Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2021 Exécuté par frity (administrateur) sur LAPTOP-BDLLGBJC (Acer Aspire A515-51G) (22-05-2021 20:29:53) Exécuté depuis C:\Users\frity\Desktop Profils chargés: frity Platform: Windows 10 Home Version 20H2 19042.985 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\IntelCpHeciSvc.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\frity\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13929.20378.0_x86__8wekyb3d8bbwe\Office16\WINWORD.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\frity\AppData\Roaming\ZHP\ZHPSuite.exe (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\frity\Desktop\ZHPSuite(2).exe (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4> (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1923008 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-12-19] (Western Digital Technologies, Inc. -> Western Digital Corporation) HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\Run: [D2219F4DBA2DE26898F30236882F410E3754A74D._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\RunOnce: [Application Restart #9] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.msn.com/fr-b (l'élément de données a 115 caractères en plus). HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.msn.com/fr-b (l'élément de données a 107 caractères en plus). HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\frity\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\frity\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\RunOnce: [Uninstall 21.073.0411.0002_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frity\AppData\Local\Microsoft\OneDrive\21.073.0411.0002_1\amd64" HKU\S-1-5-21-3900341870-1763094227-1614825723-1001\...\RunOnce: [Uninstall 21.073.0411.0002_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frity\AppData\Local\Microsoft\OneDrive\21.073.0411.0002_1" HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\Windows\system32\HPDiscoPMB111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC) Startup: C:\Users\frity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk [2020-04-02] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {03C689DE-F4A0-4F99-8685-5F95D0C60D17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC) Task: {04D77E69-9870-432C-8743-F09FD4803439} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {06D2E3FD-F994-43BD-95D0-9DE4F38A2358} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-31] (Acer Incorporated -> ) Task: {1184D84C-0211-4180-8F06-11192FF15116} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {13F72B60-4055-4F6E-A08E-4930908F4D15} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {14AA5DE2-C14A-4A78-A95E-F147AEF71154} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {14AA5DE2-C14A-4A78-A95E-F147AEF71154} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3900341870-1763094227-1614825723-1001" /ENABLE Task: {14AA5DE2-C14A-4A78-A95E-F147AEF71154} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {22CD6655-CB55-4011-AD34-CBC2ABE1706C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {27B3AB59-A78D-4257-862A-0382FC9033B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {295FB112-CA74-470B-90AD-37E45C007820} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {2C552F3F-2154-4807-B09B-5A05D90B9784} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {2FC0F87D-C390-44FB-987D-B89377DCEF6E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-07] (Mozilla Corporation -> Mozilla Foundation) Task: {36DAD015-3ADA-4B76-BB7B-AB543DE27352} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {39715A60-BC44-4567-858E-1B25DD69DCAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC) Task: {3E2B38F5-4D98-4CC8-99D7-9A4C947C7496} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {47AE7D41-8553-4225-8B8A-4E2FDF68DD5A} - System32\Tasks\WD Device Agent Task frity => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-12-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) Task: {4AD53D38-7F27-410E-A44D-028DC734719A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {5B512942-1A37-46B7-83BE-9B5158F987E7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-05-23] (Acer Incorporated -> TODO: ) Task: {66FD85AA-5082-4E5F-8A5B-0F9FEF9ED08E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe) Task: {6C30A6F2-2280-4BED-A1DE-2731E2C33769} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated) Task: {70CDBE67-8744-42F9-B5CF-1E819ADBCC79} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {73CBF2BE-B8F6-4206-AC3F-E2EBAEA9223C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-10] (Adobe Inc. -> Adobe) Task: {76B687A6-7504-4B65-BB4D-85B3CF2ABD6C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated) Task: {8473158D-25BA-4A99-BE95-D693BA00DE77} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {8608C6DA-CCFF-4FDC-978E-336A67818EDC} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {87A0DA32-23AB-4F34-972B-B6884D1CE5C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {88337417-CEC7-4111-92B5-1CC16D4FB36A} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {928C909E-332C-4AAB-A876-02DC5D4FD50E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {9713C829-2BCD-4570-AFC3-8B18EE7AD114} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9802DE4D-1A64-44D2-9071-1D9FE98840A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D143CF8-9ABD-48CA-AEA7-D7A459B70A80} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-31] (Acer Incorporated -> ) Task: {A13FA85F-AAF5-436D-B484-41EF1A3804DC} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated) Task: {A30B706A-A3F1-4376-BA35-D91F26B9B74F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-10-31] (Acer Incorporated -> ) Task: {A3C7E70D-8134-4D4E-B99A-70EE4C182A5C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A644F618-ECAC-4F09-97EC-887625B3D4FF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AC77729B-45E2-4A07-8D68-31B32FF6A2FA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B320B7C3-6C40-41F8-8B64-BB2234648773} - System32\Tasks\WD Discovery Service Task frity => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-12-19] (Western Digital Technologies, Inc. -> ) Task: {B64D3D54-E66D-46B2-ABC6-E5FF5A93E778} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {BD96F5B3-8D05-4CF0-B6DE-809AD69946A7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CAC32A11-4178-46D9-8648-CF8FA8F396FE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {D3FB5AB7-8298-44C1-96D8-C4D7F78BF85B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform) Task: {E98374CA-184A-43EC-9654-B39A59CDC054} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F6FA6622-76D5-4895-915D-E7DB4986FBDB} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {FF082526-8C16-4A4D-8DED-165212C54B34} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{646a3782-2532-4486-a179-4972816dcc9c}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bf6a1028-dd1f-443e-a2af-f2d5b9789537}: [DhcpNameServer] 10.62.4.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\frity\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-22] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: 7r0mwz3g.default-1564505556384 FF ProfilePath: C:\Users\frity\AppData\Roaming\Mozilla\Firefox\Profiles\7r0mwz3g.default-1564505556384 [2021-05-22] FF Extension: (AdBlocker Ultimate) - C:\Users\frity\AppData\Roaming\Mozilla\Firefox\Profiles\7r0mwz3g.default-1564505556384\Extensions\adblockultimate@adblockultimate.net.xpi [2020-12-07] FF Extension: (To Google Translate) - C:\Users\frity\AppData\Roaming\Mozilla\Firefox\Profiles\7r0mwz3g.default-1564505556384\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-09-04] FF Extension: (Video DownloadHelper) - C:\Users\frity\AppData\Roaming\Mozilla\Firefox\Profiles\7r0mwz3g.default-1564505556384\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> ) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\frity\AppData\Local\Google\Chrome\User