Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2021
Exécuté par Annie (administrateur) sur JULIEN (Acer Aspire E5-531) (24-11-2021 21:04:57)
Exécuté depuis C:\Users\Julien\Desktop
Profils chargés: Annie
Plate-forme: Microsoft Windows 8.1 avec Bing (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Pokki, Inc. -> Pokki) C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9298344 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\RunOnce: [Application Restart #2] => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki)
HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\RunOnce: [Application Restart #1] => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0BFC0D29-2083-4F58-8E36-FE36DF8F0C09} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-09] (Acer Incorporated -> Acer Incorporated)
Task: {111923D8-967D-41B8-9B7C-7DD553F935C1} - System32\Tasks\SweetLabs App Platform => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10650856 2020-12-04] (Pokki, Inc. -> Pokki)
Task: {1145C80A-F9A8-4310-8C35-73275753F8DD} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {13EF9B73-C60B-4411-BB59-2642AF8C8022} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {315F6BDE-34C2-4655-A975-07042F0ADE6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {61B50B6E-FA92-4383-AD32-9E2C3762F820} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-10-17] (Acer Incorporated -> Acer Incorporate)
Task: {6CD614B5-C5EB-4888-916B-C40EC76D52B7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {880B6D11-F56C-4591-8856-7958090B86EB} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.)
Task: {91E6ED2C-1C7C-412C-A1F8-755312F03727} - System32\Tasks\CCleanerSkipUAC - Annie => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93B3E066-B204-4FF9-B5CD-4C94B9D8DD7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [141529560 2021-11-22] (Microsoft Windows -> Microsoft Corporation)
Task: {A5D91687-08E6-4A58-9E94-453FC44EEE8E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232 2014-07-22] (Acer Incorporated -> Acer Incorporated)
Task: {A6E10883-F4A2-4825-8369-F262C7A8E81A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728 2014-08-29] (Acer Incorporated -> )
Task: {AE8961CF-2747-457A-B6CB-D1B0043B7F09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF82AA5B-67F4-4F89-B752-4AEA1BF0158D} - System32\Tasks\{95242395-C9B7-46AD-8D9F-86D04E1890D7} => "c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.7.0.103/fr/abandoninstall?source=lightinstaller&page=tsMain hxxp://ui.skype.com/ui/0/7.7.0.103/fr/abandoninstall?source=lightinstaller&page=tsMain (Pas de fichier)
Task: {B1AA6429-69DE-4D3C-9C4D-5DDD7B2A91ED} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-10-17] (Acer Incorporated -> Acer Incorporate)
Task: {BEBF53A4-B42F-40FD-94CC-775B2F1EC91B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608 2014-08-29] (Acer Incorporated -> )
Task: {CA65B110-E98D-4490-9A25-2356FCEEF437} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-06-17] (Acer Incorporated -> Acer Incorporated)
Task: {CE20CB51-2A49-4046-AEA9-E8BF8B1D701D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F8E1E7-A791-42B9-AD9A-A9AC9129454F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F754F9F3-C560-4EAB-B050-43EB39EDA3B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {FA050F75-5DC3-497C-88E6-1AA37834DD40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {FBEAE1D2-7746-47E1-BFD8-4C4274E877B6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2014-12-30] (Acer Incorporated -> Acer Incorporate)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D0F50B35-A1A1-4B3B-8323-6448A2F481DD}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Julien\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-08]
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR Profile: C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default [2021-11-24]
CHR HomePage: Default -> hxxp://xn--connexion%20%20chrome-yzb/
CHR NewTab: Default -> Not-active:"chrome-extension://foaoaiinkbjpminknkedhgimdfkjekie/ntp1.html"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E211FR662G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Pas de nom) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-11-04]
