Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Exécuté par Mamou (administrateur) sur DESKTOP-SRDQL9K (Micro-Star International Co., Ltd. Creator M16 A11UC) (28-01-2025 19:02:19)
Exécuté depuis C:\Users\Mamou\Desktop\FRST64.exe
Profils chargés: Mamou
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\116.0.5366.51\opera_crashreporter.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <2>
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c7eb580ac5e3786b\igfxEMN.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <39>
(Proton AG -> ) C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_cb841b7c497d4503\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_f94b71985382657d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerProviderDataHelperService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.5.1\ProtonVPNService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3cf99e411755df38\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3cf99e411755df38\RtkAudUService64.exe [1963928 2023-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [468936 2023-09-05] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [421072 2024-12-20] (Intel Corporation -> Intel Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-19\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-20\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12921496 2024-12-11] (Proton AG -> ProtonVPN)
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Run: [MicrosoftEdgeAutoLaunch_0FBB3CA904637366835E02E7613312E2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Run: [Ww5EqxGa] => C:\Users\Mamou\AppData\Roaming\WycT1ndu\Set-up.exe [1353752 2024-09-20] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32870ddc-71bd-11ee-bfab-0456e5e4b4ec} - "F:\autoplay\nop.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32872a1a-71bd-11ee-bfab-0456e5e4b4ec} - "G:\autoplay\nop.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32872a24-71bd-11ee-bfab-0456e5e4b4ec} - "H:\autoplay\nop.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32872a2b-71bd-11ee-bfab-0456e5e4b4ec} - "I:\autoplay\autoplay.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {6be97157-335c-11ee-bf7a-0456e5e4b4ec} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {ce19c1dc-6b2e-11ee-bfa1-0456e5e4b4ec} - "E:\autoplay\autoplay.exe"
IFEO\mpcmdrun.exe: [Debugger] C:\WINDOWS\System32\systray.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01A2047D-6778-4CF8-BC40-D8033D5C24C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {937C803E-CD08-49A0-AB23-7D21C4731216} - System32\Tasks\DLLSearchUpdater => C:\Users\Mamou\AppData\Local\DLLSearch\Updater\UpdaterLauncher.exe /check_updates (Pas de fichier)
Task: {75E902B8-C4B8-4746-A187-4D1E925A5211} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Mamou\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (Pas de fichier)
Task: {D1979B6A-3F3C-4550-8564-352321CE6E04} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Mamou\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (Pas de fichier)
Task: {0A6AA953-7278-4845-B7BD-C592059AFBDD} - System32\Tasks\EPPHealthCheck => C:\Program Files\ReasonLabs\EPP\Uninstall.exe /uninstall-repair (Pas de fichier)
Task: {3BCA2A72-F52B-4A9F-894E-EC214F2D6C7A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6164192 2024-09-23] (Intel Corporation -> Intel Corporation)
Task: {9ECA6B89-6727-489D-A78E-3CCC23D00147} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6164192 2024-09-23] (Intel Corporation -> Intel Corporation)
Task: {C072B437-1B3E-4E56-8C8D-85D35F328B1C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {62EB93F4-433C-40C2-9782-27E2D635A7A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {77375D44-9202-42BA-85FA-F508302AB4B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D9A53F9-E333-47C3-B79D-D155BEF72F94} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2DD72AFC-77C4-4DCF-BAF0-AAEB8D997550} - System32\Tasks\Opera scheduled Autoupdate 1689936728 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [5656472 2025-01-21] (Opera Norway AS -> Opera Software)
Task: {98ADD1CB-DD16-4CBC-B892-0ECFD2F75BB3} - System32\Tasks\R@1n-KMS\Office15ProPlus => C:\WINDOWS\System32\Wbem\wmic.exe [576512 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate
Task: {C26F0910-D04C-4BF7-A881-BE9312337E19} - System32\Tasks\R@1n-KMS\Windows100Professional => C:\WINDOWS\System32\Wbem\wmic.exe [576512 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
Task: {1DC4CB87-94F6-4B47-B7C4-055DA884B126} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [289792 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "D:\adwcleaner(1).exe"
Task: {CFC5E9E4-E535-48E7-8230-8CE6D52FA9E1} - System32\Tasks\Uninstall AdwCleaner Application => D:\adwcleaner(1).exe [8790880 2025-01-17] (Malwarebytes Inc. -> Malwarebytes)
Task: {85DA25C3-E075-4F66-9077-49A1983BE762} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-17] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\..\Interfaces\{95700b23-ea30-4328-a854-90ea2adf3a16}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a68a613f-1463-49a8-b095-b62eec347a34}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a68a613f-1463-49a8-b095-b62eec347a34}\353494A4F4C494241445: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{a68a613f-1463-49a8-b095-b62eec347a34}\356425F554445383F5537484A5F5548545: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a84d63b9-6d61-46ad-b27b-c9c0caca4a97}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
Edge Profile: C:\Users\Mamou\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-27]
Edge Extension: (Google Docs hors connexion) - C:\Users\Mamou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Mamou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-01-27]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\opera.exe
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2024-11-25] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2024-11-25] (Intel Corporation -> Intel)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe [532648 2021-11-30] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [289280 2024-12-20] (Intel Corporation) [Fichier non signé]
R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78240 2024-05-14] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2354584 2024-05-14] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2629936 2024-05-14] (Intel Corporation -> Intel)
