cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Exécuté par GUERRA Dominique (administrateur) sur I (Acer Aspire XC-704) (24-04-2021 19:04:28)
Exécuté depuis C:\Users\GUERRA Dominique\Desktop
Profils chargés: GUERRA Dominique
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2019-09-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [Chromium] => "c:\users\guerra dominique\appdata\local\chromium\application\chrome.exe" --profile-directory="Default" --auto-launch-at-startup --restore-last-session
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Uninstall 21.052.0314.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\21.052.0314.0001\amd64"
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Uninstall 21.052.0314.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\21.052.0314.0001"

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {01BB296E-EA00-47CE-99C1-BBBDF50B90C9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9401F07F2637B987 => C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {37DCD910-EDE1-4ABB-8156-0D4E51B958D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43F85E31-5615-4393-A378-AAE57B0ED251} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {488F9A4D-93A2-4560-B6B8-8AADA85D9F53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {804865BE-43EF-4FE1-8788-1524FA01C798} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {854C5F00-02FE-4EBC-8386-D213B8E3203F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {948055BF-F228-44BD-A9C2-72F3A8CD1D18} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {CD4009CC-4D25-4781-A7E5-9B6DE670DA64} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {ECB91497-DAA4-464B-8038-3608F08B7547} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {EDD83229-4CBB-4E4D-908B-4A95FE00763E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0830f34f-c121-458b-867c-4286026e04c8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8142e943-ba33-482b-a08e-a6827f1e0c3c}: [DhcpNameServer] 10.1.93.93 10.1.93.52

Edge:
=======
DownloadDir: C:\Users\GUERRA Dominique\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxp://google.fr/
Edge Notifications: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://www.phonandroid.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\GUERRA Dominique\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-24]
Edge HomePage: Default -> hxxp://acer15.msn.com/?pc=ACTE
Edge StartupUrls: Default -> "hxxps://www.echosdunet.net/dossiers/promotions-operateurs","hxxps://www.msn.com/fr-fr/?cobrand=acer15.msn.com&ocid=ACERDHP15&pc=ACTE"
Edge Profile: C:\Users\GUERRA Dominique\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-04-24]

FireFox:
========
FF DefaultProfile: xdtly1f1.default
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\fsjiahjz.default-release [2021-04-24]
FF Homepage: Mozilla\Firefox\Profiles\fsjiahjz.default-release -> google.fr
FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\fsjiahjz.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-04-20]
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\ztuewa6y.default-esr [2021-04-24]
FF Homepage: Mozilla\Firefox\Profiles\ztuewa6y.default-esr -> google.fr
FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\ztuewa6y.default-esr\Extensions\uBlock0@raymondhill.net.xpi [2021-04-22]
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default [2021-04-21]
FF Extension: (العربية Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ar@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Български Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-bg@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Dansk (da) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-da@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Ελληνικά Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-el@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (English (US) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Español (España) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Estonian Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-et@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Finnish Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-fi@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Français Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-he@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-hu@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-it@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Japanese Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ja@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Korean (KR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ko@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Lietuvių Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-lt@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Norsk bokmål (NO) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-nb-NO@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Polski Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Português (pt-BR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Português (Europeu) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pt-PT@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Russian (RU) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ru@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sl@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (српски (sr) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sr@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (ไทย Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-th@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Türkçe (TR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Ukrainian (UA) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-uk@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-zh-CN@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2019-09-27]
FF SearchPlugin: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\searchplugins\Yahoo powered search.xml [2020-05-04]
FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-22] [non signé]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)