CHR Extension: (FromDocToPDF) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\foaoaiinkbjpminknkedhgimdfkjekie [2021-05-01]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-21]
CHR Extension: (Ask Web Search) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapkhkcjeoklmeklalckjempdbgbagai [2021-05-03]
CHR Extension: (Skype) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-01-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated -> Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporated -> Acer Incorporate)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [10508032 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporated -> Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporated -> Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 21:04 - 2021-11-24 21:08 - 000018566 _____ C:\Users\Julien\Desktop\FRST.txt
2021-11-24 21:04 - 2021-11-24 21:04 - 000262306 _____ C:\Users\Julien\Desktop\ZHPDiag.txt
2021-11-24 21:04 - 2021-11-24 21:04 - 000000000 ____D C:\Users\Julien\Desktop\FRST-OlderVersion
2021-11-24 20:20 - 2021-11-24 20:54 - 000000000 ___HD C:\$WINDOWS.~BT
2021-11-24 20:17 - 2021-11-24 20:17 - 000000000 ___HD C:\$Windows.~WS
2021-11-23 22:27 - 2021-11-24 21:07 - 000000000 ____D C:\FRST
2021-11-23 22:26 - 2021-11-24 21:04 - 002311680 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe
2021-11-23 22:09 - 2021-11-24 21:04 - 000000000 ____D C:\Users\Julien\AppData\Roaming\ZHP
2021-11-23 22:09 - 2021-11-23 22:09 - 000000869 _____ C:\Users\Julien\Desktop\ZHPSuite.lnk
2021-11-23 22:09 - 2021-11-23 22:09 - 000000000 ____D C:\Users\Julien\AppData\Local\ZHP
2021-11-23 22:08 - 2021-11-23 22:16 - 003477656 _____ (Nicolas Coolman) C:\Users\Julien\Desktop\ZHPSuite.exe
2021-11-23 20:11 - 2021-11-23 20:11 - 000000000 ____D C:\Users\Julien\Desktop\Nouveau dossier
2021-11-23 18:56 - 2021-11-23 18:56 - 000001970 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk
2021-11-23 18:56 - 2021-11-23 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2021-11-23 18:56 - 2021-11-23 18:56 - 000000000 ____D C:\Program Files\Macrium
2021-11-23 18:51 - 2021-11-23 18:58 - 000000000 ____D C:\ProgramData\Macrium
2021-11-23 18:51 - 2021-11-23 18:51 - 005603328 _____ (Paramount Software UK Ltd) C:\Users\Julien\Downloads\ReflectDLHF.exe
2021-11-23 09:41 - 2021-11-24 20:55 - 000001908 _____ C:\Windows\diagwrn.xml
2021-11-23 09:41 - 2021-11-24 20:55 - 000001908 _____ C:\Windows\diagerr.xml
2021-11-22 22:34 - 2021-11-24 20:20 - 000000000 ____D C:\ESD
2021-11-22 16:36 - 2021-11-22 16:36 - 000128704 _____ C:\Users\Julien\AppData\Local\GDIPFONTCACHEV1.DAT
2021-11-22 16:35 - 2021-11-22 16:35 - 000000000 ____D C:\Users\Julien\Desktop\pdf pour cours
2021-11-08 16:46 - 2021-11-24 19:21 - 000000000 ____D C:\Program Files\CCleaner
2021-11-08 16:46 - 2021-11-08 16:46 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-11-08 16:46 - 2021-11-08 16:46 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Annie
2021-11-08 16:46 - 2021-11-08 16:46 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-08 16:46 - 2021-11-08 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-08 16:42 - 2021-11-08 16:42 - 036235064 _____ (Piriform Software Ltd) C:\Users\Julien\Downloads\ccsetup586 (1).exe
2021-11-08 16:39 - 2021-11-08 16:39 - 036235064 _____ (Piriform Software Ltd) C:\Users\Julien\Downloads\ccsetup586.exe
2021-10-24 10:40 - 2021-10-24 10:40 - 000107606 _____ C:\Users\Julien\Downloads\AttestationIndemnitesJournalieres (4).pdf
2021-10-24 10:40 - 2021-10-24 10:40 - 000107606 _____ C:\Users\Julien\Downloads\AttestationIndemnitesJournalieres (3).pdf
2021-10-24 10:37 - 2021-10-24 10:37 - 000160813 _____ C:\Users\Julien\Downloads\cgs.pdf
2021-10-22 08:54 - 2021-10-22 08:54 - 000048735 _____ C:\Users\Julien\Downloads\AttestationDroits.pdf
2021-10-20 10:33 - 2021-09-21 06:53 - 000019720 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys
2021-10-20 10:13 - 2021-10-20 10:13 - 000012131 _____ C:\Users\Julien\Downloads\PaiementTiers12102021.pdf
2021-10-12 09:16 - 2021-10-12 09:16 - 002379420 _____ C:\Users\Julien\Downloads\FW__suite_téléconsultation.zip
2021-09-02 16:27 - 2021-09-02 16:27 - 000049864 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\PSVolAcc.sys
2021-08-27 14:44 - 2021-08-27 14:44 - 000445344 _____ C:\Users\Julien\Downloads\27082021_COMMANDE_C737E722926O59013.pdf
2021-08-27 14:37 - 2021-08-27 14:37 - 000445118 _____ C:\Users\Julien\Downloads\27082021_COMMANDE_C736E722926O59013.pdf
2021-08-27 14:17 - 2021-07-13 07:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-27 14:17 - 2021-07-13 07:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 20:36 - 2014-08-29 14:05 - 000000000 ____D C:\Windows\Panther
2021-11-24 20:27 - 2020-01-20 18:17 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-24 20:22 - 2014-12-05 16:20 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2021-11-24 20:22 - 2014-12-05 16:20 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2021-11-24 20:22 - 2014-03-18 10:47 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-24 20:22 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2021-11-24 20:00 - 2015-10-16 18:25 - 000000000 ____D C:\Users\Julien\AppData\Local\CrashDumps
2021-11-24 19:20 - 2018-01-04 19:25 - 000000000 ___RD C:\Users\Julien\OneDrive
2021-11-24 19:18 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-24 19:17 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-11-24 17:54 - 2015-08-03 19:39 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2390315509-1084197287-1402993408-1001
2021-11-24 17:39 - 2014-08-29 13:48 - 000000000 ____D C:\ProgramData\McAfee
2021-11-24 17:36 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-11-24 17:36 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2021-11-24 14:34 - 2021-05-03 14:09 - 000098304 ___SH C:\Users\Julien\Desktop\Thumbs.db
2021-11-24 10:32 - 2015-08-03 19:30 - 000000000 ____D C:\Users\Julien\AppData\Local\SweetLabs App Platform
2021-11-23 11:44 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe
2021-11-22 22:17 - 2013-08-22 15:44 - 000493784 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-22 22:07 - 2015-08-15 19:43 - 000000000 ____D C:\Windows\system32\MRT
2021-11-22 21:52 - 2015-08-15 19:43 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-22 21:52 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2021-11-22 13:52 - 2016-12-19 18:21 - 000424448 ___SH C:\Users\Julien\Downloads\Thumbs.db
==================== SigCheckExt =========================
2014-02-25 22:17 - 2014-02-25 22:17 - 000361600 _____ (Qualcomm®Atheros®) C:\Windows\system32\AthCredentialProvider.dll
2014-12-05 08:10 - 2013-08-05 04:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-08-27 14:00 - 2013-08-27 14:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2021-11-23 22:26 - 2021-11-24 21:04 - 002311680 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe
2021-11-23 22:08 - 2021-11-23 22:16 - 003477656 _____ (Nicolas Coolman) C:\Users\Julien\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{3e4088bb-7c90-11e4-8ded-f0761c3e2299}
{3e4088bc-7c90-11e4-8ded-f0761c3e2299}
{3e4088bd-7c90-11e4-8ded-f0761c3e2299}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {247b008f-7ca5-11e4-8c1f-f0761c3e2299}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {3e4088bb-7c90-11e4-8ded-f0761c3e2299}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {3e4088bc-7c90-11e4-8ded-f0761c3e2299}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {3e4088bd-7c90-11e4-8ded-f0761c3e2299}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {247b0091-7ca5-11e4-8c1f-f0761c3e2299}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {247b008f-7ca5-11e4-8c1f-f0761c3e2299}
nx OptIn
bootmenupolicy Standard
detecthal Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {247b0091-7ca5-11e4-8c1f-f0761c3e2299}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{247b0092-7ca5-11e4-8c1f-f0761c3e2299}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{247b0092-7ca5-11e4-8c1f-f0761c3e2299}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {247b008f-7ca5-11e4-8c1f-f0761c3e2299}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {247b0091-7ca5-11e4-8c1f-f0761c3e2299}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {247b0092-7ca5-11e4-8c1f-f0761c3e2299}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Acer Recovery Management
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \boot\boot.sdi
LastRegBack: 2021-11-23 09:46
==================== Fin de FRST.txt ========================
Exécuté par Annie (administrateur) sur JULIEN (Acer Aspire E5-531) (24-11-2021 21:04:57)
Exécuté depuis C:\Users\Julien\Desktop
Profils chargés: Annie
Plate-forme: Microsoft Windows 8.1 avec Bing (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Pokki, Inc. -> Pokki) C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9298344 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\RunOnce: [Application Restart #2] => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki)
HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\RunOnce: [Application Restart #1] => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0BFC0D29-2083-4F58-8E36-FE36DF8F0C09} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-09] (Acer Incorporated -> Acer Incorporated)
Task: {111923D8-967D-41B8-9B7C-7DD553F935C1} - System32\Tasks\SweetLabs App Platform => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10650856 2020-12-04] (Pokki, Inc. -> Pokki)
Task: {1145C80A-F9A8-4310-8C35-73275753F8DD} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {13EF9B73-C60B-4411-BB59-2642AF8C8022} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {315F6BDE-34C2-4655-A975-07042F0ADE6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {61B50B6E-FA92-4383-AD32-9E2C3762F820} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-10-17] (Acer Incorporated -> Acer Incorporate)
Task: {6CD614B5-C5EB-4888-916B-C40EC76D52B7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {880B6D11-F56C-4591-8856-7958090B86EB} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.)
Task: {91E6ED2C-1C7C-412C-A1F8-755312F03727} - System32\Tasks\CCleanerSkipUAC - Annie => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93B3E066-B204-4FF9-B5CD-4C94B9D8DD7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [141529560 2021-11-22] (Microsoft Windows -> Microsoft Corporation)
Task: {A5D91687-08E6-4A58-9E94-453FC44EEE8E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232 2014-07-22] (Acer Incorporated -> Acer Incorporated)
Task: {A6E10883-F4A2-4825-8369-F262C7A8E81A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728 2014-08-29] (Acer Incorporated -> )
Task: {AE8961CF-2747-457A-B6CB-D1B0043B7F09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF82AA5B-67F4-4F89-B752-4AEA1BF0158D} - System32\Tasks\{95242395-C9B7-46AD-8D9F-86D04E1890D7} => "c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.7.0.103/fr/abandoninstall?source=lightinstaller&page=tsMain hxxp://ui.skype.com/ui/0/7.7.0.103/fr/abandoninstall?source=lightinstaller&page=tsMain (Pas de fichier)
Task: {B1AA6429-69DE-4D3C-9C4D-5DDD7B2A91ED} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-10-17] (Acer Incorporated -> Acer Incorporate)
Task: {BEBF53A4-B42F-40FD-94CC-775B2F1EC91B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608 2014-08-29] (Acer Incorporated -> )
Task: {CA65B110-E98D-4490-9A25-2356FCEEF437} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-06-17] (Acer Incorporated -> Acer Incorporated)
Task: {CE20CB51-2A49-4046-AEA9-E8BF8B1D701D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F8E1E7-A791-42B9-AD9A-A9AC9129454F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F754F9F3-C560-4EAB-B050-43EB39EDA3B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC)
Task: {FA050F75-5DC3-497C-88E6-1AA37834DD40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {FBEAE1D2-7746-47E1-BFD8-4C4274E877B6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2014-12-30] (Acer Incorporated -> Acer Incorporate)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D0F50B35-A1A1-4B3B-8323-6448A2F481DD}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Julien\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-08]
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR Profile: C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default [2021-11-24]
CHR HomePage: Default -> hxxp://xn--connexion%20%20chrome-yzb/
CHR NewTab: Default -> Not-active:"chrome-extension://foaoaiinkbjpminknkedhgimdfkjekie/ntp1.html"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E211FR662G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Pas de nom) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-11-04]
CHR Extension: (FromDocToPDF) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\foaoaiinkbjpminknkedhgimdfkjekie [2021-05-01]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-21]
CHR Extension: (Ask Web Search) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapkhkcjeoklmeklalckjempdbgbagai [2021-05-03]
CHR Extension: (Skype) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-01-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated -> Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporated -> Acer Incorporate)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [10508032 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporated -> Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporated -> Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 21:04 - 2021-11-24 21:08 - 000018566 _____ C:\Users\Julien\Desktop\FRST.txt
2021-11-24 21:04 - 2021-11-24 21:04 - 000262306 _____ C:\Users\Julien\Desktop\ZHPDiag.txt
2021-11-24 21:04 - 2021-11-24 21:04 - 000000000 ____D C:\Users\Julien\Desktop\FRST-OlderVersion
2021-11-24 20:20 - 2021-11-24 20:54 - 000000000 ___HD C:\$WINDOWS.~BT
2021-11-24 20:17 - 2021-11-24 20:17 - 000000000 ___HD C:\$Windows.~WS
2021-11-23 22:27 - 2021-11-24 21:07 - 000000000 ____D C:\FRST
2021-11-23 22:26 - 2021-11-24 21:04 - 002311680 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe
2021-11-23 22:09 - 2021-11-24 21:04 - 000000000 ____D C:\Users\Julien\AppData\Roaming\ZHP
2021-11-23 22:09 - 2021-11-23 22:09 - 000000869 _____ C:\Users\Julien\Desktop\ZHPSuite.lnk
2021-11-23 22:09 - 2021-11-23 22:09 - 000000000 ____D C:\Users\Julien\AppData\Local\ZHP
2021-11-23 22:08 - 2021-11-23 22:16 - 003477656 _____ (Nicolas Coolman) C:\Users\Julien\Desktop\ZHPSuite.exe
2021-11-23 20:11 - 2021-11-23 20:11 - 000000000 ____D C:\Users\Julien\Desktop\Nouveau dossier
2021-11-23 18:56 - 2021-11-23 18:56 - 000001970 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk
2021-11-23 18:56 - 2021-11-23 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2021-11-23 18:56 - 2021-11-23 18:56 - 000000000 ____D C:\Program Files\Macrium
2021-11-23 18:51 - 2021-11-23 18:58 - 000000000 ____D C:\ProgramData\Macrium
2021-11-23 18:51 - 2021-11-23 18:51 - 005603328 _____ (Paramount Software UK Ltd) C:\Users\Julien\Downloads\ReflectDLHF.exe
2021-11-23 09:41 - 2021-11-24 20:55 - 000001908 _____ C:\Windows\diagwrn.xml
2021-11-23 09:41 - 2021-11-24 20:55 - 000001908 _____ C:\Windows\diagerr.xml
2021-11-22 22:34 - 2021-11-24 20:20 - 000000000 ____D C:\ESD
2021-11-22 16:36 - 2021-11-22 16:36 - 000128704 _____ C:\Users\Julien\AppData\Local\GDIPFONTCACHEV1.DAT
2021-11-22 16:35 - 2021-11-22 16:35 - 000000000 ____D C:\Users\Julien\Desktop\pdf pour cours
2021-11-08 16:46 - 2021-11-24 19:21 - 000000000 ____D C:\Program Files\CCleaner
2021-11-08 16:46 - 2021-11-08 16:46 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-11-08 16:46 - 2021-11-08 16:46 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Annie
2021-11-08 16:46 - 2021-11-08 16:46 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-08 16:46 - 2021-11-08 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-08 16:42 - 2021-11-08 16:42 - 036235064 _____ (Piriform Software Ltd) C:\Users\Julien\Downloads\ccsetup586 (1).exe
2021-11-08 16:39 - 2021-11-08 16:39 - 036235064 _____ (Piriform Software Ltd) C:\Users\Julien\Downloads\ccsetup586.exe
2021-10-24 10:40 - 2021-10-24 10:40 - 000107606 _____ C:\Users\Julien\Downloads\AttestationIndemnitesJournalieres (4).pdf
2021-10-24 10:40 - 2021-10-24 10:40 - 000107606 _____ C:\Users\Julien\Downloads\AttestationIndemnitesJournalieres (3).pdf
2021-10-24 10:37 - 2021-10-24 10:37 - 000160813 _____ C:\Users\Julien\Downloads\cgs.pdf
2021-10-22 08:54 - 2021-10-22 08:54 - 000048735 _____ C:\Users\Julien\Downloads\AttestationDroits.pdf
2021-10-20 10:33 - 2021-09-21 06:53 - 000019720 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys
2021-10-20 10:13 - 2021-10-20 10:13 - 000012131 _____ C:\Users\Julien\Downloads\PaiementTiers12102021.pdf
2021-10-12 09:16 - 2021-10-12 09:16 - 002379420 _____ C:\Users\Julien\Downloads\FW__suite_téléconsultation.zip
2021-09-02 16:27 - 2021-09-02 16:27 - 000049864 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\PSVolAcc.sys