Data\Default [2021-05-15] CHR Extension: (Slides) - C:\Users\frity\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-28] CHR Extension: (AVG SafePrice | Comparaison, offres, coupons) - C:\Users\frity\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-07-27] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\frity\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Chrome Media Router) - C:\Users\frity\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-27] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.20.5.39\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.20.5.39\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [347024 2017-06-02] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7391408 2021-05-14] (Malwarebytes Inc -> Malwarebytes) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated) S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated) R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> ) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1642744 2021-03-15] (WildTangent Inc -> ) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\BASHDefs\20190624.002\BHDrvx64.sys [1935880 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation) R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-10] (Symantec Corporation -> Symantec Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-14] (Malwarebytes Inc -> Malwarebytes) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.1.5\Definitions\IPSDefs\20190626.061\IDSvia64.sys [1441800 2019-04-26] (Symantec Corporation -> Symantec Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [22320 2017-10-30] (Acer Incorporated -> Acer Incorporated) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-14] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-14] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MpKslfa276cfc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B2DF96A6-FEDA-4998-B72A-C6A57D7EA513}\MpKslDrv.sys [107744 2021-05-22] (Microsoft Windows -> Microsoft Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [16688 2017-10-30] (Acer Incorporated -> Acer Incorporated) S3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-05-11] (Symantec Corporation -> Symantec Corporation) S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.11.1.5\SymPlatform\SymEvnt.sys [712200 2019-06-07] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-05-21] (Adlice -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation) R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation) R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.) S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-05-22 20:29 - 2021-05-22 20:29 - 000000000 ____D C:\Users\frity\Desktop\FRST-OlderVersion 2021-05-22 20:25 - 2021-05-22 20:25 - 000432274 _____ C:\Users\frity\Desktop\ZHPDiag.html 2021-05-22 20:18 - 2021-05-22 20:18 - 003469464 _____ (Nicolas Coolman) C:\Users\frity\Desktop\ZHPSuite(2).exe 2021-05-21 21:25 - 2021-05-21 21:25 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-05-21 21:25 - 2021-05-21 21:25 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-05-21 21:25 - 2021-05-21 21:25 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-05-21 21:25 - 2021-05-21 21:25 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2021-05-19 17:37 - 2021-05-19 17:37 - 000005521 _____ C:\Users\frity\Downloads\UN(E) OUVRIER(ERE) COLLABORATEUR (TRICE) NETTOYAGE (H_F_X) [HASTIERE].pdf 2021-05-16 15:21 - 2021-05-16 17:57 - 000001833 _____ C:\Users\frity\Desktop\ZHPFix.txt 2021-05-16 14:43 - 2021-05-16 14:43 - 003469464 _____ (Nicolas Coolman) C:\Users\frity\Downloads\ZHPSuite(1).exe.part 2021-05-16 14:43 - 2021-05-16 14:43 - 000000000 _____ C:\Users\frity\Downloads\ZHPSuite(1).exe 2021-05-16 14:42 - 2021-05-16 14:42 - 003469464 _____ (Nicolas Coolman) C:\Users\frity\Downloads\ZHPSuite.exe.part 2021-05-16 14:42 - 2021-05-16 14:42 - 000000000 _____ C:\Users\frity\Downloads\ZHPSuite.exe 2021-05-15 20:34 - 2021-05-15 20:34 - 000002706 _____ C:\Users\frity\Desktop\roguekillerfichiertexte.txt 2021-05-15 20:34 - 2021-05-15 20:26 - 000011528 _____ C:\Users\frity\Desktop\roguekillerfichierjson.txt 2021-05-15 20:29 - 2021-05-15 20:26 - 000011528 _____ C:\Users\frity\Desktop\roguekillerscan.txt 2021-05-15 20:06 - 2021-05-15 20:19 - 000000903 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2021-05-15 20:06 - 2021-05-15 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2021-05-15 20:05 - 2021-05-15 20:19 - 000000000 ____D C:\Program Files\RogueKiller 2021-05-15 20:05 - 2021-05-15 20:11 - 000000000 ____D C:\ProgramData\RogueKiller 2021-05-15 20:03 - 2021-05-15 20:03 - 040488656 _____ (Adlice Software ) C:\Users\frity\Desktop\RogueKiller_setup.exe 2021-05-15 17:03 - 2021-05-15 17:11 - 000031528 _____ C:\Users\frity\Desktop\Fixlog.txt 2021-05-15 16:57 - 2021-05-15 16:58 - 000000085 _____ C:\WINDOWS\wininit.ini 2021-05-15 12:25 - 2021-05-15 12:25 - 000031853 _____ C:\Users\frity\Desktop\Shortcut.txt 2021-05-15 12:24 - 2021-05-15 12:25 - 000047163 _____ C:\Users\frity\Desktop\Addition.txt 2021-05-15 12:20 - 2021-05-22 20:30 - 000033327 _____ C:\Users\frity\Desktop\FRST.txt 2021-05-15 12:19 - 2021-05-22 20:30 - 000000000 ____D C:\FRST 2021-05-15 12:18 - 2021-05-22 20:29 - 002299904 _____ (Farbar) C:\Users\frity\Desktop\FRST64.exe 2021-05-15 12:11 - 2021-05-22 20:25 - 000350965 _____ C:\Users\frity\Desktop\ZHPDiag.txt 2021-05-15 12:02 - 2021-05-22 20:25 - 000000000 ____D C:\Users\frity\AppData\Roaming\ZHP 2021-05-15 12:02 - 2021-05-22 20:19 - 000000869 _____ C:\Users\frity\Desktop\ZHPSuite.lnk 2021-05-15 12:02 - 2021-05-15 12:02 - 000000000 ____D C:\Users\frity\AppData\Local\ZHP 2021-05-15 11:56 - 2021-05-15 11:56 - 003469464 _____ (Nicolas Coolman) C:\Users\frity\Desktop\ZHPSuite.exe 2021-05-14 23:17 - 2021-05-14 23:17 - 008534696 _____ (Malwarebytes) C:\Users\frity\Downloads\adwcleaner_8.2.exe 2021-05-14 22:17 - 2021-05-14 22:17 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-14 18:14 - 2021-05-14 18:14 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-14 18:14 - 2021-05-14 18:14 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-14 18:14 - 2021-05-14 18:14 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-14 11:38 - 2021-05-14 11:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-05-14 11:38 - 2021-05-14 11:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-05-14 11:38 - 2021-05-14 11:38 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-14 11:38 - 2021-05-14 11:38 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-14 11:37 - 2021-05-14 11:37 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-05-14 11:37 - 2021-05-14 11:37 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-05-14 11:37 - 2021-05-14 11:37 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-05-14 11:37 - 2021-05-14 11:37 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-14 11:37 - 2021-05-14 11:37 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-14 11:37 - 2021-05-14 11:37 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-14 11:37 - 2021-05-14 11:37 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-14 11:37 - 2021-05-14 11:37 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-05-12 17:41 - 2021-05-12 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motion Time Lapser 2021-05-12 17:41 - 2021-05-12 17:42 - 000000000 ____D C:\Program Files (x86)\Motion Time Lapser 2021-05-09 16:17 - 2021-05-09 16:17 - 005040458 _____ C:\Users\frity\Downloads\y2mate.com - Gilbert OSullivan Alone Again original version_v144P.mp4 2021-05-09 14:50 - 2021-05-09 14:51 - 062734243 _____ C:\Users\frity\Downloads\y2mate.com - The Barberettes Kimchi Kkakdugi 바버렛츠 김치 깍두기 정오의 희망곡 김신영입니다 20160914_v720P.mp4 2021-05-09 14:48 - 2021-05-09 14:50 - 082226689 _____ C:\Users\frity\Downloads\y2mate.com - The Barberettes Tian Mi Mi 甜蜜蜜_v720P.mp4 2021-05-07 19:14 - 2021-05-07 19:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-05-07 