Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020 Exécuté par AM (administrateur) sur PC-AM (Packard Bell imedia S2185) (13-12-2020 22:20:02) Exécuté depuis C:\Users\AM\Downloads Profils chargés: AM Platform: Windows 10 Home Version 1903 18362.900 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18> (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13425224 2013-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Farmville Two Notifications] => C:\Program Files\Farm2Desktop\Farm2Notification\Farm2TaskbarNotifier.exe [388312 2019-11-04] (Zynga, Inc. -> Zynga Inc.) HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui HKU\S-1-5-21-3418441608-3140217706-3993767624-1001\...\Run: [OneDrive] => C:\Users\AM\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1585000 2019-11-21] () [Fichier non signé] HKU\S-1-5-21-3418441608-3140217706-3993767624-1001\...\Run: [EEDSpeedLauncher] => C:\WINDOWS\system32\eed_ec.dll [3141120 2014-12-04] (Microsoft Windows Hardware Compatibility Publisher -> ) HKU\S-1-5-21-3418441608-3140217706-3993767624-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3418441608-3140217706-3993767624-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKLM\...\Windows x64\Print Processors\sst9cPC: C:\Windows\System32\spool\prtprocs\x64\sst9cpc.dll [43520 2014-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Windows x64\Print Processors\usp01PC: C:\Windows\System32\spool\prtprocs\x64\usp01pc.dll [43520 2014-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [114872 2014-12-19] (pdfforge GmbH -> pdfforge GmbH) HKLM\...\Print\Monitors\sst9c Langmon: C:\WINDOWS\system32\sst9clm.dll [29184 2014-12-04] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\usp01 Langmon: C:\WINDOWS\system32\usp01l.dll [29184 2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-06] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Remote.lnk [2014-02-21] ShortcutTarget: Acer Remote.lnk -> C:\Program Files (x86)\Acer Remote\ArcServer.exe (Pas de fichier) GroupPolicy-x32: Restriction ? <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {1DA9F6AA-4C65-4720-BBE4-30C573D0BD62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {1E872A3A-D499-412A-BB3C-026022B78B25} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {1F96E2AA-2E4B-46BB-B237-416A51B1C4D8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {21F7E62B-DFF4-4026-B049-D8C2C0067C6B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3567789B-DBE7-436B-AEA9-98CD5D483F9E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {4321D016-9540-4E84-8E33-F27136BA6AD6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {468FB32D-BB39-4B98-B391-E7911209F921} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {6A3BE900-18F9-48F6-9613-65C7F9EC54D4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {6D5E9177-504F-44F3-B11D-681A6473C610} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {73A6FDF7-6BCE-436F-9702-B3B4A4CED1AA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {7EF48397-E27F-4B82-A94E-C70E9A424E25} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {83B53C47-3986-4FCE-B853-1B460C4AC8A6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {92A1F604-DBE1-4521-8B7D-1BA23C908895} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {9AFA29EE-1325-48AA-87DD-DD04485A50EB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3418441608-3140217706-3993767624-1001 => C:\Users\AM\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {9B8F216D-88FB-4797-A0C2-17A891F0C82E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {9BD35E2B-97F9-48FF-AC91-2DA8CB07071A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {9C41A5EC-F56C-455E-905E-295D7F84B133} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {A22AEF17-DDA8-45A0-BD8F-2FA4B76B5213} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A36179BC-E604-4711-88A1-EDCCC1959C77} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe Task: {AA7C9455-1608-482A-A4E3-4EA6D74178DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {BA1368AF-AEE5-40B5-BAB3-226CBAB75FD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {C60C53CE-2ED5-4F34-882E-EEAE95A80BD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CE2E2198-B4B0-4972-858F-04868248D36A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {DD3A524B-813A-4C8C-9E52-FBEDB4EDDD50} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {DE50E018-7EA1-4912-8A7C-2A46456FBA22} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {DE618CEA-4104-4ED1-A16F-AEDBA85FE0CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {E80CE22D-34DB-47EC-ADAC-3294808F6C2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {EBB42BD7-6D44-4A9A-A123-F5326988CD08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {F2E74182-14AB-4BAB-AC7F-6A751524276A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {F94DD2CA-B9EE-4016-A6EB-0662DBFBF93E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {FCE3D9B3-44F1-45B4-8C5B-F29A73F72F75} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {FD13855A-F4BF-4F26-916A-2440B477B682} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{87553bfa-5cef-47bf-983b-91dc80e8b0fe}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{d4c9c749-e31e-45d7-b2bb-10a4057af0c6}: [DhcpNameServer] 192.168.1.254 Edge: ====== Edge Profile: C:\Users\AM\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13] FireFox: ======== FF DefaultProfile: k3i21lzo.default FF ProfilePath: C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\k3i21lzo.default [2020-03-04] FF Extension: (Avast Online Security) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\k3i21lzo.default\Extensions\wrc@avast.com.xpi [2018-11-20] FF ProfilePath: C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\bs3vvyh8.default-release [2020-12-13] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\AM\AppData\Local\Google\Chrome\User Data\Default [2020-12-13] CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\AM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-12-13] CHR Extension: (Farmville2 X-Press) - C:\Users\AM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbgjpdhhnbgmnafojckjmjogcpoinlim [2020-12-13] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\AM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\AM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-13] CHR Extension: (Chrome Media Router) - C:\Users\AM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-13] CHR Profile: C:\Users\AM\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-10] CHR Profile: C:\Users\AM\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-10] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-13] (Malwarebytes Inc -> Malwarebytes) S2 UpdateService; C:\Program Files\ZyngaUpdateService\ZyngaUpdateService.exe [1032392 2019-11-04] (Zynga, Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ePowerSvc; "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-11-16] (Microsoft Corporation) [Fichier non signé] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-13] (Malwarebytes Corporation -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-13] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2020-12-13] (Malwarebytes Inc -> Malwarebytes) R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38504 2012-04-16] (Realtek Semiconductor Corp -> Windows (R) Codename Longhorn DDK provider) S3 RTL8187B; C:\WINDOWS\system32\DRIVERS\wg111v3.sys [446976 2009-11-18] (Microsoft Windows Hardware Compatibility Publisher -> NETGEAR Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-30] (BYD precision manufacture company -> TP Microelectronic) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50176 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-12-13 22:18 - 2020-12-13 22:17 - 000378009 _____ C:\Users\AM\Desktop\ZHPDiag.txt 2020-12-13 20:53 - 2020-12-13 20:53 - 000001771 _____ C:\Users\AM\Documents\MBAM.txt 2020-12-13 20:34 - 2020-12-13 20:34 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2020-12-13 20:34 - 2020-12-13 20:34 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2020-12-13 20:33 - 2020-12-13 20:33 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-12-13 20:33 - 2020-12-13 20:33 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-12-13 20:33 - 2020-12-13 20:33 - 000002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-12-13 20:33 - 2020-12-13 20:33 - 000001993 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-12-13 20:33 - 2020-12-13 20:33 - 000000000 ____D C:\Users\AM\AppData\Local\mbam 2020-12-13 20:32 - 2020-12-13 20:32 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-12-13 20:32 - 2020-12-13 20:32 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-12-13 20:31 - 2020-12-13 20:31 - 000000000 ____D C:\Program Files\Malwarebytes 2020-12-13 20:29 - 2020-12-13 20:29 - 002086424 _____ (Malwarebytes) C:\Users\AM\Downloads\MBSetup.exe 2020-12-13 20:09 - 2020-12-13 20:09 - 008447152 _____ (Malwarebytes) C:\Users\AM\Downloads\adwcleaner_8.0.8.exe 2020-12-13 20:02 - 2020-12-13 20:02 - 000000000 ____D C:\Users\AM\AppData\LocalLow\AMD 2020-12-13 20:01 - 2020-12-13 20:01 - 000011673 _____ C:\Users\AM\Desktop\ZHPCleaner (R).txt 2020-12-13 19:54 - 2020-12-13 19:54 - 000011344 _____ C:\Users\AM\Desktop\ZHPCleaner (S).txt 2020-12-13 19:15 - 2020-12-13 19:15 - 003339136 _____ (Nicolas Coolman) C:\Users\AM\Downloads\ZHPCleaner.exe 2020-12-13 19:15 - 2020-12-13 19:15 - 000000919 _____ C:\Users\AM\Desktop\ZHPCleaner.lnk 2020-12-13 18:48 - 2020-12-12 11:59 - 000069848 _____ C:\Users\AM\Desktop\Wub.ini 2020-12-13 18:48 - 2020-10-19 16:58 - 000001865 _____ C:\Users\AM\Desktop\ReadMe.txt 2020-12-13 18:46 - 2020-10-19 15:38 - 000000000 ____D C:\Users\AM\Downloads\Wub 2020-12-13 18:44 - 2020-12-13 18:45 - 001002349 _____ C:\Users\AM\Downloads\Wub.zip 2020-12-13 17:38 - 2020-12-13 18:11 - 3605049224 _____ C:\Users\AM\Downloads\iCloud Photos (1).zip 2020-12-13 17:29 - 2020-12-13 17:32 - 231551423 _____ C:\Users\AM\Downloads\iCloud Photos.zip 2020-12-13 17:10 - 2020-12-13 17:10 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-12-13 17:05 - 2020-12-13 17:05 - 012448056 _____ (AVAST Software) C:\Users\AM\Downloads\avastclear.exe 2020-12-13 14:27 - 2020-12-13 14:27 - 000000000 ___HD C:\$WINDOWS.~BT 2020-12-13 14:23 - 2020-12-13 14:23 - 000062708 _____ C:\Users\AM\Downloads\Shortcut.txt 2020-12-13 14:16 - 2020-12-13 14:23 - 000067517 _____ C:\Users\AM\Downloads\Addition.txt 2020-12-13 13:59 - 2020-12-13 22:23 - 000020785 _____ C:\Users\AM\Downloads\FRST.txt 2020-12-13 13:56 - 2020-12-13 22:22 - 000000000 ____D C:\FRST 2020-12-13 13:55 - 2020-12-13 13:55 - 000000000 ____D C:\avast! sandbox 2020-12-13 13:54 - 2020-12-13 13:54 - 000001468 _____ C:\Users\AM\Desktop\FRST64 - Raccourci.lnk 2020-12-13 13:53 - 2020-12-13 13:54 - 002286592 _____ (Farbar) C:\Users\AM\Downloads\FRST64.exe 2020-12-13 13:45 - 2020-12-13 13:45 - 000498027 _____ C:\Users\AM\Desktop\ZHPDiag.html 2020-12-13 13:45 - 2020-12-13 13:45 - 000409886 _____ C:\Users\Public\Desktop\ZHPDiag.txt 2020-12-13 13:17 - 2020-12-13 22:17 - 000000000 ____D C:\Users\AM\AppData\Roaming\ZHP 2020-12-13 13:17 - 2020-12-13 19:15 - 000000000 ____D C:\Users\AM\AppData\Local\ZHP 2020-12-13 13:17 - 2020-12-13 13:17 - 000000909 _____ C:\Users\AM\Desktop\ZHPSuite.lnk 2020-12-13 13:16 - 2020-12-13 21:54 - 000001488 _____ C:\Users\AM\Desktop\ZHPSuite - Raccourci.lnk 2020-12-13 13:14 - 2020-12-13 13:14 - 003477888 _____ (Nicolas Coolman) C:\Users\AM\Downloads\ZHPSuite.exe 2020-12-13 12:34 - 2020-12-13 12:48 - 000624220 _____ C:\WINDOWS\Minidump\121320-35750-01.dmp 2020-12-13 12:34 - 2020-12-13 12:34 - 000000000 ____D