2021-08-27 14:44 - 2021-08-27 14:44 - 000445344 _____ C:\Users\Julien\Downloads\27082021_COMMANDE_C737E722926O59013.pdf
2021-08-27 14:37 - 2021-08-27 14:37 - 000445118 _____ C:\Users\Julien\Downloads\27082021_COMMANDE_C736E722926O59013.pdf
2021-08-27 14:17 - 2021-07-13 07:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-27 14:17 - 2021-07-13 07:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 20:36 - 2014-08-29 14:05 - 000000000 ____D C:\Windows\Panther
2021-11-24 20:27 - 2020-01-20 18:17 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-24 20:22 - 2014-12-05 16:20 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2021-11-24 20:22 - 2014-12-05 16:20 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2021-11-24 20:22 - 2014-03-18 10:47 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-24 20:22 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2021-11-24 20:00 - 2015-10-16 18:25 - 000000000 ____D C:\Users\Julien\AppData\Local\CrashDumps
2021-11-24 19:20 - 2018-01-04 19:25 - 000000000 ___RD C:\Users\Julien\OneDrive
2021-11-24 19:18 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-24 19:17 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-11-24 17:54 - 2015-08-03 19:39 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2390315509-1084197287-1402993408-1001
2021-11-24 17:39 - 2014-08-29 13:48 - 000000000 ____D C:\ProgramData\McAfee
2021-11-24 17:36 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-11-24 17:36 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2021-11-24 14:34 - 2021-05-03 14:09 - 000098304 ___SH C:\Users\Julien\Desktop\Thumbs.db
2021-11-24 10:32 - 2015-08-03 19:30 - 000000000 ____D C:\Users\Julien\AppData\Local\SweetLabs App Platform
2021-11-23 11:44 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe
2021-11-22 22:17 - 2013-08-22 15:44 - 000493784 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-22 22:07 - 2015-08-15 19:43 - 000000000 ____D C:\Windows\system32\MRT
2021-11-22 21:52 - 2015-08-15 19:43 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-22 21:52 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2021-11-22 13:52 - 2016-12-19 18:21 - 000424448 ___SH C:\Users\Julien\Downloads\Thumbs.db
==================== SigCheckExt =========================
2014-02-25 22:17 - 2014-02-25 22:17 - 000361600 _____ (Qualcomm®Atheros®) C:\Windows\system32\AthCredentialProvider.dll
2014-12-05 08:10 - 2013-08-05 04:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-08-27 14:00 - 2013-08-27 14:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2021-11-23 22:26 - 2021-11-24 21:04 - 002311680 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe
2021-11-23 22:08 - 2021-11-23 22:16 - 003477656 _____ (Nicolas Coolman) C:\Users\Julien\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{3e4088bb-7c90-11e4-8ded-f0761c3e2299}
{3e4088bc-7c90-11e4-8ded-f0761c3e2299}
{3e4088bd-7c90-11e4-8ded-f0761c3e2299}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {247b008f-7ca5-11e4-8c1f-f0761c3e2299}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {3e4088bb-7c90-11e4-8ded-f0761c3e2299}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {3e4088bc-7c90-11e4-8ded-f0761c3e2299}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {3e4088bd-7c90-11e4-8ded-f0761c3e2299}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {247b0091-7ca5-11e4-8c1f-f0761c3e2299}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {247b008f-7ca5-11e4-8c1f-f0761c3e2299}
nx OptIn
bootmenupolicy Standard
detecthal Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {247b0091-7ca5-11e4-8c1f-f0761c3e2299}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{247b0092-7ca5-11e4-8c1f-f0761c3e2299}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{247b0092-7ca5-11e4-8c1f-f0761c3e2299}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {247b008f-7ca5-11e4-8c1f-f0761c3e2299}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {247b0091-7ca5-11e4-8c1f-f0761c3e2299}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {247b0092-7ca5-11e4-8c1f-f0761c3e2299}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Acer Recovery Management
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \boot\boot.sdi
LastRegBack: 2021-11-23 09:46
==================== Fin de FRST.txt ========================