Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2021 Exécuté par Annie (administrateur) sur JULIEN (Acer Aspire E5-531) (24-11-2021 21:04:57) Exécuté depuis C:\Users\Julien\Desktop Profils chargés: Annie Plate-forme: Microsoft Windows 8.1 avec Bing (Update) (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (Pokki, Inc. -> Pokki) C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9298344 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\RunOnce: [Application Restart #2] => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki) HKU\S-1-5-21-2390315509-1084197287-1402993408-1001\...\RunOnce: [Application Restart #1] => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki) HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-21] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0BFC0D29-2083-4F58-8E36-FE36DF8F0C09} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-09] (Acer Incorporated -> Acer Incorporated) Task: {111923D8-967D-41B8-9B7C-7DD553F935C1} - System32\Tasks\SweetLabs App Platform => C:\Users\Julien\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10650856 2020-12-04] (Pokki, Inc. -> Pokki) Task: {1145C80A-F9A8-4310-8C35-73275753F8DD} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> ) Task: {13EF9B73-C60B-4411-BB59-2642AF8C8022} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) Task: {315F6BDE-34C2-4655-A975-07042F0ADE6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC) Task: {61B50B6E-FA92-4383-AD32-9E2C3762F820} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-10-17] (Acer Incorporated -> Acer Incorporate) Task: {6CD614B5-C5EB-4888-916B-C40EC76D52B7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated) Task: {880B6D11-F56C-4591-8856-7958090B86EB} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.) Task: {91E6ED2C-1C7C-412C-A1F8-755312F03727} - System32\Tasks\CCleanerSkipUAC - Annie => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {93B3E066-B204-4FF9-B5CD-4C94B9D8DD7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [141529560 2021-11-22] (Microsoft Windows -> Microsoft Corporation) Task: {A5D91687-08E6-4A58-9E94-453FC44EEE8E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232 2014-07-22] (Acer Incorporated -> Acer Incorporated) Task: {A6E10883-F4A2-4825-8369-F262C7A8E81A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728 2014-08-29] (Acer Incorporated -> ) Task: {AE8961CF-2747-457A-B6CB-D1B0043B7F09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) Task: {AF82AA5B-67F4-4F89-B752-4AEA1BF0158D} - System32\Tasks\{95242395-C9B7-46AD-8D9F-86D04E1890D7} => "c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.7.0.103/fr/abandoninstall?source=lightinstaller&page=tsMain hxxp://ui.skype.com/ui/0/7.7.0.103/fr/abandoninstall?source=lightinstaller&page=tsMain (Pas de fichier) Task: {B1AA6429-69DE-4D3C-9C4D-5DDD7B2A91ED} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-10-17] (Acer Incorporated -> Acer Incorporate) Task: {BEBF53A4-B42F-40FD-94CC-775B2F1EC91B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608 2014-08-29] (Acer Incorporated -> ) Task: {CA65B110-E98D-4490-9A25-2356FCEEF437} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-06-17] (Acer Incorporated -> Acer Incorporated) Task: {CE20CB51-2A49-4046-AEA9-E8BF8B1D701D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) Task: {E0F8E1E7-A791-42B9-AD9A-A9AC9129454F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) Task: {F754F9F3-C560-4EAB-B050-43EB39EDA3B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-20] (Google LLC -> Google LLC) Task: {FA050F75-5DC3-497C-88E6-1AA37834DD40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform) Task: {FBEAE1D2-7746-47E1-BFD8-4C4274E877B6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2014-12-30] (Acer Incorporated -> Acer Incorporate) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D0F50B35-A1A1-4B3B-8323-6448A2F481DD}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Julien\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-08] FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> ) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) Chrome: ======= CHR Profile: C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default [2021-11-24] CHR HomePage: Default -> hxxp://xn--connexion%20%20chrome-yzb/ CHR NewTab: Default -> Not-active:"chrome-extension://foaoaiinkbjpminknkedhgimdfkjekie/ntp1.html" CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E211FR662G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Pas de nom) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-11-04] CHR Extension: (FromDocToPDF) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\foaoaiinkbjpminknkedhgimdfkjekie [2021-05-01] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-21] CHR Extension: (Ask Web Search) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapkhkcjeoklmeklalckjempdbgbagai [2021-05-03] CHR Extension: (Skype) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-01-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated -> Acer Incorporated) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporated -> Acer Incorporate) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [10508032 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporated -> Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> ) R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporated -> Acer Incorporate) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (Acer Incorporated -> acer) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-24 21:04 - 2021-11-24 21:08 - 000018566 _____ C:\Users\Julien\Desktop\FRST.txt 2021-11-24 21:04 - 2021-11-24 21:04 - 000262306 _____ C:\Users\Julien\Desktop\ZHPDiag.txt 2021-11-24 21:04 - 2021-11-24 21:04 - 000000000 ____D C:\Users\Julien\Desktop\FRST-OlderVersion 2021-11-24 20:20 - 2021-11-24 20:54 - 000000000 ___HD C:\$WINDOWS.~BT 2021-11-24 20:17 - 2021-11-24 20:17 - 000000000 ___HD C:\$Windows.~WS 2021-11-23 22:27 - 2021-11-24 21:07 - 000000000 ____D C:\FRST 2021-11-23 22:26 - 2021-11-24 21:04 - 002311680 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe 2021-11-23 22:09 - 2021-11-24 21:04 - 000000000 ____D C:\Users\Julien\AppData\Roaming\ZHP 2021-11-23 22:09 - 2021-11-23 22:09 - 000000869 _____ C:\Users\Julien\Desktop\ZHPSuite.lnk 2021-11-23 22:09 - 2021-11-23 22:09 - 000000000 ____D C:\Users\Julien\AppData\Local\ZHP 2021-11-23 22:08 - 2021-11-23 22:16 - 003477656 _____ (Nicolas Coolman) C:\Users\Julien\Desktop\ZHPSuite.exe 2021-11-23 20:11 - 2021-11-23 20:11 - 000000000 ____D C:\Users\Julien\Desktop\Nouveau dossier 2021-11-23 18:56 - 2021-11-23 18:56 - 000001970 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk 2021-11-23 18:56 - 2021-11-23 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium 2021-11-23 18:56 - 2021-11-23 18:56 - 000000000 ____D C:\Program Files\Macrium 2021-11-23 18:51 - 2021-11-23 18:58 - 000000000 ____D C:\ProgramData\Macrium 2021-11-23 18:51 - 2021-11-23 18:51 - 005603328 _____ (Paramount Software UK Ltd) C:\Users\Julien\Downloads\ReflectDLHF.exe 2021-11-23 09:41 - 2021-11-24 20:55 - 000001908 _____ C:\Windows\diagwrn.xml 2021-11-23 09:41 - 2021-11-24 20:55 - 000001908 _____ C:\Windows\diagerr.xml 2021-11-22 22:34 - 2021-11-24 20:20 - 000000000 ____D C:\ESD 2021-11-22 16:36 - 2021-11-22 16:36 - 000128704 _____ C:\Users\Julien\AppData\Local\GDIPFONTCACHEV1.DAT 2021-11-22 16:35 - 2021-11-22 16:35 - 000000000 ____D C:\Users\Julien\Desktop\pdf pour cours 2021-11-08 16:46 - 2021-11-24 19:21 - 000000000 ____D C:\Program Files\CCleaner 2021-11-08 16:46 - 2021-11-08 16:46 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-11-08 16:46 - 2021-11-08 16:46 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Annie 2021-11-08 16:46 - 2021-11-08 16:46 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk 2021-11-08 16:46 - 2021-11-08 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-11-08 16:42 - 2021-11-08 16:42 - 036235064 _____ (Piriform Software Ltd) C:\Users\Julien\Downloads\ccsetup586 (1).exe 2021-11-08 16:39 - 2021-11-08 16:39 - 036235064 _____ (Piriform Software Ltd) C:\Users\Julien\Downloads\ccsetup586.exe 2021-10-24 10:40 - 2021-10-24 10:40 - 000107606 _____ C:\Users\Julien\Downloads\AttestationIndemnitesJournalieres (4).pdf 2021-10-24 10:40 - 2021-10-24 10:40 - 000107606 _____ C:\Users\Julien\Downloads\AttestationIndemnitesJournalieres (3).pdf 2021-10-24 10:37 - 2021-10-24 10:37 - 000160813 _____ C:\Users\Julien\Downloads\cgs.pdf 2021-10-22 08:54 - 2021-10-22 08:54 - 000048735 _____ C:\Users\Julien\Downloads\AttestationDroits.pdf 2021-10-20 10:33 - 2021-09-21 06:53 - 000019720 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys 2021-10-20 10:13 - 2021-10-20 10:13 - 000012131 _____ C:\Users\Julien\Downloads\PaiementTiers12102021.pdf 2021-10-12 09:16 - 2021-10-12 09:16 - 002379420 _____ C:\Users\Julien\Downloads\FW__suite_téléconsultation.zip 2021-09-02 16:27 - 2021-09-02 16:27 - 000049864 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\PSVolAcc.sys 2021-08-27 14:44 - 2021-08-27 14:44 - 000445344 _____ C:\Users\Julien\Downloads\27082021_COMMANDE_C737E722926O59013.pdf 2021-08-27 14:37 - 2021-08-27 14:37 - 000445118 _____ C:\Users\Julien\Downloads\27082021_COMMANDE_C736E722926O59013.pdf 2021-08-27 14:17 - 2021-07-13 07:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2021-08-27 14:17 - 2021-07-13 07:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-24 20:36 - 2014-08-29 14:05 - 000000000 ____D C:\Windows\Panther 2021-11-24 20:27 - 2020-01-20 18:17 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-24 20:22 - 2014-12-05 16:20 - 000806842 _____ C:\Windows\system32\perfh00C.dat 2021-11-24 20:22 - 2014-12-05 16:20 - 000156662 _____ C:\Windows\system32\perfc00C.dat 2021-11-24 20:22 - 2014-03-18 10:47 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI 2021-11-24 20:22 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2021-11-24 20:00 - 2015-10-16 18:25 - 000000000 ____D C:\Users\Julien\AppData\Local\CrashDumps 2021-11-24 19:20 - 2018-01-04 19:25 - 000000000 ___RD C:\Users\Julien\OneDrive 2021-11-24 19:18 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-11-24 19:17 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2021-11-24 17:54 - 2015-08-03 19:39 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2390315509-1084197287-1402993408-1001 2021-11-24 17:39 - 2014-08-29 13:48 - 000000000 ____D C:\ProgramData\McAfee 2021-11-24 17:36 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-11-24 17:36 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\ELAM 2021-11-24 14:34 - 2021-05-03 14:09 - 000098304 ___SH C:\Users\Julien\Desktop\Thumbs.db 2021-11-24 10:32 - 2015-08-03 19:30 - 000000000 ____D C:\Users\Julien\AppData\Local\SweetLabs App Platform 2021-11-23 11:44 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe 2021-11-22 22:17 - 2013-08-22 15:44 - 000493784 _____ C:\Windows\system32\FNTCACHE.DAT 2021-11-22 22:07 - 2015-08-15 19:43 - 000000000 ____D C:\Windows\system32\MRT 2021-11-22 21:52 - 2015-08-15 19:43 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-11-22 21:52 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2021-11-22 13:52 - 2016-12-19 18:21 - 000424448 ___SH C:\Users\Julien\Downloads\Thumbs.db ==================== SigCheckExt ========================= 2014-02-25 22:17 - 2014-02-25 22:17 - 000361600 _____ (Qualcomm®Atheros®) C:\Windows\system32\AthCredentialProvider.dll 2014-12-05 08:10 - 2013-08-05 04:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2013-08-27 14:00 - 2013-08-27 14:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE 2021-11-23 22:26 - 2021-11-24 21:04 - 002311680 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe 2021-11-23 22:08 - 2021-11-23 22:16 - 003477656 _____ (Nicolas Coolman) C:\Users\Julien\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {3e4088bb-7c90-11e4-8ded-f0761c3e2299} {3e4088bc-7c90-11e4-8ded-f0761c3e2299} {3e4088bd-7c90-11e4-8ded-f0761c3e2299} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {247b008f-7ca5-11e4-8c1f-f0761c3e2299} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {3e4088bb-7c90-11e4-8ded-f0761c3e2299} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {3e4088bc-7c90-11e4-8ded-f0761c3e2299} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {3e4088bd-7c90-11e4-8ded-f0761c3e2299} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {247b0091-7ca5-11e4-8c1f-f0761c3e2299} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {247b008f-7ca5-11e4-8c1f-f0761c3e2299} nx OptIn bootmenupolicy Standard detecthal Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {247b0091-7ca5-11e4-8c1f-f0761c3e2299} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{247b0092-7ca5-11e4-8c1f-f0761c3e2299} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{247b0092-7ca5-11e4-8c1f-f0761c3e2299} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {247b008f-7ca5-11e4-8c1f-f0761c3e2299} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {247b0091-7ca5-11e4-8c1f-f0761c3e2299} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {247b0092-7ca5-11e4-8c1f-f0761c3e2299} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Acer Recovery Management ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \boot\boot.sdi LastRegBack: 2021-11-23 09:46 ==================== Fin de FRST.txt ========================