Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2025 Exécuté par dede (administrateur) sur DESKTOP-6D9CH37 (HP Victus by HP Gaming Laptop 16-s0xxx) (21-01-2025 09:17:42) Exécuté depuis D:\02-WINDOWS\04-ANTI-VIRUS\FRST64\FRST64.exe Profils chargés: dede Plate-forme: Microsoft Windows 11 Professionnel Version 24H2 26100.1742 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (C:\PE\PortableApps\OperaPortable\App\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\PE\PortableApps\OperaPortable\App\Opera\114.0.5282.154\opera_crashreporter.exe (C:\PE\PortableApps\OperaPortable\OperaPortable.exe ->) (Opera Norway AS -> Opera Software) C:\PE\PortableApps\OperaPortable\App\Opera\opera.exe <21> (C:\PE\PortableApps\PortableApps.com\PortableAppsPlatform.exe ->) (RARE IDEAS, LLC -> PortableApps.com) C:\PE\PortableApps\OperaPortable\OperaPortable.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10034.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe <7> (DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\BridgeCommunication.exe (DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOCL64.exe (DriverStore\FileRepository\u0405108.inf_amd64_503e66e8c3c22031\B404968\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0405108.inf_amd64_503e66e8c3c22031\B404968\atieclxx.exe (explorer.exe ->) () [Fichier non signé] D:\99-TODISPATCH\Universal Virus Sniffer 4.15 [FileCR]\Universal Virus Sniffer 4.15\update.exe (explorer.exe ->) (Advanced Network Software) [Fichier non signé] C:\Users\dede\Downloads\wmi-explorer_1-16_en_70284\wmiexplorer.exe (explorer.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe (explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2410.21.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (explorer.exe ->) (Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe (RARE IDEAS, LLC -> PortableApps.com) C:\PE\PortableApps\PortableApps.com\PortableAppsPlatform.exe (services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0405108.inf_amd64_503e66e8c3c22031\B404968\atiesrxx.exe (services.exe ->) (Broadcom Inc -> Broadcom) C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\sepWscSvc64.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe <3> (services.exe ->) (Red Hat Inc. -> ) [Fichier non signé] C:\Program Files\Virtio-Win\Balloon\blnsvr.exe (services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOMN64.exe (services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\ccSvcHst.exe <3> (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.18.10301.0_x64__8wekyb3d8bbwe\OpenConsole.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.18.10301.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe (SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114040 2024-10-03] (Broadcom Inc -> VMware, Inc.) HKLM Group Policy restriction on software: %SystemDrive%\$Recycle.Bin\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\* <==== ATTENTION HKLM Group Policy restriction on software: %SystemRoot%\Fonts\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Packages\* <==== ATTENTION HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Internet Explorer\Quick Launch\* <==== ATTENTION HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Windows\Start Menu\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Temp\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Google\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Package Cache\* <==== ATTENTION HKLM Group Policy restriction on software: %SystemDrive%\Users\Public\* <==== ATTENTION HKLM Group Policy restriction on software: D:\02-WINDOWS\03-REPAIR\S.O.S\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\UVK\* <==== ATTENTION HKLM Group Policy restriction on software: %APPDATA%\Microsoft\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\Downloads\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Skype\* <==== ATTENTION HKLM Group Policy restriction on software: %SystemDrive%\Users\Public\Desktop\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\AppData\LocalLow\Microsoft\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\Windows\Application Shortcuts\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Oracle\Java\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Adobe\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\Desktop\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Intuit\* <==== ATTENTION HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Windows\Recent\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Microsoft\* <==== ATTENTION HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Intel\* <==== ATTENTION HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache\* <==== ATTENTION HKU\S-1-5-21-1400213605-400097259-2155796857-1001\...\Run: [MicrosoftEdgeAutoLaunch_89EEE8D8F701444F8CB0EA39765EE95D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1400213605-400097259-2155796857-1001\...\Run: [OneDrive] => "C:\Users\dede\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (Pas de fichier) GroupPolicy: Restriction - Edge <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {CB1C44FD-3F67-4B54-8291-3916CE1F3597} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe -> C:\Program Files\DrWeb\/full Task: {5CD5C6A4-21E5-45AE-8B05-295CAA72C0E6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {9A61542F-943D-465E-AB5B-5CE48CB3E887} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation) Task: {6EEB41E7-1F7E-45EF-8E49-99ACC3FE739A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation) Task: {B7B57560-71D6-4499-9EE6-0E08A46D2701} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation) Task: {4E9B6C52-A13F-4A36-AAB4-DBF832D397A8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [192144 2025-01-20] (Microsoft Corporation -> Microsoft Corporation) Task: {8949CFBA-2D1B-4394-9ED3-1292E90ADE09} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [206927936 2025-01-21] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7" Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {02E6BE0A-7BA1-433C-AEF8-81CF3D80C1BF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1400213605-400097259-2155796857-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier) Task: {6187BB94-B155-4E7D-8D3C-6C336394213E} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\SymErr.exe [100552 2024-12-26] (Symantec Corporation -> Broadcom) Task: {A3238C24-0D41-4E61-9E48-2A39C10B80AD} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\SymErr.exe [100552 2024-12-26] (Symantec Corporation -> Broadcom) Task: {3CDF1E6C-6390-4A55-9323-3F354253C4BC} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\SymErr.exe [100552 2024-12-26] (Symantec Corporation -> Broadcom) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{70fad5d0-1876-43ae-8f8b-157c442a0f6a}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Edge: ======= Edge Profile: C:\Users\dede\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-21] Edge Extension: (Google Docs hors connexion) - C:\Users\dede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-20] Edge Extension: (Edge relevant text changes) - C:\Users\dede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-01-20] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-01-20] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BalloonService; C:\Program Files\Virtio-Win\Balloon\blnsvr.exe [198696 2024-10-22] (Red Hat Inc. -> ) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13572312 2025-01-03] (Microsoft Corporation -> Microsoft Corporation) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileSyncHelper.exe [2576264 2025-01-20] (Microsoft Corporation -> Microsoft Corporation) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe [887904 2024-12-10] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe [886392 2024-12-10] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe [882296 2024-12-10] (HP Inc. -> HP Inc.) R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe [755248 2024-10-25] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe [887392 2024-12-10] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-01-20] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\OneDriveUpdaterService.exe [2883976 2025-01-20] (Microsoft Corporation -> Microsoft Corporation) R2 SECOMNService; C:\WINDOWS\System32\DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOMN64.exe [992496 2024-05-09] (Sound Research Corporation -> Sound Research, Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [505608 2024-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SepLpsService; C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\ccSvcHst.exe [190152 2024-12-26] (Symantec Corporation -> Broadcom) R2 SepMasterService; C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\ccSvcHst.exe [190152 2024-12-26] (Symantec Corporation -> Broadcom) R2 SepScanService; C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\bin64\ccSvcHst.exe [190152 2024-12-26] (Symantec Corporation -> Broadcom) R2 sepWscSvc; C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\sepWscSvc64.exe [1391872 2024-12-26] (Broadcom Inc -> Broadcom) S3 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Bin64\snac64.exe [173256 2024-12-26] (Symantec Corporation -> Broadcom) S3 VirtioFsSvc; C:\Program Files\Virtio-Win\VioFS\virtiofs.exe [240296 2024-10-25] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [77176 2024-10-03] (Broadcom Inc -> VMware, Inc.) R2 VMnetDHCP; C:\WINDOWS\SysWOW64\vmnetdhcp.exe [373112 2024-10-03] (Broadcom Inc -> VMware, Inc.) R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [1009112 2024-07-18] (Broadcom Inc -> VMware, Inc.) R2 VMware NAT Service; C:\WINDOWS\SysWOW64\vmnat.exe [420216 2024-10-03] (Broadcom Inc -> VMware, Inc.) S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64888 2024-10-03] (Broadcom Inc -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-01-20] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-01-20] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_83e4d032c48bb725\amdacpafd.sys [432448 2024-07-06] (AMD Test Build -> Advanced Micro Devices) R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [55672 2024-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0405108.inf_amd64_503e66e8c3c22031\B404968\amdkmdag.sys [106151616 2024-07-09] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Data\Definitions\BASHDefs\20250115.011\BHDrvx64.sys [1706616 2025-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2024-04-01] (Microsoft Corporation) [Fichier non signé] R1 ccSettings_{A3E7E0E5-615C-4355-964F-A58E97CFC695}; C:\WINDOWS\System32\Drivers\SEP\0E032BD0\2328.105\x64\ccSetx64.sys [190464 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527976 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) U3 EraserUtilDrv11915; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11915.sys [159848 2025-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2024-07-18] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_7a1ef17ecb1f36ce\x64\hpomencustomcapdriver.sys [24968 2024-07-12] (HP Inc. -> HP Inc.) R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Data\Definitions\IPSDefs\20250117.094\IDSvia64.sys [1565712 2025-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 IpuMcdmDriver; C:\WINDOWS\System32\DriverStore\FileRepository\kipudrv.inf_amd64_162e5d248c659e75\ipustack.sys [313016 2024-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) R3 MTKBTFilterx64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_4e18fe2e122d5d00\mtkbtfilterx.sys [326744 2024-05-16] (MEDIATEK INC. -> MediaTek Inc.) R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_f698a1260525f27b\mtkwl6ex.sys [1471584 2024-05-16] (MEDIATEK INC. -> MediaTek Inc.) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [246504 2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation) S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek) R1 SRTSP; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Data\SymPlatform\SRTSP64.SYS [997496 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E032BD0\2328.105\x64\SRTSPX64.SYS [43640 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 SyDvCtrl; C:\WINDOWS\system32\Drivers\SEP\0E032BD0\2328.105\x64\sydvctrl.sys [30208 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0705030.037\symefasi64.sys [2169312 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E032BD0\2328.105\x64\SymELAM.sys [27136 2024-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100832 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 SymEvnt; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.11216.9000.105\Data\SymPlatform\SymEvnt.sys [951808 2024-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E032BD0\2328.105\x64\Ironx64.SYS [298512 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E032BD0\2328.105\x64\symnets.sys [484456 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SysPlant; C:\WINDOWS\System32\Drivers\SEP\0E032BD0\2328.105\x64\sysplant.sys [229904 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [107520 2024-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [106424 