C:\WINDOWS\Minidump 2020-12-08 15:32 - 2020-12-08 15:32 - 000077828 _____ C:\Users\AM\Downloads\Bouyguestelecom_Facture_20201127.pdf 2020-11-27 17:15 - 2020-11-27 17:15 - 000163165 _____ C:\Users\AM\Downloads\unknown 2020-11-10 15:02 - 2020-11-10 15:02 - 030460656 _____ (Piriform Software Ltd) C:\Users\AM\Downloads\ccsetup574.exe 2020-11-03 15:15 - 2020-11-03 15:15 - 000077552 _____ C:\Users\AM\Downloads\Bouyguestelecom_Facture_20200827 (1).pdf 2020-11-03 15:14 - 2020-11-03 15:14 - 000078365 _____ C:\Users\AM\Downloads\Bouyguestelecom_Facture_20201027 (1).pdf 2020-11-03 15:09 - 2020-11-03 15:09 - 000078365 _____ C:\Users\AM\Downloads\Bouyguestelecom_Facture_20201027.pdf 2020-10-19 14:16 - 2020-12-13 18:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-10-09 10:58 - 2020-10-09 10:58 - 000077552 _____ C:\Users\AM\Downloads\Bouyguestelecom_Facture_20200827.pdf 2020-10-09 10:56 - 2020-10-09 10:57 - 000078999 _____ C:\Users\AM\Downloads\Bouyguestelecom_Facture_20200927.pdf 2020-10-03 12:33 - 2020-10-03 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2020-09-30 13:15 - 2020-12-11 11:17 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2020-09-30 13:15 - 2020-09-30 13:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2020-09-30 13:07 - 2020-09-30 13:09 - 500138440 _____ (AVAST Software) C:\Users\AM\Downloads\avast_free_antivirus_setup_offline.exe 2020-09-30 10:04 - 2020-09-30 10:05 - 000213816 _____ C:\Users\AM\Downloads\nait.pdf 2020-09-26 10:53 - 2020-09-26 10:54 - 000060056 _____ C:\Users\AM\Downloads\2009138 NAIT-OUALTIT LAHSEN-2020-09-24.pdf 2020-09-26 10:39 - 2020-09-26 10:39 - 000030595 _____ C:\Users\AM\Downloads\596271956_1022325.pdf 2020-09-23 11:25 - 2020-12-13 17:25 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-09-23 11:25 - 2020-12-13 17:25 - 000002292 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-09-23 11:24 - 2020-12-13 17:18 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-09-23 11:24 - 2020-12-13 17:18 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-09-17 13:22 - 2020-10-03 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2020-09-17 13:22 - 2020-09-17 13:22 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-12-13 21:53 - 2017-04-06 08:58 - 000000000 ____D C:\Program Files\CCleaner 2020-12-13 21:23 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-13 21:11 - 2015-01-09 09:15 - 000000000 ____D C:\Users\AM\AppData\Local\CrashDumps 2020-12-13 20:35 - 2017-04-26 08:38 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2020-12-13 20:32 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-12-13 20:32 - 2014-08-30 11:48 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-12-13 20:27 - 2019-11-16 01:31 - 001772410 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-13 20:27 - 2019-03-19 13:00 - 000792174 _____ C:\WINDOWS\system32\perfh00C.dat 2020-12-13 20:27 - 2019-03-19 13:00 - 000150242 _____ C:\WINDOWS\system32\perfc00C.dat 2020-12-13 20:27 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-12-13 20:21 - 2019-11-16 02:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-13 20:20 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-13 20:20 - 2017-05-12 07:24 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2020-12-13 20:20 - 2014-02-21 13:50 - 000000000 ____D C:\Program Files\Packard Bell 2020-12-13 20:12 - 2018-08-17 19:56 - 000000000 ____D C:\AdwCleaner 2020-12-13 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2020-12-13 18:40 - 2013-05-08 14:00 - 000000000 ____D C:\ProgramData\WildTangent 2020-12-13 18:37 - 2019-11-12 06:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-12-13 18:37 - 2019-09-07 21:14 - 000000000 ___DC C:\WINDOWS\Panther 2020-12-13 18:26 - 2014-09-06 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-12-13 18:09 - 2014-09-06 15:30 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-12-13 18:08 