Chrome:
=======
CHR Profile: C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default [2021-04-21]
CHR Extension: (Slides) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-19]
CHR Extension: (Docs) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-19]
CHR Extension: (Google Drive) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Sheets) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-17]
CHR Extension: (Ocean) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2021-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-17]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860248 2015-09-30] (Acer Incorporated -> Acer Incorporated)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-12] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-24 19:04 - 2021-04-24 19:06 - 000022239 _____ C:\Users\GUERRA Dominique\Desktop\FRST.txt
2021-04-24 19:03 - 2021-04-24 19:05 - 000000000 ____D C:\FRST
2021-04-24 19:03 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe
2021-04-24 19:02 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Downloads\FRST64.exe
2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPSuite.exe
2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe
2021-04-24 18:25 - 2021-04-24 18:55 - 000265298 _____ C:\Users\GUERRA Dominique\Desktop\ZHPDiag.txt
2021-04-24 18:08 - 2021-04-24 18:08 - 000009044 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (R).html
2021-04-24 18:08 - 2021-04-24 18:08 - 000002735 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (R).txt
2021-04-24 18:00 - 2021-04-24 18:00 - 000008741 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (S).html
2021-04-24 18:00 - 2021-04-24 18:00 - 000002541 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (S).txt
2021-04-22 11:24 - 2021-04-22 11:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-21 17:39 - 2021-04-21 17:39 - 000000784 _____ C:\Users\GUERRA Dominique\Desktop\Bureau - Raccourci.lnk
2021-04-21 13:08 - 2021-04-21 13:08 - 077332480 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-21 12:56 - 2021-04-21 13:07 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-21 12:10 - 2021-04-24 18:36 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\jml
2021-04-21 12:09 - 2021-04-21 12:09 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-21 11:50 - 2021-04-24 17:30 - 000000000 ____D C:\Program Files\CCleaner
2021-04-21 11:50 - 2021-04-21 11:51 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-21 11:50 - 2021-04-21 11:50 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-04-21 11:50 - 2021-04-21 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-04-21 11:48 - 2021-04-21 11:48 - 031273232 _____ (Piriform Software Ltd) C:\Users\GUERRA Dominique\Downloads\ccsetup578.exe
2021-04-21 09:48 - 2021-04-21 09:48 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\clear.fi
2021-04-20 17:30 - 2021-04-20 17:30 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe
2021-04-20 17:28 - 2021-04-24 17:35 - 000000893 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner.lnk
2021-04-20 17:27 - 2021-04-20 17:27 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\zhpcleaner_2021-4-11-290_fr_433513.exe
2021-04-20 16:51 - 2021-04-20 16:51 - 003274392 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe
2021-04-18 17:48 - 2021-04-18 17:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-18 11:42 - 2021-04-18 11:42 - 000000000 ___RD C:\Users\GUERRA Dominique\Documents\Scanned Documents
2021-04-16 16:23 - 2021-04-16 16:23 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 16:22 - 2021-04-16 16:22 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 16:22 - 2021-04-16 16:22 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-06 16:35 - 2021-04-17 18:25 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier (2)
2021-04-04 21:48 - 2021-04-04 21:48 - 000001216 _____ C:\Users\GUERRA Dominique\Desktop\SavedPictures - Raccourci.lnk
2021-04-04 21:48 - 2021-04-04 21:48 - 000001195 _____ C:\Users\GUERRA Dominique\Desktop\CameraRoll - Raccourci (2).lnk
2021-04-04 21:48 - 2021-04-04 21:48 - 000001177 _____ C:\Users\GUERRA Dominique\Desktop\Images - Raccourci.lnk
2021-04-04 17:11 - 2021-04-04 17:32 - 000000000 ____D C:\ryvieraz.o.com
2021-04-03 15:27 - 2021-04-03 15:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-04-03 15:26 - 2021-04-03 15:26 - 000000000 ____D C:\ProgramData\Apple
2021-04-03 11:24 - 2021-04-22 11:28 - 000001317 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-03 11:23 - 2021-04-03 11:24 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox
2021-04-03 11:16 - 2021-04-03 11:16 - 000000000 ____D C:\Users\Public\File Viewer Plus
2021-04-02 21:15 - 2020-07-31 15:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-27 14:38 - 2021-04-22 11:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-24 16:51 - 2021-03-24 16:51 - 000001017 _____ C:\Users\GUERRA Dominique\Desktop\Vidéos - Raccourci (2).lnk
2021-03-24 16:42 - 2021-03-24 16:42 - 000001195 _____ C:\Users\GUERRA Dominique\Desktop\CameraRoll - Raccourci.lnk
2021-03-19 16:43 - 2021-03-19 16:43 - 000000738 _____ C:\Users\GUERRA Dominique\GUERRA Dominique.lnk
2021-03-17 16:41 - 2021-03-17 16:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-17 16:41 - 2021-03-17 16:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-17 16:40 - 2021-03-17 16:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-17 16:39 - 2021-03-17 16:39 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-17 16:39 - 2021-03-17 16:39 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-17 16:38 - 2021-03-17 16:38 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-17 16:37 - 2021-03-17 16:37 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-17 16:36 - 2021-03-17 16:36 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe
2021-02-19 17:05 - 2021-02-19 17:05 - 000000969 _____ C:\Users\GUERRA Dominique\Desktop\DMC-FZ200 - Raccourci.lnk
2021-02-12 21:00 - 2021-02-12 21:00 - 000000809 _____ C:\Users\GUERRA Dominique\Desktop\Images - Raccourci (2).lnk
2021-02-12 17:46 - 2021-04-20 16:52 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ZHP

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-24 18:55 - 2020-05-14 18:41 - 000000135 _____ C:\Users\GUERRA
2021-04-24 18:55 - 2020-05-13 18:08 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\ZHP
2021-04-24 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-24 18:09 - 2019-06-16 23:35 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Mozilla
2021-04-24 18:09 - 2015-07-16 06:20 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-24 17:32 - 2020-06-27 11:39 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-24 17:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-24 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-24 17:30 - 2020-11-13 22:20 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4178424111-3086846748-1683071943-1001
2021-04-24 17:30 - 2018-04-30 17:32 - 000000000 ___RD C:\Users\GUERRA Dominique\OneDrive
2021-04-24 17:29 - 2020-11-13 21:55 - 000002445 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-24 17:27 - 2019-09-27 12:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-24 17:27 - 2018-04-30 17:27 - 000000000 __SHD C:\Users\GUERRA Dominique\IntelGraphicsProfiles
2021-04-22 11:28 - 2019-10-01 20:42 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-22 11:28 - 2019-10-01 20:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-21 17:37 - 2019-10-02 08:21 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\vlc
2021-04-21 13:48 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-04-21 13:42 - 2019-09-27 12:45 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Packages
2021-04-21 13:38 - 2020-11-13 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-21 12:15 - 2020-11-13 22:06 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-21 12:15 - 2019-12-07 16:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-21 12:15 - 2019-12-07 16:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-21 12:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-21 12:14 - 2020-11-04 17:25 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-21 12:14 - 2020-04-25 18:14 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CrashDumps
2021-04-21 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-21 12:09 - 2020-11-13 22:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-21 12:08 - 2020-11-13 21:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-21 11:55 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-20 17:50 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files (x86)\Acer
2021-04-20 17:48 - 2015-07-16 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2021-04-20 17:46 - 2020-06-19 23:26 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-17 17:59 - 2019-09-27 12:57 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\PlaceholderTileLogoFolder
2021-04-17 11:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 15:38 - 2019-09-28 18:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 15:32 - 2019-09-28 18:51 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 10:55 - 2019-09-27 12:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-09 17:05 - 2020-11-13 21:49 - 000472408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-05 11:45 - 2020-02-09 23:57 - 000000000 ____D C:\Users\GUERRA Dominique\Documents\Fax
2021-04-04 21:21 - 2020-03-21 18:05 - 000000000 ___RD C:\Bureau
2021-04-04 17:16 - 2020-11-13 21:53 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-03 18:01 - 2019-02-20 16:26 - 000000000 ___RD C:\Users\GUERRA Dominique\3D Objects
2021-04-03 11:22 - 2019-09-27 13:03 - 000000000 ____D C:\ProgramData\Packages
2021-04-02 21:16 - 2020-05-18 21:16 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-02 21:15 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-02 21:07 - 2019-10-02 08:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Fichiers à la racine de certains dossiers ========

2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe
2020-05-04 17:06 - 2020-05-13 18:47 - 000000034 _____ () C:\Users\GUERRA Dominique\AppData\Roaming\WB.CFG

==================== SigCheckExt =========================

2015-07-15 11:53 - 2015-07-10 04:42 - 000183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4248.dll
2015-05-22 02:00 - 2015-05-22 02:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe
2021-04-24 19:03 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe
2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe
2021-04-24 19:02 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Downloads\FRST64.exe
2021-04-20 17:30 - 2021-04-20 17:30 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe
2021-04-20 17:27 - 2021-04-20 17:27 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\zhpcleaner_2021-4-11-290_fr_433513.exe
2021-04-20 16:51 - 2021-04-20 16:51 - 003274392 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe
2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPSuite.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {a8dde2c4-69dc-11ea-9bff-98eecb276384}
{bootmgr}
timeout 6

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {9f04dc44-25f1-11eb-8a67-a344b920e803}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Application logicielle (101fffff)
--------------------------------
identificateur {a8dde2c4-69dc-11ea-9bff-98eecb276384}
description USB Entry for Windows To Go

Chargeur de d‚marrage Windows
-----------------------------
identificateur {476372ea-dd62-11e5-baa4-98eecb276384}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{476372eb-dd62-11e5-baa4-98eecb276384}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{476372eb-dd62-11e5-baa4-98eecb276384}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {9f04dc46-25f1-11eb-8a67-a344b920e803}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9f04dc44-25f1-11eb-8a67-a344b920e803}
nx OptIn
bootmenupolicy Standard

Chargeur de d‚marrage Windows
-----------------------------
identificateur {9f04dc46-25f1-11eb-8a67-a344b920e803}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f04dc47-25f1-11eb-8a67-a344b920e803}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f04dc47-25f1-11eb-8a67-a344b920e803}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {9f04dc44-25f1-11eb-8a67-a344b920e803}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {9f04dc46-25f1-11eb-8a67-a344b920e803}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {9f04dc47-25f1-11eb-8a67-a344b920e803}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité