cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Exécuté par GUERRA Dominique (administrateur) sur I (Acer Aspire XC-704) (28-04-2021 12:34:14)
Exécuté depuis C:\Users\GUERRA Dominique\Desktop
Profils chargés: GUERRA Dominique
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Mozilla Corporation -> Mozilla Corporation) C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox\firefox.exe <6>

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2019-09-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [Chromium] => "c:\users\guerra dominique\appdata\local\chromium\application\chrome.exe" --profile-directory="Default" --auto-launch-at-startup --restore-last-session
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {37DCD910-EDE1-4ABB-8156-0D4E51B958D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43F85E31-5615-4393-A378-AAE57B0ED251} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {488F9A4D-93A2-4560-B6B8-8AADA85D9F53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C451E38-01B7-47DF-B57E-3FF5D01DF759} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9401F07F2637B987 => C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {804865BE-43EF-4FE1-8788-1524FA01C798} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {854C5F00-02FE-4EBC-8386-D213B8E3203F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {948055BF-F228-44BD-A9C2-72F3A8CD1D18} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {CD4009CC-4D25-4781-A7E5-9B6DE670DA64} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {ECB91497-DAA4-464B-8038-3608F08B7547} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {EDD83229-4CBB-4E4D-908B-4A95FE00763E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0830f34f-c121-458b-867c-4286026e04c8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8142e943-ba33-482b-a08e-a6827f1e0c3c}: [DhcpNameServer] 10.1.93.93 10.1.93.52

Edge:
=======
DownloadDir: C:\Users\GUERRA Dominique\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxp://google.fr/
Edge Notifications: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://www.phonandroid.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\GUERRA Dominique\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-28]
Edge HomePage: Default -> hxxp://acer15.msn.com/?pc=ACTE
Edge StartupUrls: Default -> "hxxps://www.echosdunet.net/dossiers/promotions-operateurs","hxxps://www.msn.com/fr-fr/?cobrand=acer15.msn.com&ocid=ACERDHP15&pc=ACTE"
Edge Profile: C:\Users\GUERRA Dominique\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-04-28]

FireFox:
========
FF DefaultProfile: xdtly1f1.default
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\fsjiahjz.default-release [2021-04-28]
FF Homepage: Mozilla\Firefox\Profiles\fsjiahjz.default-release -> google.fr
FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\fsjiahjz.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-04-25]
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\qmkc74db.default-esr-1619373787666 [2021-04-28]
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default [2021-04-21]
FF Extension: (العربية Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ar@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Български Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-bg@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Dansk (da) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-da@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Ελληνικά Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-el@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (English (US) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Español (España) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Estonian Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-et@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Finnish Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-fi@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Français Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-he@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-hu@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-it@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Japanese Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ja@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Korean (KR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ko@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Lietuvių Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-lt@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Norsk bokmål (NO) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-nb-NO@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Polski Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Português (pt-BR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Português (Europeu) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-pt-PT@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Russian (RU) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-ru@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sl@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (српски (sr) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sr@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (ไทย Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-th@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Türkçe (TR) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Ukrainian (UA) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-uk@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-zh-CN@firefox.mozilla.org.xpi [2019-09-27]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2019-09-27]
FF SearchPlugin: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\xdtly1f1.default\searchplugins\Yahoo powered search.xml [2020-05-04]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)

