020-11-19 01:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 08:57 - 2020-11-19 01:42 - 000000000 ____D C:\Users\Emilien\AppData\Local\Packages
2023-11-06 08:40 - 2022-04-26 11:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4226206055-29921812-3605555670-1001
2023-11-06 08:40 - 2022-04-26 11:14 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4226206055-29921812-3605555670-1001
2023-11-06 08:40 - 2022-04-26 11:09 - 000002434 _____ C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-06 08:31 - 2020-11-19 21:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-04 13:15 - 2022-04-26 11:08 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-31 16:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-31 15:40 - 2022-04-26 11:29 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-31 15:40 - 2022-04-26 11:29 - 000003594 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d859563a03b29e
2023-10-24 09:20 - 2022-04-26 11:16 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-24 09:20 - 2019-12-07 15:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-24 09:20 - 2019-12-07 15:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-24 09:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-10-24 09:15 - 2022-04-26 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-24 09:15 - 2021-01-02 10:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-24 09:15 - 2020-11-26 21:59 - 000000153 _____ C:\config.ini
2023-10-24 09:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-23 07:50 - 2022-10-13 19:08 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-23 07:50 - 2022-04-26 11:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:58 - 2022-04-24 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-10-17 13:58 - 2022-04-24 12:29 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2023-10-17 13:52 - 2022-04-24 12:29 - 000000000 ____D C:\ProgramData\EPSON
2023-10-12 09:53 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-12 09:50 - 2022-04-26 11:08 - 000481008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-12 09:48 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-12 09:48 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-12 09:48 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-10-12 09:48 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-12 09:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-12 09:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-12 08:59 - 2019-12-07 15:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-12 08:59 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-12 08:59 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-12 08:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-12 08:51 - 2020-11-19 01:23 - 000416278 __RSH C:\bootmgr
2023-10-12 08:49 - 2022-04-26 11:08 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-12 08:32 - 2020-11-19 21:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-12 08:29 - 2020-11-19 21:05 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2023-01-27 16:44 - 2023-03-20 10:27 - 312945264 _____ (CANON INC.) C:\Program Files\dppw4.17.20-installer.exe
2020-11-27 16:02 - 2020-10-01 10:35 - 002041448 _____ (Malwarebytes) C:\Program Files\MBSetup.exe
2023-02-13 16:52 - 2023-05-07 17:06 - 000000574 _____ () C:\Users\Emilien\AppData\Roaming\logfly.log
2023-05-07 17:06 - 2023-05-07 17:06 - 000000286 _____ () C:\Users\Emilien\AppData\Roaming\logfly.log.1
2023-02-10 10:31 - 2023-02-10 10:32 - 000000942 _____ () C:\Users\Emilien\AppData\Roaming\logfly.properties
2023-02-09 11:37 - 2023-02-09 11:37 - 000001729 _____ () C:\Users\Emilien\AppData\Local\recently-used.xbel
2022-01-12 10:01 - 2023-02-10 11:04 - 000007605 _____ () C:\Users\Emilien\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2023-02-10 10:03 - 2023-02-13 16:59 - 000159764 _____ C:\WINDOWS\FlyChart Uninstaller.exe
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2023-11-09 13:58 - 2023-11-09 13:58 - 002383872 _____ (Farbar) C:\Users\Emilien\Desktop\FRST64.exe
2022-05-10 18:52 - 2022-05-10 18:52 - 004833792 _____ (Geza Kovacs) C:\Users\Emilien\Desktop\unetbootin-windows-677.exe
2023-11-09 13:42 - 2023-11-09 13:43 - 003512992 _____ (Nicolas Coolman) C:\Users\Emilien\Desktop\ZHPSuite.exe
2021-12-20 13:49 - 2021-12-20 13:50 - 054180104 _____ C:\Users\Emilien\Downloads\RiseupVPN-win-latest.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {184a604c-c551-11ec-bb80-ec67df7ec0be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {d67d66e8-c548-11ec-b717-ab3760553fd3}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {184a604c-c551-11ec-bb80-ec67df7ec0be}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {d67d66e8-c548-11ec-b717-ab3760553fd3}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{d67d66e9-c548-11ec-b717-ab3760553fd3}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{d67d66e9-c548-11ec-b717-ab3760553fd3}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {184a604c-c551-11ec-bb80-ec67df7ec0be}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {d67d66e8-c548-11ec-b717-ab3760553fd3}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {d67d66e9-c548-11ec-b717-ab3760553fd3}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================