19:14 - 2021-05-07 19:14 - 000000000 ____D C:\WINDOWS\Panther 2021-05-07 08:16 - 2021-05-07 08:16 - 026035362 _____ C:\Users\frity\Downloads\Vidéodiycolis-1.mkv600540.mkv 2021-05-07 07:29 - 2021-05-09 10:53 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-05-03 14:38 - 2021-05-03 14:55 - 864516838 _____ C:\Users\frity\Downloads\Cours de trafic accéléré pour blogueurs.wmv 2021-05-03 14:38 - 2021-05-03 14:38 - 001299706 _____ C:\Users\frity\Downloads\124 titres irrésistibles - redesigned.pdf 2021-05-03 10:50 - 2021-05-03 10:50 - 000151398 ____H C:\Users\frity\Documents\~WRL1550.tmp 2021-04-21 17:10 - 2021-04-21 17:10 - 000003597 _____ C:\Users\frity\Downloads\ANIMATEUR SPORTIF (H_F_X) [AYWAILLE].pdf 2021-04-16 20:58 - 2021-04-16 20:58 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-16 11:43 - 2021-04-16 11:43 - 000046506 _____ C:\Users\frity\Downloads\Attestation d'inscription ISTA Michel.pdf 2021-03-31 11:36 - 2021-03-31 11:36 - 000006026 _____ C:\Users\frity\Downloads\CONCEPTEUR-REDACTEUR SEO FR (COPYWRITER) (H_F) [SART-BERNARD](1).pdf 2021-03-31 11:32 - 2021-03-31 11:32 - 000004199 _____ C:\Users\frity\Downloads\ANIMATEUR SOCIO-CULTUREL (H_F_X) [FLORENNES].pdf 2021-03-26 12:48 - 2021-03-26 12:48 - 000006932 _____ C:\Users\frity\Downloads\AGENT TOURISTIQUE (H_F) [THEUX].pdf 2021-03-22 15:54 - 2021-03-22 15:54 - 000005020 _____ C:\Users\frity\Downloads\FORMATEUR FRANCAIS LANGUE ETRANGERE (H_F_X) [VISE].pdf 2021-03-22 15:16 - 2021-03-22 15:17 - 000004182 _____ C:\Users\frity\Downloads\EMPLOYE GESTION CAMPING (H_F_X) [HAN-SUR-LESSE].pdf 2021-03-17 14:30 - 2021-03-17 14:30 - 000008345 _____ C:\Users\frity\Downloads\Assistant(e) e-commerce de Wallonie Belgique Tourisme Asbl (H_F_X) [NAMUR].pdf 2021-03-17 13:07 - 2021-03-17 13:07 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-17 13:07 - 2021-03-17 13:07 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-17 13:07 - 2021-03-17 13:07 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-02-27 08:57 - 2021-02-27 08:57 - 000004541 _____ C:\Users\frity\Downloads\ANIMATEUR EN FERME PEDAGOGIQUE (H_F) [HAMOIS].pdf 2021-02-27 08:44 - 2021-02-27 08:44 - 000004148 _____ C:\Users\frity\Downloads\PERMANENT (H_F_X) [DINANT [ARRONDISSEMENT]].pdf 2021-02-27 08:37 - 2021-04-04 13:58 - 000000000 ____D C:\Users\frity\AppData\Local\ElevatedDiagnostics ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-05-22 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-22 14:44 - 2020-10-10 08:45 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3900341870-1763094227-1614825723-1001 2021-05-22 14:44 - 2020-10-10 08:36 - 000002409 _____ C:\Users\frity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-22 14:44 - 2018-07-04 13:03 - 000000000 ___RD C:\Users\frity\OneDrive 2021-05-22 14:37 - 2020-10-10 08:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-22 13:06 - 2020-06-04 04:01 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-22 13:06 - 2020-06-04 04:01 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-22 13:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-22 13:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-21 21:51 - 2019-04-28 17:37 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-21 21:50 - 2018-07-04 13:03 - 000000000 ____D C:\Users\frity\AppData\LocalLow\Mozilla 2021-05-21 21:32 - 2020-10-10 09:14 - 000500082 _____ C:\WINDOWS\system32\perfh012.dat 2021-05-21 21:32 - 2020-10-10 09:14 - 000133442 _____ C:\WINDOWS\system32\perfc012.dat 2021-05-21 21:32 - 2020-10-10 09:12 - 000442416 _____ C:\WINDOWS\system32\prfh0404.dat 2021-05-21 21:32 - 2020-10-10 09:12 - 000133900 _____ C:\WINDOWS\system32\prfc0404.dat 2021-05-21 21:32 - 2020-10-10 08:45 - 002955248 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-21 21:32 - 2019-12-07 16:49 - 000792946 _____ C:\WINDOWS\system32\perfh00C.dat 2021-05-21 21:32 - 2019-12-07 16:49 - 000150114 _____ C:\WINDOWS\system32\perfc00C.dat 2021-05-21 21:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-21 