Chrome:
=======
CHR Profile: C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default [2021-04-21]
CHR Extension: (Slides) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-19]
CHR Extension: (Docs) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-19]
CHR Extension: (Google Drive) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Sheets) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-17]
CHR Extension: (Ocean) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2021-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\GUERRA Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-17]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860248 2015-09-30] (Acer Incorporated -> Acer Incorporated)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-12] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-25] (Malwarebytes Inc -> Malwarebytes)
R3 MpKslaa0c687c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4DADE3D6-E277-4C01-998E-A9AE1BE7CDDD}\MpKslDrv.sys [47336 2021-04-28] (Microsoft Windows -> Microsoft Corporation)
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-28 12:34 - 2021-04-28 12:36 - 000019869 _____ C:\Users\GUERRA Dominique\Desktop\FRST.txt
2021-04-28 12:32 - 2021-04-28 12:32 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\FRST-OlderVersion
2021-04-28 12:26 - 2021-04-28 12:26 - 000314614 _____ C:\Users\GUERRA Dominique\Desktop\ZHPDiag.html
2021-04-28 12:26 - 2021-04-28 12:26 - 000254844 _____ C:\Users\GUERRA Dominique\Desktop\ZHPDiag.txt
2021-04-28 12:13 - 2021-04-28 12:32 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe
2021-04-28 12:13 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe
2021-04-28 12:06 - 2021-04-28 12:06 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-27 11:43 - 2021-04-27 11:46 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\équipe copie
2021-04-25 22:27 - 2021-04-28 12:15 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Mozilla Firefox
2021-04-25 20:05 - 2021-04-25 20:06 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-04-25 20:05 - 2021-04-25 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-04-25 20:04 - 2021-04-25 20:04 - 004707136 _____ (Crystal Dew World ) C:\Users\GUERRA Dominique\Downloads\CrystalDiskInfo8_11_2.exe
2021-04-25 17:10 - 2021-04-25 21:51 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\dimanche 24 04 21
2021-04-25 16:36 - 2021-04-25 16:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-25 16:36 - 2020-07-31 15:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-25 16:16 - 2021-04-25 16:16 - 002078632 _____ (Malwarebytes) C:\Users\GUERRA Dominique\Downloads\MBSetup.exe
2021-04-25 16:13 - 2021-04-25 16:17 - 000000000 ____D C:\AdwCleaner
2021-04-25 16:12 - 2021-04-25 16:12 - 008534696 _____ (Malwarebytes) C:\Users\GUERRA Dominique\Downloads\adwcleaner_8.2.exe
2021-04-25 13:31 - 2021-04-25 13:31 - 003326616 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner(1).exe
2021-04-25 13:24 - 2021-04-25 13:24 - 001003878 _____ C:\Users\GUERRA Dominique\Downloads\Wub.zip
2021-04-25 13:24 - 2021-04-25 13:24 - 001003878 _____ C:\Users\GUERRA Dominique\Downloads\Wub(1).zip
2021-04-24 19:03 - 2021-04-28 12:35 - 000000000 ____D C:\FRST
2021-04-24 19:02 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Downloads\FRST64.exe
2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPSuite.exe
2021-04-22 11:24 - 2021-04-25 16:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-21 17:39 - 2021-04-21 17:39 - 000000784 _____ C:\Users\GUERRA Dominique\Desktop\Bureau - Raccourci.lnk
2021-04-21 13:08 - 2021-04-28 12:05 - 077332480 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-21 12:56 - 2021-04-21 13:07 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-21 11:50 - 2021-04-28 12:08 - 000000000 ____D C:\Program Files\CCleaner
2021-04-21 11:50 - 2021-04-21 11:51 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-21 11:50 - 2021-04-21 11:50 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-04-21 11:50 - 2021-04-21 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-04-21 11:48 - 2021-04-21 11:48 - 031273232 _____ (Piriform Software Ltd) C:\Users\GUERRA Dominique\Downloads\ccsetup578.exe
2021-04-21 09:48 - 2021-04-21 09:48 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\clear.fi
2021-04-20 17:30 - 2021-04-20 17:30 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe
2021-04-20 17:27 - 2021-04-20 17:27 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\zhpcleaner_2021-4-11-290_fr_433513.exe
2021-04-20 16:51 - 2021-04-20 16:51 - 003274392 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe
2021-04-18 11:42 - 2021-04-18 11:42 - 000000000 ___RD C:\Users\GUERRA Dominique\Documents\Scanned Documents
2021-04-16 16:23 - 2021-04-16 16:23 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 16:22 - 2021-04-16 16:22 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 16:22 - 2021-04-16 16:22 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-04 21:48 - 2021-04-04 21:48 - 000001195 _____ C:\Users\GUERRA Dominique\Desktop\CameraRoll - Raccourci (2).lnk
2021-04-04 21:48 - 2021-04-04 21:48 - 000001177 _____ C:\Users\GUERRA Dominique\Desktop\Images - Raccourci.lnk
2021-04-04 17:11 - 2021-04-04 17:32 - 000000000 ____D C:\ryvieraz.o.com
2021-04-03 15:27 - 2021-04-03 15:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-04-03 15:26 - 2021-04-03 15:26 - 000000000 ____D C:\ProgramData\Apple
2021-04-03 11:24 - 2021-04-25 22:29 - 000001317 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-03 11:16 - 2021-04-03 11:16 - 000000000 ____D C:\Users\Public\File Viewer Plus
2021-03-27 14:38 - 2021-04-25 22:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-24 16:51 - 2021-03-24 16:51 - 000001017 _____ C:\Users\GUERRA Dominique\Desktop\Vidéos - Raccourci (2).lnk
2021-03-24 16:42 - 2021-03-24 16:42 - 000001195 _____ C:\Users\GUERRA Dominique\Desktop\CameraRoll - Raccourci.lnk
2021-03-19 16:43 - 2021-03-19 16:43 - 000000738 _____ C:\Users\GUERRA Dominique\GUERRA Dominique.lnk
2021-03-17 16:41 - 2021-03-17 16:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-17 16:41 - 2021-03-17 16:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-17 16:40 - 2021-03-17 16:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-17 16:39 - 2021-03-17 16:39 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-17 16:39 - 2021-03-17 16:39 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-17 16:38 - 2021-03-17 16:38 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-17 16:37 - 2021-03-17 16:37 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-17 16:36 - 2021-03-17 16:36 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe
2021-02-19 17:05 - 2021-02-19 17:05 - 000000969 _____ C:\Users\GUERRA Dominique\Desktop\DMC-FZ200 - Raccourci.lnk
2021-02-12 21:00 - 2021-02-12 21:00 - 000000809 _____ C:\Users\GUERRA Dominique\Desktop\Images - Raccourci (2).lnk
2021-02-12 17:46 - 2021-04-20 16:52 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ZHP

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-28 12:27 - 2015-07-16 06:20 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-28 12:26 - 2020-05-14 18:41 - 000000135 _____ C:\Users\GUERRA
2021-04-28 12:26 - 2020-05-13 18:08 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\ZHP
2021-04-28 12:26 - 2019-06-16 23:35 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Mozilla
2021-04-28 12:10 - 2020-11-13 22:06 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-28 12:10 - 2019-12-07 16:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-28 12:10 - 2019-12-07 16:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-28 12:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-28 12:08 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-28 12:06 - 2020-11-13 22:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-28 12:06 - 2020-11-13 21:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-28 12:05 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-28 12:00 - 2019-09-27 12:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-28 12:00 - 2018-04-30 17:27 - 000000000 __SHD C:\Users\GUERRA Dominique\IntelGraphicsProfiles
2021-04-28 11:51 - 2020-11-13 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-28 11:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-28 11:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-28 11:09 - 2020-06-27 11:39 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-26 17:45 - 2020-11-30 15:43 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b9f8ac1729f
2021-04-26 17:45 - 2020-11-13 22:20 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 22:02 - 2020-04-25 18:14 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CrashDumps
2021-04-25 17:32 - 2019-09-27 12:45 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Packages
2021-04-25 16:36 - 2020-05-18 21:16 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-25 16:36 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-25 13:27 - 2019-10-01 20:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-25 13:25 - 2019-09-27 12:42 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-04-25 13:22 - 2018-04-30 17:32 - 000000000 ___RD C:\Users\GUERRA Dominique\OneDrive
2021-04-24 17:30 - 2020-11-13 22:20 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4178424111-3086846748-1683071943-1001
2021-04-24 17:29 - 2020-11-13 21:55 - 000002445 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-22 11:28 - 2019-10-01 20:42 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-21 17:37 - 2019-10-02 08:21 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\vlc
2021-04-21 13:48 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-04-21 12:14 - 2020-11-04 17:25 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-21 12:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-20 17:50 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files (x86)\Acer
2021-04-20 17:48 - 2015-07-16 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2021-04-20 17:46 - 2020-06-19 23:26 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-18 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-17 17:59 - 2019-09-27 12:57 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\PlaceholderTileLogoFolder
2021-04-17 11:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 15:38 - 2019-09-28 18:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 15:32 - 2019-09-28 18:51 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 10:55 - 2019-09-27 12:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-09 17:05 - 2020-11-13 21:49 - 000472408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-09 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-05 11:45 - 2020-02-09 23:57 - 000000000 ____D C:\Users\GUERRA Dominique\Documents\Fax
2021-04-04 21:21 - 2020-03-21 18:05 - 000000000 ___RD C:\Bureau
2021-04-04 17:16 - 2020-11-13 21:53 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-03 18:01 - 2019-02-20 16:26 - 000000000 ___RD C:\Users\GUERRA Dominique\3D Objects
2021-04-03 11:22 - 2019-09-27 13:03 - 000000000 ____D C:\ProgramData\Packages
2021-04-02 21:07 - 2019-10-02 08:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Fichiers à la racine de certains dossiers ========

2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe
2020-05-04 17:06 - 2020-05-13 18:47 - 000000034 _____ () C:\Users\GUERRA Dominique\AppData\Roaming\WB.CFG

==================== SigCheckExt =========================

2015-07-15 11:53 - 2015-07-10 04:42 - 000183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4248.dll
2015-05-22 02:00 - 2015-05-22 02:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2021-02-21 15:20 - 2021-02-21 15:20 - 003336328 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\ZHPCleaner.exe
2021-04-28 12:13 - 2021-04-28 12:32 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe
2021-04-28 12:13 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPSuite.exe
2021-04-24 19:02 - 2021-04-24 19:03 - 002298368 _____ (Farbar) C:\Users\GUERRA Dominique\Downloads\FRST64.exe
2021-04-25 13:31 - 2021-04-25 13:31 - 003326616 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner(1).exe
2021-04-20 17:30 - 2021-04-20 17:30 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe
2021-04-20 17:27 - 2021-04-20 17:27 - 003326104 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\zhpcleaner_2021-4-11-290_fr_433513.exe
2021-04-20 16:51 - 2021-04-20 16:51 - 003274392 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe
2021-04-24 18:42 - 2021-04-24 18:42 - 003468440 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPSuite.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {a8dde2c4-69dc-11ea-9bff-98eecb276384}
{bootmgr}
timeout 6

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {9f04dc44-25f1-11eb-8a67-a344b920e803}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Application logicielle (101fffff)
--------------------------------
identificateur {a8dde2c4-69dc-11ea-9bff-98eecb276384}
description USB Entry for Windows To Go

Chargeur de d‚marrage Windows
-----------------------------
identificateur {476372ea-dd62-11e5-baa4-98eecb276384}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{476372eb-dd62-11e5-baa4-98eecb276384}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{476372eb-dd62-11e5-baa4-98eecb276384}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {9f04dc46-25f1-11eb-8a67-a344b920e803}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9f04dc44-25f1-11eb-8a67-a344b920e803}
nx OptIn
bootmenupolicy Standard

Chargeur de d‚marrage Windows
-----------------------------
identificateur {9f04dc46-25f1-11eb-8a67-a344b920e803}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f04dc47-25f1-11eb-8a67-a344b920e803}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f04dc47-25f1-11eb-8a67-a344b920e803}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {9f04dc44-25f1-11eb-8a67-a344b920e803}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {9f04dc46-25f1-11eb-8a67-a344b920e803}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {9f04dc47-25f1-11eb-8a67-a344b920e803}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité