Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-07-2013 01 (ATTENTION: FRST version is 3169 days old) Ran by Système on 14-03-2022 01:46:37 Running from Y:\Programs\FRST WIN_7 Service Pack 1 (X86) OS Language: French Standard Boot Mode: Recovery Attention: Could not load system hive. L'op‚ration a r‚ussi. ==================== Registry (Whitelisted) ================== HKLM\...\Winlogon: [Userinit] HKLM\...\Winlogon: [Shell] [x ] () <=== ATTENTION HKU\asus\...\Run: [Chromium] - "c:\users\asus\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [ 2017-10-07] (The Chromium Authors) HKU\asus\...\Run: [Google Update] - "C:\Users\asus\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe" [x] HKU\asus\...\Run: [com.squirrel.Teams.Teams] - C:\Users\asus\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" [x] HKU\asus\...\Run: [BatteryCare] - C:\Program Files (x86)\BatteryCare\BatteryCare.exe [ 2021-07-12] (Filipe Lourenço) HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation) Startup: C:\ProgramData\Start Menu\Programs\Startup\WDDMStatus.lnk ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC) Startup: C:\ProgramData\Start Menu\Programs\Startup\WDSmartWare.lnk ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (No File) ========================== Services (Whitelisted) ================= ==================== Drivers (Whitelisted) ==================== ========================== Drivers MD5 ======================= ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2022-03-11 22:46 - 2022-03-11 23:43 - 00000000 ____D C:\Users\asus\Downloads\d6wn36ad fa5t 2022-03-06 18:23 - 2022-03-07 00:39 - 00000000 ____D C:\Users\asus\Téléchargements 62 2022-02-27 14:28 - 2009-07-29 07:03 - 00028672 ____A C:\Windows\System32\config\BCD-Template 2022-02-27 14:28 - 2009-07-29 07:03 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG 2022-02-27 14:27 - 2009-07-14 03:34 - 00000000 ____D C:\Windows\System32\config\Journal 2022-02-27 12:27 - 2022-03-14 01:46 - 00000000 ____D C:\FRST 2022-02-15 17:40 - 2022-02-15 17:40 - 00005278 ____A C:\Windows\AsRecoveryHD.log 2022-02-15 17:40 - 2022-02-15 17:39 - 00047777 ____A C:\Windows\AsFac.log 2022-02-15 09:36 - 2010-11-20 14:28 - 01731936 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll ==================== One Month Modified Files and Folders ======= 2022-03-14 01:46 - 2022-02-27 12:27 - 00000000 ____D C:\FRST 2022-03-11 23:43 - 2022-03-11 22:46 - 00000000 ____D C:\Users\asus\Downloads\d6wn36ad fa5t 2022-03-07 02:30 - 2015-06-30 16:25 - 00000000 ____D C:\Users\asus\Desktop\Nouveau dossier 2015 2022-03-07 01:22 - 2012-05-15 20:13 - 00000000 ____D C:\users\asus 2022-03-07 00:39 - 2022-03-06 18:23 - 00000000 ____D C:\Users\asus\Téléchargements 62 2022-03-03 19:02 - 2018-07-23 14:10 - 00000760 ____A C:\Users\asus\Desktop\APPLICATIONS sur D.lnk 2022-02-28 17:28 - 2015-04-15 16:37 - 00000000 ____D C:\Users\asus\Documents\ASUS 2022-02-28 16:58 - 2019-03-31 03:16 - 00000000 ____D C:\Users\asus\Desktop\CNED 2022-02-15 17:40 - 2022-02-15 17:40 - 00005278 ____A C:\Windows\AsRecoveryHD.log 2022-02-15 17:40 - 2009-07-29 06:20 - 00000000 ____D C:\Windows\Log 2022-02-15 17:39 - 2022-02-15 17:40 - 00047777 ____A C:\Windows\AsFac.log Files to move or delete: ==================== C:\ProgramData\FullRemove.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2011-10-19 03:54] - [2011-10-19 03:54] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3 C:\Windows\System32\winlogon.exe [2011-02-18 20:49] - [2010-11-20 14:25] - 0390656 ____A (Microsoft Corporation) 1151B1BAA6F350B1DB6598E0FEA7C457 C:\Windows\System32\wininit.exe [2009-07-14 00:52] - [2009-07-14 02:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA C:\Windows\System32\svchost.exe [2009-07-14 00:31] - [2009-07-14 02:39] - 0027136 ____A (Microsoft Corporation) C78655BC80301D76ED4FEF1C1EA40A7D C:\Windows\System32\services.exe [2009-07-14 00:19] - [2009-07-14 02:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\User32.dll [2011-02-18 20:49] - [2010-11-20 14:27] - 1008128 ____A (Microsoft Corporation) FE70103391A64039A921DBFFF9C7AB1B C:\Windows\System32\userinit.exe [2011-02-18 20:49] - [2010-11-20 14:25] - 0030720 ____A (Microsoft Corporation) BAFE84E637BF7388C96EF48D4D3FDD53 C:\Windows\System32\Drivers\volsnap.sys [2011-10-19 03:34] - [2011-10-19 03:34] - 0296320 ____A (Microsoft Corporation) DF8126BD41180351A093A3AD2FC8903B ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: <===== ATTENTION! HKLM\...\exefile\DefaultIcon: <===== ATTENTION! HKLM\...\exefile\open\command: <===== ATTENTION! ==================== Restore Points ========================= ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=C: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {default} resumeobject {8cb2d9b0-7c05-11de-842e-b4611d44fefa} displayorder {default} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {default} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} recoverysequence {8cb2d9b4-7c05-11de-842e-b4611d44fefa} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {8cb2d9b0-7c05-11de-842e-b4611d44fefa} nx OptIn Chargeur de d‚marrage Windows ----------------------------- identificateur {8cb2d9b4-7c05-11de-842e-b4611d44fefa} device ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa} systemroot \windows nx OptIn winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {8cb2d9b0-7c05-11de-842e-b4611d44fefa} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=C: path \boot\memtest.exe description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems Yes ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {8cb2d9b5-7c05-11de-842e-b4611d44fefa} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi ==================== Memory info =========================== Percentage of memory in use: 20% Total physical RAM: 2682.79 MB Available physical RAM: 2130.62 MB Total Pagefile: 2681.08 MB Available Pagefile: 2142.58 MB Total Virtual: 2047.88 MB Available Virtual: 1947.62 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:196.29 GB) (Free:60.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (DATA) (Fixed) (Total:244.47 GB) (Free:70.94 GB) NTFS Drive f: (Wi-Fi Modem) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS Drive x: (Boot) (Fixed) (Total:0.23 GB) (Free:0.22 GB) NTFS Drive y: (Win7PESE) (Removable) (Total:14.46 GB) (Free:13.79 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5BE4A3F9) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=196 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=244 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 14 GB) (Disk ID: 28381B48) Partition 1: (Active) - (Size=14 GB) - (Type=07 NTFS) ==================== End Of Log ============================