21:27 - 2020-10-10 08:45 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck 2021-05-21 21:26 - 2019-12-19 13:34 - 000000000 ____D C:\Users\frity\AppData\Roaming\WD Discovery 2021-05-21 21:26 - 2019-12-19 13:30 - 000000000 ____D C:\Users\frity\.wdc 2021-05-21 21:26 - 2019-04-28 21:35 - 000000000 ____D C:\Program Files\CCleaner 2021-05-21 21:25 - 2020-10-10 08:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-21 21:25 - 2020-10-10 08:35 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-21 21:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-05-21 21:25 - 2019-04-28 17:06 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-21 21:25 - 2018-07-04 13:01 - 000000000 __SHD C:\Users\frity\IntelGraphicsProfiles 2021-05-21 21:24 - 2020-10-10 08:36 - 000000000 ____D C:\Users\frity 2021-05-21 21:24 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-05-18 21:43 - 2019-05-04 14:57 - 000000000 ____D C:\Users\frity\AppData\Roaming\HandBrake 2021-05-17 13:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-15 17:11 - 2018-07-14 15:06 - 000000000 ____D C:\Users\frity\AppData\LocalLow\Temp 2021-05-15 16:58 - 2020-10-10 08:45 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-05-15 16:58 - 2019-04-30 12:57 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2021-05-15 16:58 - 2019-04-30 12:25 - 000000000 ____D C:\ProgramData\AVG 2021-05-15 16:58 - 2019-04-28 19:20 - 000000000 ____D C:\Users\frity\AppData\Roaming\Anki2 2021-05-15 16:57 - 2019-04-30 12:57 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2021-05-15 12:10 - 2019-04-28 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-15 12:00 - 2019-07-06 19:12 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-05-14 23:27 - 2020-10-10 08:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-05-14 22:16 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-14 22:16 - 2018-02-09 18:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-05-14 18:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-05-14 18:14 - 2019-04-28 22:12 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-14 18:14 - 2019-04-28 22:12 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-05-14 17:44 - 2019-12-08 10:39 - 129125376 ____H C:\Users\frity\Documents\~WRL1259.tmp 2021-05-14 16:50 - 2019-12-08 10:39 - 129118720 ____H C:\Users\frity\Documents\~WRL1067.tmp 2021-05-14 14:20 - 2020-10-10 08:35 - 000291168 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-14 14:20 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-14 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-14 11:40 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-05-14 11:25 - 2019-04-29 15:21 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-05-14 11:10 - 2019-04-29 15:21 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-13 21:36 - 2019-12-08 10:39 - 129290752 ____H C:\Users\frity\Documents\~WRL1205.tmp 2021-05-12 21:13 - 2019-05-08 19:49 - 000000000 ____D C:\Users\frity\AppData\Local\CrashDumps 2021-05-12 19:46 - 2019-12-08 10:39 - 129273856 ____H C:\Users\frity\Documents\~WRL0956.tmp 2021-05-11 16:50 - 2019-12-08 10:39 - 129094144 ____H C:\Users\frity\Documents\~WRL0575.tmp 2021-05-11 14:51 - 2019-12-08 10:39 - 129266688 ____H C:\Users\frity\Documents\~WRL3544.tmp 2021-05-11 11:47 - 2019-12-08 10:39 - 129084416 ____H C:\Users\frity\Documents\~WRL2188.tmp 2021-05-10 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration 2021-05-10 17:25 - 2019-12-08 10:39 - 129110016 ____H C:\Users\frity\Documents\~WRL0690.tmp 2021-05-09 10:53 - 2019-07-30 18:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-09 10:09 - 2019-12-08 10:39 - 129075200 ____H C:\Users\frity\Documents\~WRL2894.tmp 2021-05-08 19:01 - 2020-10-10 08:50 - 000003428 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69ed03f1f847a 2021-05-08 19:01 - 2020-10-10 08:45 - 000003622 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-05-08 19:01 - 2020-10-10 08:45 - 000003576 