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-13 17:33 - 2018-02-02 14:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-13 17:19 - 2014-11-14 09:19 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-12-13 17:14 - 2017-01-23 12:31 - 000000000 ____D C:\ProgramData\AVAST Software 2020-12-13 15:41 - 2018-11-20 11:13 - 000000000 ____D C:\Users\AM\AppData\Local\AVAST Software 2020-12-13 12:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-13 12:34 - 2019-11-16 01:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-11 11:16 - 2019-11-16 02:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-12-09 13:05 - 2019-11-16 01:20 - 000000000 ____D C:\Users\AM 2020-12-09 12:25 - 2014-02-21 13:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-12-05 17:58 - 2019-11-16 02:01 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-05 17:58 - 2019-11-16 02:01 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-03 13:03 - 2019-11-16 01:58 - 000028578 _____ C:\WINDOWS\diagwrn.xml 2020-12-03 13:03 - 2019-11-16 01:58 - 000028578 _____ C:\WINDOWS\diagerr.xml 2020-12-03 12:08 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps ==================== Fichiers à la racine de certains dossiers ======== 2016-06-10 14:55 - 2016-06-10 14:55 - 000000017 _____ () C:\Users\AM\AppData\Local\resmon.resmoncfg 2016-01-21 13:57 - 2016-01-21 13:57 - 000000000 _____ () C:\Users\AM\AppData\Local\{F5F0F696-FC02-4678-9075-89AF765D8B98} ==================== SigCheckExt ========================= 2019-08-16 11:37 - 2019-08-16 11:37 - 000158208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2013-08-22 12:45 - 2013-08-22 12:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll 2013-08-22 12:43 - 2013-08-22 12:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll 2014-10-31 09:25 - 2014-10-22 04:33 - 000581016 _____ C:\WINDOWS\system32\AutoUpdate.exe 2017-03-17 22:44 - 2017-03-04 06:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2015-03-12 14:48 - 2014-10-29 02:59 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe 2015-03-12 14:51 - 2014-10-29 02:54 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll 2016-06-23 15:41 - 2016-03-24 04:56 - 002817536 _____ C:\WINDOWS\system32\DlgSearchEngine.dll 2013-08-22 13:36 - 2013-06-18 16:03 - 000089600 _____ (Seiko Epson Corporation.) C:\WINDOWS\system32\ep0icd2.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll 2012-11-27 01:18 - 2012-11-27 01:18 - 000050688 _____ C:\WINDOWS\system32\kdbsdk64.dll 2014-11-18 14:26 - 2014-07-10 05:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll 2015-03-20 11:52 - 2013-11-29 09:45 - 001166336 _____ C:\WINDOWS\system32\sage.common.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2012-01-23 13:15 - 2012-01-23 13:15 - 000122880 _____ (Multicore Ware) C:\WINDOWS\system32\SlotMaximizerAg.dll 2012-01-23 13:15 - 2012-01-23 13:15 - 002478592 _____ (Multicore Ware) C:\WINDOWS\system32\SlotMaximizerBe.dll 2015-09-10 13:30 - 2015-07-22 15:19 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-04-16 13:20 - 2015-03-14 02:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2019-08-16 11:37 - 2019-08-16 11:37 - 000130048 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2013-08-22 05:17 - 2013-08-22 05:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2016-06-23 15:41 - 2016-03-24 04:56 - 002078208 _____ C:\WINDOWS\SysWOW64\DlgSearchEngine.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll 2013-08-22 05:14 - 2013-08-22 05:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll 2012-11-27 01:18 - 2012-11-27 01:18 - 000038912 _____ C:\WINDOWS\SysWOW64\kdbsdk32.dll 2015-10-30 08:19 - 2016-11-22 18:16 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 08:19 - 2016-11-22 18:16 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2013-11-29 09:45 - 2013-11-29 09:45 - 001074176 _____ C:\WINDOWS\SysWOW64\sage.common.dll 2012-01-23 13:29 - 2012-01-23 13:29 - 000122880 _____ (Multicore Ware) C:\WINDOWS\SysWOW64\SlotMaximizerAg.dll 2012-01-23 13:29 - 2012-01-23 13:29 - 002478592 _____ (Multicore Ware) C:\WINDOWS\SysWOW64\SlotMaximizerBe.dll 2014-08-29 22:05 - 2010-08-30 07:34 - 000536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2020-12-13 13:53 - 2020-12-13 13:54 - 002286592 _____ (Farbar) C:\Users\AM\Downloads\FRST64.exe 2020-12-13 19:15 - 2020-12-13 19:15 - 003339136 _____ (Nicolas Coolman) C:\Users\AM\Downloads\ZHPCleaner.exe 2020-12-13 13:14 - 2020-12-13 13:14 - 003477888 _____ (Nicolas Coolman) C:\Users\AM\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d�marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 2 Gestionnaire de d�marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {7f4d5172-0805-11ea-9f3d-c976040c658b} displayorder {current} {4f3836d0-03b2-11e8-bf5f-f80f41aeb35c} {179903b6-9b49-11e3-8ab7-f80f41aeb35c} toolsdisplayorder {memdiag} timeout 0 Chargeur de d�marrage Windows ----------------------------- identificateur {179903b6-9b49-11e3-8ab7-f80f41aeb35c} device partition=C: path \$WINDOWS.~BT\NewOS\WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} restartonfailure Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \$WINDOWS.~BT\NewOS\WINDOWS resumeobject {179903b5-9b49-11e3-8ab7-f80f41aeb35c} nx OptIn bootmenupolicy Standard Chargeur de d�marrage Windows ----------------------------- identificateur {4f3836d0-03b2-11e8-bf5f-f80f41aeb35c} device partition=C: path \$WINDOWS.~BT\NewOS\WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} restartonfailure Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \$WINDOWS.~BT\NewOS\WINDOWS resumeobject {4f3836cf-03b2-11e8-bf5f-f80f41aeb35c} nx OptIn bootmenupolicy Standard Chargeur de d�marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {7f4d5174-0805-11ea-9f3d-c976040c658b} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {7f4d5172-0805-11ea-9f3d-c976040c658b} nx OptIn bootmenupolicy Standard Chargeur de d�marrage Windows ----------------------------- identificateur {7f4d5174-0805-11ea-9f3d-c976040c658b} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{7f4d5175-0805-11ea-9f3d-c976040c658b} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{7f4d5175-0805-11ea-9f3d-c976040c658b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d�marrage Windows ----------------------------- identificateur {f7741f95-36a2-11e9-ac54-e3151af03fc3} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{f7741f96-36a2-11e9-ac54-e3151af03fc3} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{f7741f96-36a2-11e9-ac54-e3151af03fc3} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {179903b5-9b49-11e3-8ab7-f80f41aeb35c} device partition=C: path \$WINDOWS.~BT\NewOS\WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} isolatedcontext Yes allowedinmemorysettings 0x15000075 filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {7f4d5172-0805-11ea-9f3d-c976040c658b} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {7f4d5174-0805-11ea-9f3d-c976040c658b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m�moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m�moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Param�tres EMS -------------- identificateur {emssettings} bootems No Param�tres du d�bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m�moire RAM ---------------------- identificateur {badmemory} Param�tres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Param�tres du chargeur de d�marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Param�tres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Param�tres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p�riph�rique ----------------------- identificateur {7f4d5175-0805-11ea-9f3d-c976040c658b} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================