R2 Killer Provider Data Helper Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerProviderDataHelperService.exe [1088304 2024-05-14] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [77616 2024-05-14] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2024-05-14] (Intel Corporation -> Intel® Corporation)
U2 MoondustriesLosoce; C:\Program Files (x86)\MoondustriesLosoce\MoondustriesLosoce.exe [36169360 2023-08-23] (MangroveInstallCodes -> Necessary Daseke) [Fichier non signé]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909512 2023-11-14] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPNService.exe [464608 2024-12-11] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.WireGuardService.exe [464104 2024-12-11] (Proton AG -> ProtonVPN)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21605176 2024-05-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AlService; C:\Program Files (x86)\Alsoft\AlService.exe -s [X]
S2 ELANFPService; %SystemRoot%\System32\ELANFPService.exe [X]
S2 EsgShKernel; "C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe" [X]
S2 ShMonitor; "C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2023-10-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2023-10-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [128664 2021-01-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [201376 2021-01-27] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_2f4c83f014ffdaee\IntcUSB.sys [882848 2021-11-30] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84888 2021-01-21] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [248624 2024-05-14] (Intel Corporation -> Rivet Networks, LLC.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2023-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [86200 2022-08-18] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [95896 2024-05-16] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.5.1\Resources\ProtonVPN.CalloutDriver.sys [40360 2024-12-11] (Proton AG -> Proton AG)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1418184 2024-04-21] (Realtek Semiconductor Corp. -> Realtek Corporation)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203832 2023-10-15] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-08-18] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-07-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-28 19:02 - 2025-01-28 19:02 - 000023915 _____ C:\Users\Mamou\Desktop\FRST.txt
2025-01-28 19:01 - 2025-01-28 19:02 - 000000000 ____D C:\FRST
2025-01-28 18:19 - 2025-01-28 18:19 - 002403328 _____ (Farbar) C:\Users\Mamou\Desktop\FRST64.exe
2025-01-28 18:10 - 2025-01-28 18:10 - 000180627 _____ C:\Users\Mamou\Desktop\ZHPDiag.txt
2025-01-28 18:05 - 2025-01-28 18:05 - 003539656 _____ (Nicolas Coolman) C:\Users\Mamou\Desktop\ZHPSuite.exe
2025-01-28 17:38 - 2022-07-02 02:43 - 000725112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2025-01-28 17:38 - 2022-07-02 02:43 - 000609048 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2025-01-28 17:38 - 2022-07-02 02:43 - 000468032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2025-01-28 17:38 - 2022-07-02 02:43 - 000366008 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2025-01-28 17:38 - 2022-07-02 02:41 - 000204336 _____ C:\WINDOWS\system32\ControlLib32.dll
2025-01-27 15:25 - 2025-01-27 15:25 - 000000865 _____ C:\Users\Mamou\Desktop\ZHPDiag.lnk
2025-01-27 14:52 - 2025-01-27 14:52 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2025-01-17 20:26 - 2025-01-17 20:26 - 000000000 ____D C:\Users\Mamou\AppData\Local\ESET
2025-01-17 20:19 - 2025-01-17 20:20 - 000000000 ____D C:\AdwCleaner
2025-01-17 20:11 - 2025-01-27 17:35 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\9358e03516544a71a98bdd4e7cac8e4a0bb6126633a7d6f45ea6be8eef883e8c
2025-01-17 20:11 - 2025-01-27 15:12 - 000146052 _____ C:\Users\Mamou\AppData\LocalLow\8dfd6257892491a2797ca236e860a5a666d0563920a03e040b4d649596856af8
2025-01-17 19:56 - 2025-01-17 19:56 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-01-17 19:56 - 2025-01-17 19:56 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Users\Mamou\AppData\LocalLow\NVIDIA
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Users\Mamou\AppData\Local\NVIDIA Corporation
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Users\Mamou\ansel
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-01-17 19:56 - 2024-11-26 08:37 - 003074088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-01-17 19:56 - 2024-11-26 08:37 - 002369064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-01-17 19:56 - 2024-11-26 08:37 - 000270888 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-01-17 19:56 - 2024-11-26 08:37 - 000245288 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-01-17 19:56 - 2024-11-26 08:17 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-01-17 19:56 - 2024-11-26 08:17 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 002060664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 002060664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 001600376 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 001600376 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 001452432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 001452432 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 001301880 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 001301880 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 000478384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 000374432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2025-01-17 19:54 - 2024-12-04 19:02 - 001114792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2025-01-17 19:54 - 2024-12-04 19:02 - 000670352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2025-01-17 19:54 - 2024-12-04 19:02 - 000505504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2025-01-17 19:54 - 2024-12-04 19:01 - 025450120 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2025-01-17 19:54 - 2024-12-04 19:01 - 001554608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2025-01-17 19:54 - 2024-12-04 19:01 - 001208992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2025-01-17 19:54 - 2024-12-04 19:01 - 000863888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2025-01-17 19:54 - 2024-12-04 19:00 - 016811696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 002185360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 001634464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 001042072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 000801432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 000462480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2025-01-17 19:54 - 2024-12-04 18:59 - 017736840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 006953104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 005909664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 005435544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 003807888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 000853680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2025-01-17 19:54 - 2024-12-04 18:58 - 007158560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2025-01-17 19:54 - 2024-12-04 18:58 - 006236264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2025-01-17 19:54 - 2024-12-04 02:11 - 000132703 _____ C:\WINDOWS\system32\nvinfo.pb
2025-01-17 19:54 - 2024-11-26 08:17 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2025-01-17 19:49 - 2025-01-17 19:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2025-01-17 19:49 - 2025-01-17 19:49 - 000000000 ____D C:\ProgramData\RivetNetworks
2025-01-17 19:43 - 2025-01-13 12:30 - 000753976 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-01-17 19:43 - 2025-01-13 12:30 - 000640296 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-01-17 19:43 - 2025-01-13 12:28 - 000945552 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-01-17 19:43 - 2025-01-13 12:22 - 002021720 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-01-17 19:43 - 2025-01-13 12:22 - 000783160 _____ C:\WINDOWS\system32\SET4E0E.tmp
2025-01-17 19:43 - 2025-01-13 12:22 - 000543544 _____ C:\WINDOWS\system32\SET4E10.tmp
2025-01-17 19:43 - 2025-01-13 12:20 - 000322104 _____ C:\WINDOWS\system32\ControlLib.dll
2025-01-17 19:43 - 2025-01-13 12:20 - 000269416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-01-17 19:39 - 2025-01-17 19:39 - 000002264 _____ C:\Users\Mamou\AppData\LocalLow\DeviceId=9A60_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=msedgewebview2=ms-teams.exe_ApiClient=D3D12
2025-01-17 19:38 - 2025-01-17 19:38 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\NVIDIA
2025-01-17 19:37 - 2025-01-27 14:52 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\d5826293baad6c227478a91d0a95b5a4fc15a7b106925dad6bf1bc5ce08a9501
2025-01-17 19:37 - 2025-01-27 14:49 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\ad27610716c700ca9bae8ae32c878645c6c9c14221e240f45c30bf64623785bf
2025-01-17 19:37 - 2025-01-18 18:59 - 000028037 _____ C:\Users\Mamou\AppData\LocalLow\06dfe747e2d572285f3d69e619ebea7c66ddaa52a0f2f9df16fa0ce6bd768c63
2025-01-17 19:37 - 2025-01-17 19:37 - 000012449 _____ C:\Users\Mamou\AppData\LocalLow\7344685287ec5678abcc40f8f6b150f450640bd0ed12b4c45ae801d27bd0fcfa
2025-01-17 19:37 - 2025-01-17 19:37 - 000005873 _____ C:\Users\Mamou\AppData\LocalLow\8c67da7a54c924745740c299d30eb491cc4fe37693f9a41deddb08b16c7f7f54
2025-01-17 19:37 - 2025-01-17 19:37 - 000000026 _____ C:\Users\Mamou\AppData\LocalLow\5b0eb39622c9d88ea6f7bf864792495c95b13c118a1f883fb94f99377fef5ccc
2025-01-17 19:32 - 2025-01-17 19:32 - 000003600 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-01-17 19:32 - 2024-10-03 23:33 - 000049888 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\semav6msr64.sys
2025-01-17 19:31 - 2025-01-17 19:31 - 000000000 ____D C:\Users\Mamou\AppData\Local\NEO
2025-01-17 19:31 - 2025-01-17 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-01-17 19:30 - 2025-01-28 17:38 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\ee73237d1d921ea5db71dd21c3a1558176dcc6c734e2b948a2d022bb6579b835
2025-01-17 19:30 - 2025-01-17 20:00 - 000000000 ____D C:\Program Files (x86)\Intel
2025-01-17 19:30 - 2025-01-17 19:32 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-01-17 19:30 - 2025-01-17 19:32 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-01-17 19:30 - 2025-01-17 19:31 - 000000000 ____D C:\Users\Mamou\AppData\Local\Intel
2025-01-17 19:30 - 2025-01-17 19:30 - 000008086 _____ C:\Users\Mamou\AppData\LocalLow\abab24240f9c8e040418c03ff9891fccff776bc91212c348e05dd9200f613684
2025-01-17 19:30 - 2025-01-17 19:30 - 000005882 _____ C:\Users\Mamou\AppData\LocalLow\41bc3e70c7ff1f2b92ee16baab0f845c9673d16f14a1f1cb9d10ffc532d3cec9
2025-01-17 19:30 - 2025-01-17 19:30 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2025-01-17 19:30 - 2025-01-17 19:30 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\d65d4727fa6c6c11c869d4d256ccfceb0736c6ed5d6c1ec9ec2b37fffb3c63d7
2025-01-17 19:29 - 2025-01-28 17:37 - 000000000 ____D C:\Program Files\dotnet
2025-01-17 19:29 - 2025-01-17 19:46 - 000000000 ____D C:\Program Files\Intel
2025-01-17 18:32 - 2025-01-17 18:32 - 000000000 ___HD C:\$WinREAgent
2025-01-17 18:17 - 2025-01-27 15:47 - 000000000 ____D C:\Program Files\Cybelsoft
2025-01-17 17:53 - 2025-01-17 17:53 - 000003794 _____ C:\WINDOWS\system32\Tasks\DLLSearchUpdater
2025-01-14 14:52 - 2025-01-14 14:55 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-11-26 14:30 - 2024-11-26 14:30 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-26 14:29 - 2024-11-26 14:29 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-28 18:56 - 2023-07-21 14:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-28 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-28 18:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-01-28 18:20 - 2023-08-25 22:21 - 000000875 _____ C:\Users\Mamou\Desktop\ZHPCleaner.lnk
2025-01-28 18:10 - 2023-08-25 22:21 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\ZHP
2025-01-28 18:06 - 2023-08-26 13:52 - 000000865 _____ C:\Users\Mamou\Desktop\ZHPSuite.lnk
2025-01-28 18:03 - 2023-07-23 13:52 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\Microsoft\Excel
2025-01-28 17:40 - 2023-08-03 16:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-28 17:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-28 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-28 17:38 - 2023-08-27 10:35 - 000000000 ____D C:\Users\Mamou\AppData\Local\CrashDumps
2025-01-28 17:38 - 2023-08-24 17:12 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-28 17:38 - 2023-07-21 11:41 - 000000000 ____D C:\Intel
2025-01-28 17:15 - 2023-07-21 12:16 - 000000000 __SHD C:\Users\Mamou\IntelGraphicsProfiles
2025-01-27 17:38 - 2023-07-21 11:26 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-27 16:05 - 2023-07-23 13:52 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\Microsoft\Word
2025-01-27 16:04 - 2023-07-21 11:54 - 000000000 ____D C:\Users\Mamou\AppData\Local\D3DSCache
2025-01-27 15:57 - 2023-07-21 14:50 - 001771634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-27 15:57 - 2019-12-07 15:50 - 000794660 _____ C:\WINDOWS\system32\perfh00C.dat
2025-01-27 15:57 - 2019-12-07 15:50 - 000150774 _____ C:\WINDOWS\system32\perfc00C.dat
2025-01-27 15:53 - 2023-08-01 17:19 - 000000000 ____D C:\Program Files\TeamViewer
2025-01-27 15:53 - 2023-07-21 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-27 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-27 15:52 - 2023-07-21 14:42 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-27 15:52 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-01-27 15:47 - 2023-10-17 18:55 - 000000000 ____D C:\Program Files (x86)\SlySoft
2025-01-27 15:25 - 2023-08-25 22:21 - 000000000 ____D C:\Users\Mamou\AppData\Local\ZHP
2025-01-27 14:52 - 2023-07-21 13:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-27 14:52 - 2023-07-21 10:33 - 000000000 ____D C:\Users\Mamou\AppData\Local\Packages
2025-01-27 11:01 - 2024-03-29 13:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-27 11:01 - 2023-07-21 14:45 - 000004044 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1689936728
2025-01-27 11:01 - 2023-07-21 11:52 - 000001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2025-01-27 11:01 - 2023-07-21 11:49 - 000000000 ____D C:\Program Files\Opera
2025-01-27 10:59 - 2023-07-21 14:43 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-17 20:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-17 20:11 - 2023-07-23 13:29 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\vlc
2025-01-17 20:03 - 2023-08-26 12:23 - 000001382 _____ C:\Users\Mamou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-01-17 19:56 - 2023-07-21 13:46 - 000000000 ____D C:\Users\Mamou
2025-01-17 19:56 - 2023-07-21 11:54 - 000000000 ____D C:\Users\Mamou\AppData\Local\NVIDIA
2025-01-17 19:56 - 2023-07-21 11:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-17 19:56 - 2023-07-21 11:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-01-17 19:56 - 2023-07-21 10:49 - 000000000 ____D C:\ProgramData\Packages
2025-01-17 19:55 - 2023-07-21 11:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2025-01-17 19:36 - 2023-07-23 17:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-17 19:36 - 2023-07-21 14:42 - 000287480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-17 19:30 - 2023-07-21 11:41 - 000000000 ____D C:\ProgramData\Intel
2025-01-17 18:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-17 18:34 - 2023-07-21 14:46 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-17 18:31 - 2023-07-21 11:40 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-17 18:31 - 2023-07-21 11:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-17 18:07 - 2023-07-21 10:48 - 000000000 ____D C:\Users\Mamou\AppData\Local\ElevatedDiagnostics
2025-01-16 11:12 - 2023-07-23 13:52 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\Microsoft\Office
2025-01-14 15:04 - 2024-09-21 19:36 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\plug
2025-01-14 15:04 - 2024-09-21 19:35 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\WycT1ndu
2025-01-14 14:55 - 2023-11-24 19:01 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-01-13 18:21 - 2024-10-24 16:56 - 000001050 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2025-01-13 18:21 - 2024-10-24 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-01-13 12:02 - 2023-08-26 12:49 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2025-01-13 12:02 - 2023-08-26 12:49 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-12-29 19:43 - 2023-07-21 14:46 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-29 19:43 - 2023-07-21 14:46 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d9bbd946179b0c
==================== Fichiers à la racine de certains dossiers ========
2024-10-24 19:24 - 2024-10-24 19:24 - 000000218 _____ () C:\Users\Mamou\AppData\Local\recently-used.xbel
==================== SigCheckExt =========================
2023-10-29 16:56 - 1998-01-23 12:20 - 000305664 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn040c.exe
2025-01-28 18:19 - 2025-01-28 18:19 - 002403328 _____ (Farbar) C:\Users\Mamou\Desktop\FRST64.exe
2023-07-21 10:38 - 2020-07-26 20:30 - 000856528 _____ (www.sordum.org) C:\Users\Mamou\Desktop\TempCleaner_x64.exe
2025-01-28 18:05 - 2025-01-28 18:05 - 003539656 _____ (Nicolas Coolman) C:\Users\Mamou\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {56b0d8e2-279b-11ee-80c1-af782d184564}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 3
Chargeur de démarrage Windows
-----------------------------
identificateur {15584db6-e4a8-4292-a757-f5aa81e6ddf2}
device ramdisk=[C:]\Aomei\AomeiBoot.wim,{5b11e17a-3ad8-4bfc-9bfc-b9b567b9c9f8}
description Aomei PE
osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{5b11e17a-3ad8-4bfc-9bfc-b9b567b9c9f8}
systemroot \Windows
nx OptIn
detecthal Yes
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8385e362-27cc-11ee-bf6b-a047c48fe060}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {56b0d8e2-279b-11ee-80c1-af782d184564}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {8385e362-27cc-11ee-bf6b-a047c48fe060}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{8385e363-27cc-11ee-bf6b-a047c48fe060}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{8385e363-27cc-11ee-bf6b-a047c48fe060}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {56b0d8e2-279b-11ee-80c1-af782d184564}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {8385e362-27cc-11ee-bf6b-a047c48fe060}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {5b11e17a-3ad8-4bfc-9bfc-b9b567b9c9f8}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
Options de périphérique
-----------------------
identificateur {8385e363-27cc-11ee-bf6b-a047c48fe060}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Mamou (administrateur) sur DESKTOP-SRDQL9K (Micro-Star International Co., Ltd. Creator M16 A11UC) (28-01-2025 19:02:19)
Exécuté depuis C:\Users\Mamou\Desktop\FRST64.exe
Profils chargés: Mamou
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\116.0.5366.51\opera_crashreporter.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(drivers\RivetNetworks\Killer\KSPSService.exe ->) (Intel Corporation -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <2>
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c7eb580ac5e3786b\igfxEMN.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <39>
(Proton AG -> ) C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_cb841b7c497d4503\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_f94b71985382657d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerProviderDataHelperService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Corporation -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.5.1\ProtonVPNService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3cf99e411755df38\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3cf99e411755df38\RtkAudUService64.exe [1963928 2023-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [468936 2023-09-05] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [421072 2024-12-20] (Intel Corporation -> Intel Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-19\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-20\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12921496 2024-12-11] (Proton AG -> ProtonVPN)
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Run: [MicrosoftEdgeAutoLaunch_0FBB3CA904637366835E02E7613312E2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Run: [Ww5EqxGa] => C:\Users\Mamou\AppData\Roaming\WycT1ndu\Set-up.exe [1353752 2024-09-20] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32870ddc-71bd-11ee-bfab-0456e5e4b4ec} - "F:\autoplay\nop.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32872a1a-71bd-11ee-bfab-0456e5e4b4ec} - "G:\autoplay\nop.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32872a24-71bd-11ee-bfab-0456e5e4b4ec} - "H:\autoplay\nop.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {32872a2b-71bd-11ee-bfab-0456e5e4b4ec} - "I:\autoplay\autoplay.exe"
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {6be97157-335c-11ee-bf7a-0456e5e4b4ec} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3824323892-2633900218-3341220402-1001\...\MountPoints2: {ce19c1dc-6b2e-11ee-bfa1-0456e5e4b4ec} - "E:\autoplay\autoplay.exe"
IFEO\mpcmdrun.exe: [Debugger] C:\WINDOWS\System32\systray.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01A2047D-6778-4CF8-BC40-D8033D5C24C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {937C803E-CD08-49A0-AB23-7D21C4731216} - System32\Tasks\DLLSearchUpdater => C:\Users\Mamou\AppData\Local\DLLSearch\Updater\UpdaterLauncher.exe /check_updates (Pas de fichier)
Task: {75E902B8-C4B8-4746-A187-4D1E925A5211} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Mamou\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (Pas de fichier)
Task: {D1979B6A-3F3C-4550-8564-352321CE6E04} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Mamou\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (Pas de fichier)
Task: {0A6AA953-7278-4845-B7BD-C592059AFBDD} - System32\Tasks\EPPHealthCheck => C:\Program Files\ReasonLabs\EPP\Uninstall.exe /uninstall-repair (Pas de fichier)
Task: {3BCA2A72-F52B-4A9F-894E-EC214F2D6C7A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6164192 2024-09-23] (Intel Corporation -> Intel Corporation)
Task: {9ECA6B89-6727-489D-A78E-3CCC23D00147} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6164192 2024-09-23] (Intel Corporation -> Intel Corporation)
Task: {C072B437-1B3E-4E56-8C8D-85D35F328B1C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {62EB93F4-433C-40C2-9782-27E2D635A7A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {77375D44-9202-42BA-85FA-F508302AB4B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D9A53F9-E333-47C3-B79D-D155BEF72F94} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2DD72AFC-77C4-4DCF-BAF0-AAEB8D997550} - System32\Tasks\Opera scheduled Autoupdate 1689936728 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [5656472 2025-01-21] (Opera Norway AS -> Opera Software)
Task: {98ADD1CB-DD16-4CBC-B892-0ECFD2F75BB3} - System32\Tasks\R@1n-KMS\Office15ProPlus => C:\WINDOWS\System32\Wbem\wmic.exe [576512 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> path SoftwareLicensingProduct where (ID="b322da9c-a2e2-4058-9e4e-f59a6970bd69") call Activate
Task: {C26F0910-D04C-4BF7-A881-BE9312337E19} - System32\Tasks\R@1n-KMS\Windows100Professional => C:\WINDOWS\System32\Wbem\wmic.exe [576512 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
Task: {1DC4CB87-94F6-4B47-B7C4-055DA884B126} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [289792 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "D:\adwcleaner(1).exe"
Task: {CFC5E9E4-E535-48E7-8230-8CE6D52FA9E1} - System32\Tasks\Uninstall AdwCleaner Application => D:\adwcleaner(1).exe [8790880 2025-01-17] (Malwarebytes Inc. -> Malwarebytes)
Task: {85DA25C3-E075-4F66-9077-49A1983BE762} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-17] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\..\Interfaces\{95700b23-ea30-4328-a854-90ea2adf3a16}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a68a613f-1463-49a8-b095-b62eec347a34}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a68a613f-1463-49a8-b095-b62eec347a34}\353494A4F4C494241445: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{a68a613f-1463-49a8-b095-b62eec347a34}\356425F554445383F5537484A5F5548545: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a84d63b9-6d61-46ad-b27b-c9c0caca4a97}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
Edge Profile: C:\Users\Mamou\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-27]
Edge Extension: (Google Docs hors connexion) - C:\Users\Mamou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Mamou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-01-27]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\opera.exe
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2024-11-25] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2024-11-25] (Intel Corporation -> Intel)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe [532648 2021-11-30] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [289280 2024-12-20] (Intel Corporation) [Fichier non signé]
R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78240 2024-05-14] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2354584 2024-05-14] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2629936 2024-05-14] (Intel Corporation -> Intel)
R2 Killer Provider Data Helper Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerProviderDataHelperService.exe [1088304 2024-05-14] (Intel Corporation -> Intel)
R2 KillerSmartphoneSleepService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KSPSService.exe [77616 2024-05-14] (Intel Corporation -> Rivet Networks, LLC.)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2024-05-14] (Intel Corporation -> Intel® Corporation)
U2 MoondustriesLosoce; C:\Program Files (x86)\MoondustriesLosoce\MoondustriesLosoce.exe [36169360 2023-08-23] (MangroveInstallCodes -> Necessary Daseke) [Fichier non signé]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909512 2023-11-14] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPNService.exe [464608 2024-12-11] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.WireGuardService.exe [464104 2024-12-11] (Proton AG -> ProtonVPN)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21605176 2024-05-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AlService; C:\Program Files (x86)\Alsoft\AlService.exe -s [X]
S2 ELANFPService; %SystemRoot%\System32\ELANFPService.exe [X]
S2 EsgShKernel; "C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe" [X]
S2 ShMonitor; "C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2023-10-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2023-10-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [128664 2021-01-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [201376 2021-01-27] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_2f4c83f014ffdaee\IntcUSB.sys [882848 2021-11-30] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84888 2021-01-21] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [248624 2024-05-14] (Intel Corporation -> Rivet Networks, LLC.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2023-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [86200 2022-08-18] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [95896 2024-05-16] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.5.1\Resources\ProtonVPN.CalloutDriver.sys [40360 2024-12-11] (Proton AG -> Proton AG)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1418184 2024-04-21] (Realtek Semiconductor Corp. -> Realtek Corporation)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203832 2023-10-15] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-08-18] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-07-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-28 19:02 - 2025-01-28 19:02 - 000023915 _____ C:\Users\Mamou\Desktop\FRST.txt
2025-01-28 19:01 - 2025-01-28 19:02 - 000000000 ____D C:\FRST
2025-01-28 18:19 - 2025-01-28 18:19 - 002403328 _____ (Farbar) C:\Users\Mamou\Desktop\FRST64.exe
2025-01-28 18:10 - 2025-01-28 18:10 - 000180627 _____ C:\Users\Mamou\Desktop\ZHPDiag.txt
2025-01-28 18:05 - 2025-01-28 18:05 - 003539656 _____ (Nicolas Coolman) C:\Users\Mamou\Desktop\ZHPSuite.exe
2025-01-28 17:38 - 2022-07-02 02:43 - 000725112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2025-01-28 17:38 - 2022-07-02 02:43 - 000609048 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2025-01-28 17:38 - 2022-07-02 02:43 - 000468032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2025-01-28 17:38 - 2022-07-02 02:43 - 000366008 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2025-01-28 17:38 - 2022-07-02 02:41 - 000204336 _____ C:\WINDOWS\system32\ControlLib32.dll
2025-01-27 15:25 - 2025-01-27 15:25 - 000000865 _____ C:\Users\Mamou\Desktop\ZHPDiag.lnk
2025-01-27 14:52 - 2025-01-27 14:52 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2025-01-17 20:26 - 2025-01-17 20:26 - 000000000 ____D C:\Users\Mamou\AppData\Local\ESET
2025-01-17 20:19 - 2025-01-17 20:20 - 000000000 ____D C:\AdwCleaner
2025-01-17 20:11 - 2025-01-27 17:35 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\9358e03516544a71a98bdd4e7cac8e4a0bb6126633a7d6f45ea6be8eef883e8c
2025-01-17 20:11 - 2025-01-27 15:12 - 000146052 _____ C:\Users\Mamou\AppData\LocalLow\8dfd6257892491a2797ca236e860a5a666d0563920a03e040b4d649596856af8
2025-01-17 19:56 - 2025-01-17 19:56 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-01-17 19:56 - 2025-01-17 19:56 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Users\Mamou\AppData\LocalLow\NVIDIA
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Users\Mamou\AppData\Local\NVIDIA Corporation
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Users\Mamou\ansel
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-01-17 19:56 - 2025-01-17 19:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-01-17 19:56 - 2024-11-26 08:37 - 003074088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-01-17 19:56 - 2024-11-26 08:37 - 002369064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-01-17 19:56 - 2024-11-26 08:37 - 000270888 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-01-17 19:56 - 2024-11-26 08:37 - 000245288 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-01-17 19:56 - 2024-11-26 08:17 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-01-17 19:56 - 2024-11-26 08:17 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 002060664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 002060664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 001600376 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 001600376 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-01-17 19:54 - 2024-12-04 19:05 - 001452432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 001452432 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 001301880 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 001301880 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 000478384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2025-01-17 19:54 - 2024-12-04 19:05 - 000374432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2025-01-17 19:54 - 2024-12-04 19:02 - 001114792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2025-01-17 19:54 - 2024-12-04 19:02 - 000670352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2025-01-17 19:54 - 2024-12-04 19:02 - 000505504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2025-01-17 19:54 - 2024-12-04 19:01 - 025450120 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2025-01-17 19:54 - 2024-12-04 19:01 - 001554608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2025-01-17 19:54 - 2024-12-04 19:01 - 001208992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2025-01-17 19:54 - 2024-12-04 19:01 - 000863888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2025-01-17 19:54 - 2024-12-04 19:00 - 016811696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 002185360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 001634464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 001042072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 000801432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2025-01-17 19:54 - 2024-12-04 19:00 - 000462480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2025-01-17 19:54 - 2024-12-04 18:59 - 017736840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 006953104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 005909664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 005435544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 003807888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2025-01-17 19:54 - 2024-12-04 18:59 - 000853680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2025-01-17 19:54 - 2024-12-04 18:58 - 007158560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2025-01-17 19:54 - 2024-12-04 18:58 - 006236264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2025-01-17 19:54 - 2024-12-04 02:11 - 000132703 _____ C:\WINDOWS\system32\nvinfo.pb
2025-01-17 19:54 - 2024-11-26 08:17 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2025-01-17 19:49 - 2025-01-17 19:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks
2025-01-17 19:49 - 2025-01-17 19:49 - 000000000 ____D C:\ProgramData\RivetNetworks
2025-01-17 19:43 - 2025-01-13 12:30 - 000753976 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-01-17 19:43 - 2025-01-13 12:30 - 000640296 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-01-17 19:43 - 2025-01-13 12:28 - 000945552 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-01-17 19:43 - 2025-01-13 12:22 - 002021720 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-01-17 19:43 - 2025-01-13 12:22 - 000783160 _____ C:\WINDOWS\system32\SET4E0E.tmp
2025-01-17 19:43 - 2025-01-13 12:22 - 000543544 _____ C:\WINDOWS\system32\SET4E10.tmp
2025-01-17 19:43 - 2025-01-13 12:20 - 000322104 _____ C:\WINDOWS\system32\ControlLib.dll
2025-01-17 19:43 - 2025-01-13 12:20 - 000269416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-01-17 19:39 - 2025-01-17 19:39 - 000002264 _____ C:\Users\Mamou\AppData\LocalLow\DeviceId=9A60_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=msedgewebview2=ms-teams.exe_ApiClient=D3D12
2025-01-17 19:38 - 2025-01-17 19:38 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\NVIDIA
2025-01-17 19:37 - 2025-01-27 14:52 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\d5826293baad6c227478a91d0a95b5a4fc15a7b106925dad6bf1bc5ce08a9501
2025-01-17 19:37 - 2025-01-27 14:49 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\ad27610716c700ca9bae8ae32c878645c6c9c14221e240f45c30bf64623785bf
2025-01-17 19:37 - 2025-01-18 18:59 - 000028037 _____ C:\Users\Mamou\AppData\LocalLow\06dfe747e2d572285f3d69e619ebea7c66ddaa52a0f2f9df16fa0ce6bd768c63
2025-01-17 19:37 - 2025-01-17 19:37 - 000012449 _____ C:\Users\Mamou\AppData\LocalLow\7344685287ec5678abcc40f8f6b150f450640bd0ed12b4c45ae801d27bd0fcfa
2025-01-17 19:37 - 2025-01-17 19:37 - 000005873 _____ C:\Users\Mamou\AppData\LocalLow\8c67da7a54c924745740c299d30eb491cc4fe37693f9a41deddb08b16c7f7f54
2025-01-17 19:37 - 2025-01-17 19:37 - 000000026 _____ C:\Users\Mamou\AppData\LocalLow\5b0eb39622c9d88ea6f7bf864792495c95b13c118a1f883fb94f99377fef5ccc
2025-01-17 19:32 - 2025-01-17 19:32 - 000003600 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-01-17 19:32 - 2024-10-03 23:33 - 000049888 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\semav6msr64.sys
2025-01-17 19:31 - 2025-01-17 19:31 - 000000000 ____D C:\Users\Mamou\AppData\Local\NEO
2025-01-17 19:31 - 2025-01-17 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-01-17 19:30 - 2025-01-28 17:38 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\ee73237d1d921ea5db71dd21c3a1558176dcc6c734e2b948a2d022bb6579b835
2025-01-17 19:30 - 2025-01-17 20:00 - 000000000 ____D C:\Program Files (x86)\Intel
2025-01-17 19:30 - 2025-01-17 19:32 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-01-17 19:30 - 2025-01-17 19:32 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-01-17 19:30 - 2025-01-17 19:31 - 000000000 ____D C:\Users\Mamou\AppData\Local\Intel
2025-01-17 19:30 - 2025-01-17 19:30 - 000008086 _____ C:\Users\Mamou\AppData\LocalLow\abab24240f9c8e040418c03ff9891fccff776bc91212c348e05dd9200f613684
2025-01-17 19:30 - 2025-01-17 19:30 - 000005882 _____ C:\Users\Mamou\AppData\LocalLow\41bc3e70c7ff1f2b92ee16baab0f845c9673d16f14a1f1cb9d10ffc532d3cec9
2025-01-17 19:30 - 2025-01-17 19:30 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2025-01-17 19:30 - 2025-01-17 19:30 - 000000130 _____ C:\Users\Mamou\AppData\LocalLow\d65d4727fa6c6c11c869d4d256ccfceb0736c6ed5d6c1ec9ec2b37fffb3c63d7
2025-01-17 19:29 - 2025-01-28 17:37 - 000000000 ____D C:\Program Files\dotnet
2025-01-17 19:29 - 2025-01-17 19:46 - 000000000 ____D C:\Program Files\Intel
2025-01-17 18:32 - 2025-01-17 18:32 - 000000000 ___HD C:\$WinREAgent
2025-01-17 18:17 - 2025-01-27 15:47 - 000000000 ____D C:\Program Files\Cybelsoft
2025-01-17 17:53 - 2025-01-17 17:53 - 000003794 _____ C:\WINDOWS\system32\Tasks\DLLSearchUpdater
2025-01-14 14:52 - 2025-01-14 14:55 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-11-26 14:30 - 2024-11-26 14:30 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-26 14:29 - 2024-11-26 14:29 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-28 18:56 - 2023-07-21 14:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-28 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-28 18:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-01-28 18:20 - 2023-08-25 22:21 - 000000875 _____ C:\Users\Mamou\Desktop\ZHPCleaner.lnk
2025-01-28 18:10 - 2023-08-25 22:21 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\ZHP
2025-01-28 18:06 - 2023-08-26 13:52 - 000000865 _____ C:\Users\Mamou\Desktop\ZHPSuite.lnk
2025-01-28 18:03 - 2023-07-23 13:52 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\Microsoft\Excel
2025-01-28 17:40 - 2023-08-03 16:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-28 17:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-28 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-28 17:38 - 2023-08-27 10:35 - 000000000 ____D C:\Users\Mamou\AppData\Local\CrashDumps
2025-01-28 17:38 - 2023-08-24 17:12 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-28 17:38 - 2023-07-21 11:41 - 000000000 ____D C:\Intel
2025-01-28 17:15 - 2023-07-21 12:16 - 000000000 __SHD C:\Users\Mamou\IntelGraphicsProfiles
2025-01-27 17:38 - 2023-07-21 11:26 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-27 16:05 - 2023-07-23 13:52 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\Microsoft\Word
2025-01-27 16:04 - 2023-07-21 11:54 - 000000000 ____D C:\Users\Mamou\AppData\Local\D3DSCache
2025-01-27 15:57 - 2023-07-21 14:50 - 001771634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-27 15:57 - 2019-12-07 15:50 - 000794660 _____ C:\WINDOWS\system32\perfh00C.dat
2025-01-27 15:57 - 2019-12-07 15:50 - 000150774 _____ C:\WINDOWS\system32\perfc00C.dat
2025-01-27 15:53 - 2023-08-01 17:19 - 000000000 ____D C:\Program Files\TeamViewer
2025-01-27 15:53 - 2023-07-21 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-27 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-27 15:52 - 2023-07-21 14:42 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-27 15:52 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-01-27 15:47 - 2023-10-17 18:55 - 000000000 ____D C:\Program Files (x86)\SlySoft
2025-01-27 15:25 - 2023-08-25 22:21 - 000000000 ____D C:\Users\Mamou\AppData\Local\ZHP
2025-01-27 14:52 - 2023-07-21 13:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-27 14:52 - 2023-07-21 10:33 - 000000000 ____D C:\Users\Mamou\AppData\Local\Packages
2025-01-27 11:01 - 2024-03-29 13:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-27 11:01 - 2023-07-21 14:45 - 000004044 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1689936728
2025-01-27 11:01 - 2023-07-21 11:52 - 000001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2025-01-27 11:01 - 2023-07-21 11:49 - 000000000 ____D C:\Program Files\Opera
2025-01-27 10:59 - 2023-07-21 14:43 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-17 20:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-17 20:11 - 2023-07-23 13:29 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\vlc
2025-01-17 20:03 - 2023-08-26 12:23 - 000001382 _____ C:\Users\Mamou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-01-17 19:56 - 2023-07-21 13:46 - 000000000 ____D C:\Users\Mamou
2025-01-17 19:56 - 2023-07-21 11:54 - 000000000 ____D C:\Users\Mamou\AppData\Local\NVIDIA
2025-01-17 19:56 - 2023-07-21 11:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-17 19:56 - 2023-07-21 11:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-01-17 19:56 - 2023-07-21 10:49 - 000000000 ____D C:\ProgramData\Packages
2025-01-17 19:55 - 2023-07-21 11:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2025-01-17 19:36 - 2023-07-23 17:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-17 19:36 - 2023-07-21 14:42 - 000287480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-17 19:30 - 2023-07-21 11:41 - 000000000 ____D C:\ProgramData\Intel
2025-01-17 18:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-17 18:34 - 2023-07-21 14:46 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-17 18:31 - 2023-07-21 11:40 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-17 18:31 - 2023-07-21 11:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-17 18:07 - 2023-07-21 10:48 - 000000000 ____D C:\Users\Mamou\AppData\Local\ElevatedDiagnostics
2025-01-16 11:12 - 2023-07-23 13:52 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\Microsoft\Office
2025-01-14 15:04 - 2024-09-21 19:36 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\plug
2025-01-14 15:04 - 2024-09-21 19:35 - 000000000 ____D C:\Users\Mamou\AppData\Roaming\WycT1ndu
2025-01-14 14:55 - 2023-11-24 19:01 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-01-13 18:21 - 2024-10-24 16:56 - 000001050 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2025-01-13 18:21 - 2024-10-24 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-01-13 12:02 - 2023-08-26 12:49 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2025-01-13 12:02 - 2023-08-26 12:49 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-12-29 19:43 - 2023-07-21 14:46 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-29 19:43 - 2023-07-21 14:46 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d9bbd946179b0c
==================== Fichiers à la racine de certains dossiers ========
2024-10-24 19:24 - 2024-10-24 19:24 - 000000218 _____ () C:\Users\Mamou\AppData\Local\recently-used.xbel
==================== SigCheckExt =========================
2023-10-29 16:56 - 1998-01-23 12:20 - 000305664 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn040c.exe
2025-01-28 18:19 - 2025-01-28 18:19 - 002403328 _____ (Farbar) C:\Users\Mamou\Desktop\FRST64.exe
2023-07-21 10:38 - 2020-07-26 20:30 - 000856528 _____ (www.sordum.org) C:\Users\Mamou\Desktop\TempCleaner_x64.exe
2025-01-28 18:05 - 2025-01-28 18:05 - 003539656 _____ (Nicolas Coolman) C:\Users\Mamou\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {56b0d8e2-279b-11ee-80c1-af782d184564}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 3
Chargeur de démarrage Windows
-----------------------------
identificateur {15584db6-e4a8-4292-a757-f5aa81e6ddf2}
device ramdisk=[C:]\Aomei\AomeiBoot.wim,{5b11e17a-3ad8-4bfc-9bfc-b9b567b9c9f8}
description Aomei PE
osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{5b11e17a-3ad8-4bfc-9bfc-b9b567b9c9f8}
systemroot \Windows
nx OptIn
detecthal Yes
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8385e362-27cc-11ee-bf6b-a047c48fe060}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {56b0d8e2-279b-11ee-80c1-af782d184564}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {8385e362-27cc-11ee-bf6b-a047c48fe060}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{8385e363-27cc-11ee-bf6b-a047c48fe060}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{8385e363-27cc-11ee-bf6b-a047c48fe060}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {56b0d8e2-279b-11ee-80c1-af782d184564}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {8385e362-27cc-11ee-bf6b-a047c48fe060}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {5b11e17a-3ad8-4bfc-9bfc-b9b567b9c9f8}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
Options de périphérique
-----------------------
identificateur {8385e363-27cc-11ee-bf6b-a047c48fe060}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================