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-05-08 19:01 - 2020-10-10 08:45 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-05-08 19:01 - 2020-10-10 08:45 - 000003352 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-05-08 19:01 - 2020-10-10 08:45 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-05-07 19:14 - 2018-02-09 19:00 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-07 14:58 - 2021-01-22 14:57 - 000000000 ____D C:\Temp 2021-05-07 09:09 - 2019-12-08 10:39 - 129229312 ____H C:\Users\frity\Documents\~WRL2344.tmp 2021-05-06 17:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-04 18:06 - 2018-08-04 11:42 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-05-04 07:04 - 2019-04-29 14:12 - 000000000 ____D C:\Users\frity\AppData\Local\D3DSCache 2021-05-03 14:43 - 2019-06-07 10:26 - 000000000 ____D C:\Users\frity\AppData\Roaming\vlc 2021-05-01 19:47 - 2019-12-08 10:39 - 129007616 ____H C:\Users\frity\Documents\~WRL3002.tmp ==================== SigCheckExt ========================= 2019-12-19 13:35 - 2017-11-10 13:51 - 000002560 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectevtmsg.dll 2019-12-19 13:35 - 2017-11-10 13:51 - 000180224 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll 2019-12-19 13:35 - 2017-11-10 13:51 - 000118272 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectNetRdr2017.dll 2019-12-19 13:35 - 2017-11-10 13:51 - 000154112 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll 2019-12-19 13:35 - 2017-11-10 13:51 - 000223744 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\SysWOW64\wdfsconnectNetRdr2017.dll 2021-05-15 12:18 - 2021-05-22 20:29 - 002299904 _____ (Farbar) C:\Users\frity\Desktop\FRST64.exe 2021-05-22 20:18 - 2021-05-22 20:18 - 003469464 _____ (Nicolas Coolman) C:\Users\frity\Desktop\ZHPSuite(2).exe 2021-05-15 11:56 - 2021-05-15 11:56 - 003469464 _____ (Nicolas Coolman) C:\Users\frity\Desktop\ZHPSuite.exe 2019-11-10 13:16 - 2019-11-10 13:18 - 042548424 _____ (DownloadHelper ) C:\Users\frity\Downloads\VdhCoAppSetup-1.3.0(1).exe 2019-10-13 05:48 - 2019-10-13 05:49 - 042548424 _____ (DownloadHelper ) C:\Users\frity\Downloads\VdhCoAppSetup-1.3.0.exe 2021-05-16 14:43 - 2021-05-16 14:43 - 000000000 _____ C:\Users\frity\Downloads\ZHPSuite(1).exe 2021-05-16 14:42 - 2021-05-16 14:42 - 000000000 _____ C:\Users\frity\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {8830b6c6-0db6-11e8-8ae7-806e6f6e6963} {8830b6c7-0db6-11e8-8ae7-806e6f6e6963} {8830b6c8-0db6-11e8-8ae7-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {11ffe905-0acb-11eb-b1d1-df8f0d52a9c9} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {6fa97142-e41e-11e9-8b29-806e6f6e6963} description Network Boot-IPV4: 98-28-A6-04-41-9D Application logicielle (101fffff) -------------------------------- identificateur {6fa97143-e41e-11e9-8b29-806e6f6e6963} description Network Boot-IPV6: 98-28-A6-04-41-9D Application logicielle (101fffff) -------------------------------- identificateur {8830b6c6-0db6-11e8-8ae7-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {8830b6c7-0db6-11e8-8ae7-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {8830b6c8-0db6-11e8-8ae7-806e6f6e6963} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {11ffe907-0acb-11eb-b1d1-df8f0d52a9c9} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {11ffe905-0acb-11eb-b1d1-df8f0d52a9c9} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {11ffe907-0acb-11eb-b1d1-df8f0d52a9c9} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{11ffe908-0acb-11eb-b1d1-df8f0d52a9c9} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{11ffe908-0acb-11eb-b1d1-df8f0d52a9c9} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {11ffe905-0acb-11eb-b1d1-df8f0d52a9c9} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {11ffe907-0acb-11eb-b1d1-df8f0d52a9c9} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {11ffe908-0acb-11eb-b1d1-df8f0d52a9c9} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================