Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 Exécuté par GUERRA Dominique (administrateur) sur I (Acer Aspire XC-704) (24-04-2021 19:04:28) Exécuté depuis C:\Users\GUERRA Dominique\Desktop Profils chargés: GUERRA Dominique Platform: Windows 10 Home Version 20H2 19042.928 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12> (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2019-09-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [Chromium] => "c:\users\guerra dominique\appdata\local\chromium\application\chrome.exe" --profile-directory="Default" --auto-launch-at-startup --restore-last-session HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Uninstall 21.052.0314.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\21.052.0314.0001\amd64" HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\RunOnce: [Uninstall 21.052.0314.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GUERRA Dominique\AppData\Local\Microsoft\OneDrive\21.052.0314.0001" ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01BB296E-EA00-47CE-99C1-BBBDF50B90C9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9401F07F2637B987 => C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-18] (Mozilla Corporation -> Mozilla Foundation) Task: {37DCD910-EDE1-4ABB-8156-0D4E51B958D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {43F85E31-5615-4393-A378-AAE57B0ED251} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform) Task: {488F9A4D-93A2-4560-B6B8-8AADA85D9F53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {804865BE-43EF-4FE1-8788-1524FA01C798} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {854C5F00-02FE-4EBC-8386-D213B8E3203F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated) Task: {948055BF-F228-44BD-A9C2-72F3A8CD1D18} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {CD4009CC-4D25-4781-A7E5-9B6DE670DA64} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-22] (Mozilla Corporation -> Mozilla Foundation) Task: {ECB91497-DAA4-464B-8038-3608F08B7547} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2015-09-30] (Acer Incorporated -> Acer Incorporated) Task: {EDD83229-4CBB-4E4D-908B-4A95FE00763E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0830f34f-c121-458b-867c-4286026e04c8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8142e943-ba33-482b-a08e-a6827f1e0c3c}: [DhcpNameServer] 10.1.93.93 10.1.93.52 Edge: ======= DownloadDir: C:\Users\GUERRA Dominique\Downloads Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxp://google.fr/ Edge Notifications: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://www.phonandroid.com Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\GUERRA Dominique\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-24] Edge HomePage: Default -> hxxp://acer15.msn.com/?pc=ACTE Edge StartupUrls: Default -> "hxxps://www.echosdunet.net/dossiers/promotions-operateurs","hxxps://www.msn.com/fr-fr/?cobrand=acer15.msn.com&ocid=ACERDHP15&pc=ACTE" Edge Profile: C:\Users\GUERRA Dominique\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-04-24] FireFox: ======== FF DefaultProfile: xdtly1f1.default FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\fsjiahjz.default-release [2021-04-24] FF Homepage: Mozilla\Firefox\Profiles\fsjiahjz.default-release -> google.fr FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\fsjiahjz.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-04-20] FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\ztuewa6y.default-esr [2021-04-24] FF Homepage: Mozilla\Firefox\Profiles\ztuewa6y.default-esr -> google.fr FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\ztuewa6y.default-esr\Extensions\uBlock0@raymondhill.net.xpi [2021-04-22] FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default [2021-04-21] FF Extension: (العربية Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ar@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Български Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-bg@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Czech (CZ) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Dansk (da) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-da@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Deutsch (DE) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Ελληνικά Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-el@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (English (US) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Español (España) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Estonian Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-et@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Finnish Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-fi@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Français Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Hebrew (IL) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-he@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Magyar (HU) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-hu@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Italiano (IT) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-it@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Japanese Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ja@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Korean (KR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ko@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Lietuvių Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-lt@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Norsk bokmål (NO) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-nb-NO@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Nederlands (NL) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Polski Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Português (pt-BR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Português (Europeu) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pt-PT@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Russian (RU) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ru@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Slovak (SK) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Slovenski jezik Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sl@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (српски (sr) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sr@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Svenska (SE) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (ไทย Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-th@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Türkçe (TR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Ukrainian (UA) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-uk@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-zh-CN@firefox.mozilla.org.xpi [2019-09-27] FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2019-09-27] FF SearchPlugin: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\searchplugins\Yahoo powered search.xml [2020-05-04] FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-22] [non signé] FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation) Chrome: ======= CHR Profile: C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default [2021-04-21] CHR Extension: (Slides) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-19] CHR Extension: (Docs) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-19] CHR Extension: (Google Drive) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (Sheets) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-19] CHR Extension: (Google Docs hors connexion) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-17] CHR Extension: (Ocean) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2021-04-17] CHR Extension: (Chrome Media Router) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-17] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860248 2015-09-30] (Acer Incorporated -> Acer Incorporated) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-12] (Malwarebytes Inc -> Malwarebytes) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-21] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-18] (Malwarebytes Inc -> Malwarebytes) R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-24 19:04 - 2021-04-24 19:06 - 000022239 _____ C:\Users\GUERRA Dominique\Desktop\FRST.txt 2021-04-24 19:03 - 2021-04-24 19:05 - 000000000 ____D C:\FRST 2021-04-24 19:03 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe 2021-04-24 19:02 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Downloads\FRST64.exe 2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPSuite.exe 2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe 2021-04-24 18:25 - 2021-04-24 18:55 - 000265298 _____ C:\Users\GUERRA Dominique\Desktop\ZHPDiag.txt 2021-04-24 18:08 - 2021-04-24 18:08 - 000009044 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (R).html 2021-04-24 18:08 - 2021-04-24 18:08 - 000002735 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (R).txt 2021-04-24 18:00 - 2021-04-24 18:00 - 000008741 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (S).html 2021-04-24 18:00 - 2021-04-24 18:00 - 000002541 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner (S).txt 2021-04-22 11:24 - 2021-04-22 11:28 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-21 17:39 - 2021-04-21 17:39 - 000000784 _____ C:\Users\GUERRA Dominique\Desktop\Bureau - Raccourci.lnk 2021-04-21 13:08 - 2021-04-21 13:08 - 077332480 _____ C:\WINDOWS\system32\config\SOFTWARE 2021-04-21 12:56 - 2021-04-21 13:07 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2021-04-21 12:10 - 2021-04-24 18:36 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\jml 2021-04-21 12:09 - 2021-04-21 12:09 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-04-21 11:50 - 2021-04-24 17:30 - 000000000 ____D C:\Program Files\CCleaner 2021-04-21 11:50 - 2021-04-21 11:51 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-04-21 11:50 - 2021-04-21 11:50 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-04-21 11:50 - 2021-04-21 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-04-21 11:48 - 2021-04-21 11:48 - 031273232 _____ (Piriform Software Ltd) C:\Users\GUERRA Dominique\Downloads\ccsetup578.exe 2021-04-21 09:48 - 2021-04-21 09:48 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\clear.fi 2021-04-20 17:30 - 2021-04-20 17:30 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe 2021-04-20 17:28 - 2021-04-24 17:35 - 000000893 _____ C:\Users\GUERRA Dominique\Desktop\ZHPCleaner.lnk 2021-04-20 17:27 - 2021-04-20 17:27 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\zhpcleaner_2021-4-11-290_fr_433513.exe 2021-04-20 16:51 - 2021-04-20 16:51 - 003274392 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe 2021-04-18 17:48 - 2021-04-18 17:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-18 11:42 - 2021-04-18 11:42 - 000000000 ___RD C:\Users\GUERRA Dominique\Documents\Scanned Documents 2021-04-16 16:23 - 2021-04-16 16:23 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-16 16:22 - 2021-04-16 16:22 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-16 16:22 - 2021-04-16 16:22 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-06 16:35 - 2021-04-17 18:25 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier (2) 2021-04-04 21:48 - 2021-04-04 21:48 - 000001216 _____ C:\Users\GUERRA Dominique\Desktop\SavedPictures - Raccourci.lnk 2021-04-04 21:48 - 2021-04-04 21:48 - 000001195 _____ C:\Users\GUERRA Dominique\Desktop\CameraRoll - Raccourci (2).lnk 2021-04-04 21:48 - 2021-04-04 21:48 - 000001177 _____ C:\Users\GUERRA Dominique\Desktop\Images - Raccourci.lnk 2021-04-04 17:11 - 2021-04-04 17:32 - 000000000 ____D C:\ryvieraz.o.com 2021-04-03 15:27 - 2021-04-03 15:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2021-04-03 15:26 - 2021-04-03 15:26 - 000000000 ____D C:\ProgramData\Apple 2021-04-03 11:24 - 2021-04-22 11:28 - 000001317 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-03 11:23 - 2021-04-03 11:24 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox 2021-04-03 11:16 - 2021-04-03 11:16 - 000000000 ____D C:\Users\Public\File Viewer Plus 2021-04-02 21:15 - 2020-07-31 15:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-03-27 14:38 - 2021-04-22 11:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-03-24 16:51 - 2021-03-24 16:51 - 000001017 _____ C:\Users\GUERRA Dominique\Desktop\Vidéos - Raccourci (2).lnk 2021-03-24 16:42 - 2021-03-24 16:42 - 000001195 _____ C:\Users\GUERRA Dominique\Desktop\CameraRoll - Raccourci.lnk 2021-03-19 16:43 - 2021-03-19 16:43 - 000000738 _____ C:\Users\GUERRA Dominique\GUERRA Dominique.lnk 2021-03-17 16:41 - 2021-03-17 16:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-17 16:41 - 2021-03-17 16:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-17 16:40 - 2021-03-17 16:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-17 16:39 - 2021-03-17 16:39 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-17 16:39 - 2021-03-17 16:39 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-17 16:38 - 2021-03-17 16:38 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-17 16:37 - 2021-03-17 16:37 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-17 16:36 - 2021-03-17 16:36 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe 2021-02-19 17:05 - 2021-02-19 17:05 - 000000969 _____ C:\Users\GUERRA Dominique\Desktop\DMC-FZ200 - Raccourci.lnk 2021-02-12 21:00 - 2021-02-12 21:00 - 000000809 _____ C:\Users\GUERRA Dominique\Desktop\Images - Raccourci (2).lnk 2021-02-12 17:46 - 2021-04-20 16:52 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ZHP ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-24 18:55 - 2020-05-14 18:41 - 000000135 _____ C:\Users\GUERRA 2021-04-24 18:55 - 2020-05-13 18:08 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\ZHP 2021-04-24 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-24 18:09 - 2019-06-16 23:35 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Mozilla 2021-04-24 18:09 - 2015-07-16 06:20 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-24 17:32 - 2020-06-27 11:39 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-24 17:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-24 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-24 17:30 - 2020-11-13 22:20 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4178424111-3086846748-1683071943-1001 2021-04-24 17:30 - 2018-04-30 17:32 - 000000000 ___RD C:\Users\GUERRA Dominique\OneDrive 2021-04-24 17:29 - 2020-11-13 21:55 - 000002445 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-24 17:27 - 2019-09-27 12:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-04-24 17:27 - 2018-04-30 17:27 - 000000000 __SHD C:\Users\GUERRA Dominique\IntelGraphicsProfiles 2021-04-22 11:28 - 2019-10-01 20:42 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-22 11:28 - 2019-10-01 20:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-21 17:37 - 2019-10-02 08:21 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\vlc 2021-04-21 13:48 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-04-21 13:42 - 2019-09-27 12:45 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Packages 2021-04-21 13:38 - 2020-11-13 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-21 12:15 - 2020-11-13 22:06 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-21 12:15 - 2019-12-07 16:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat 2021-04-21 12:15 - 2019-12-07 16:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat 2021-04-21 12:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-21 12:14 - 2020-11-04 17:25 - 000000000 ___DC C:\WINDOWS\Panther 2021-04-21 12:14 - 2020-04-25 18:14 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CrashDumps 2021-04-21 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-21 12:09 - 2020-11-13 22:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-21 12:08 - 2020-11-13 21:49 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-21 11:55 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-20 17:50 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files (x86)\Acer 2021-04-20 17:48 - 2015-07-16 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2021-04-20 17:46 - 2020-06-19 23:26 - 000000000 ____D C:\Program Files (x86)\Google 2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-17 17:59 - 2019-09-27 12:57 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\PlaceholderTileLogoFolder 2021-04-17 11:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-16 15:38 - 2019-09-28 18:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-16 15:32 - 2019-09-28 18:51 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-13 10:55 - 2019-09-27 12:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-09 17:05 - 2020-11-13 21:49 - 000472408 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-05 11:45 - 2020-02-09 23:57 - 000000000 ____D C:\Users\GUERRA Dominique\Documents\Fax 2021-04-04 21:21 - 2020-03-21 18:05 - 000000000 ___RD C:\Bureau 2021-04-04 17:16 - 2020-11-13 21:53 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-03 18:01 - 2019-02-20 16:26 - 000000000 ___RD C:\Users\GUERRA Dominique\3D Objects 2021-04-03 11:22 - 2019-09-27 13:03 - 000000000 ____D C:\ProgramData\Packages 2021-04-02 21:16 - 2020-05-18 21:16 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-04-02 21:15 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-02 21:07 - 2019-10-02 08:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys ==================== Fichiers à la racine de certains dossiers ======== 2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe 2020-05-04 17:06 - 2020-05-13 18:47 - 000000034 _____ () C:\Users\GUERRA Dominique\AppData\Roaming\WB.CFG ==================== SigCheckExt ========================= 2015-07-15 11:53 - 2015-07-10 04:42 - 000183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4248.dll 2015-05-22 02:00 - 2015-05-22 02:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe 2021-04-24 19:03 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe 2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe 2021-04-24 19:02 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Downloads\FRST64.exe 2021-04-20 17:30 - 2021-04-20 17:30 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe 2021-04-20 17:27 - 2021-04-20 17:27 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\zhpcleaner_2021-4-11-290_fr_433513.exe 2021-04-20 16:51 - 2021-04-20 16:51 - 003274392 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe 2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {a8dde2c4-69dc-11ea-9bff-98eecb276384} {bootmgr} timeout 6 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} flightsigning Yes default {current} resumeobject {9f04dc44-25f1-11eb-8a67-a344b920e803} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {a8dde2c4-69dc-11ea-9bff-98eecb276384} description USB Entry for Windows To Go Chargeur de d‚marrage Windows ----------------------------- identificateur {476372ea-dd62-11e5-baa4-98eecb276384} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{476372eb-dd62-11e5-baa4-98eecb276384} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery displaymessageoverride PushButtonReset osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{476372eb-dd62-11e5-baa4-98eecb276384} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {9f04dc46-25f1-11eb-8a67-a344b920e803} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {9f04dc44-25f1-11eb-8a67-a344b920e803} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {9f04dc46-25f1-11eb-8a67-a344b920e803} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f04dc47-25f1-11eb-8a67-a344b920e803} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f04dc47-25f1-11eb-8a67-a344b920e803} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {9f04dc44-25f1-11eb-8a67-a344b920e803} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {9f04dc46-25f1-11eb-8a67-a344b920e803} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {9f04dc47-25f1-11eb-8a67-a344b920e803} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================