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R3 VMnetAdapter; C:\WINDOWS\System32\drivers\vmnetadapter.sys [31288 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [53704 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R2 VMnetuserif; C:\WINDOWS\system32\DRIVERS\vmnetuserif.sys [30664 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R2 vmx86; C:\WINDOWS\system32\DRIVERS\vmx86.sys [100920 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [91176 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2025-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2025-01-20] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2025-01-20] (Microsoft Windows -> Microsoft Corporation) S1 npcap; \SystemRoot\system32\DRIVERS\npcap.sys [X] U4 npcap_wifi; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-01-21 09:29 - 2025-01-21 09:29 - 000000610 __RSH C:\ProgramData\ntuser.pol 2025-01-21 09:16 - 2025-01-21 09:18 - 000000000 ____D C:\FRST 2025-01-21 08:59 - 2025-01-21 09:02 - 000000000 ____D C:\Users\dede\Downloads\wmi-explorer_1-16_en_70284 2025-01-21 08:58 - 2025-01-21 08:58 - 000558803 _____ C:\Users\dede\Downloads\wmi-explorer_1-16_en_70284.zip 2025-01-21 08:54 - 2025-01-21 08:55 - 000000000 ____D C:\Users\dede\.zenmap 2025-01-21 08:53 - 2025-01-21 08:54 - 000002228 _____ C:\Users\dede\Desktop\Nmap - Zenmap GUI.lnk 2025-01-21 08:50 - 2025-01-21 08:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap 2025-01-21 08:50 - 2025-01-21 08:50 - 000000000 ____D C:\WINDOWS\system32\Npcap 2025-01-21 08:49 - 2025-01-21 08:53 - 000000000 ____D C:\Program Files\Npcap 2025-01-21 08:48 - 2025-01-21 08:53 - 000000000 ____D C:\Program Files (x86)\Nmap 2025-01-21 08:46 - 2025-01-21 08:46 - 000774650 _____ C:\WINDOWS\system32\perfh00C.dat 2025-01-21 08:46 - 2025-01-21 08:46 - 000156800 _____ C:\WINDOWS\system32\perfc00C.dat 2025-01-20 23:56 - 2025-01-20 23:57 - 000000036 _____ C:\Users\dede\Desktop\Nouveau Document texte.txt 2025-01-20 23:47 - 2024-08-19 22:24 - 000006821 _____ C:\rearm.cmd 2025-01-20 23:46 - 2025-01-20 23:46 - 000014609 _____ C:\Users\dede\Downloads\rearm-principalis.zip 2025-01-20 23:46 - 2024-08-19 22:24 - 000000000 ____D C:\Users\dede\Downloads\rearm-principalis 2025-01-20 23:43 - 2025-01-20 23:44 - 431444445 _____ C:\Users\dede\Downloads\Toyota Techstream v14.20.019.7z 2025-01-20 23:39 - 2025-01-20 23:39 - 000325883 _____ C:\Users\dede\Downloads\Microsoft-Activation-Scripts-master.zip 2025-01-20 23:39 - 2025-01-20 23:39 - 000000000 ____D C:\Users\dede\Downloads\Microsoft-Activation-Scripts-master 2025-01-20 23:34 - 2025-01-20 23:36 - 000337566 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt 2025-01-20 23:34 - 2025-01-20 23:34 - 000000000 ____D C:\Program Files (x86)\Tweaking.com 2025-01-20 23:30 - 2025-01-20 23:30 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\Office 2025-01-20 23:29 - 2025-01-20 23:29 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\Excel 2025-01-20 23:29 - 2025-01-20 23:29 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\AddIns 2025-01-20 23:20 - 2025-01-20 23:20 - 000000000 ___RD C:\Users\Default\OneDrive 2025-01-20 23:20 - 2025-01-20 23:20 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2025-01-20 23:15 - 2025-01-20 23:15 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2025-01-20 23:09 - 2025-01-20 23:09 - 000002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2025-01-20 23:09 - 2025-01-20 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2025-01-20 22:51 - 2025-01-20 23:49 - 000000000 ____D C:\Users\dede\AppData\Roaming\tixati 2025-01-20 22:51 - 2025-01-20 23:19 - 000000000 ____D C:\Program Files\Microsoft Office 2025-01-20 22:51 - 2025-01-20 22:51 - 000000000 ____D C:\Program Files\Microsoft Office 15 2025-01-20 22:27 - 2025-01-20 22:27 - 000000000 ____D C:\WINDOWS\Minidump 2025-01-20 20:52 - 2025-01-20 20:53 - 662700032 _____ C:\Users\dede\Desktop\debian-12.9.0-amd64-netinst.iso 2025-01-20 20:51 - 2025-01-20 20:51 - 000000494 _____ C:\Users\dede\Desktop\debSHA512SUMS.txt 2025-01-20 20:40 - 2025-01-20 20:40 - 000000883 _____ C:\Users\dede\Desktop\Start.exe - Raccourci.lnk 2025-01-20 19:50 - 2025-01-20 19:50 - 000047539 _____ C:\Users\dede\Desktop\flame-vm.ps1 2025-01-20 19:45 - 2025-01-20 19:45 - 000000000 ____D C:\Users\dede\AppData\Local\Deployment 2025-01-20 19:45 - 2025-01-20 19:45 - 000000000 ____D C:\Users\dede\AppData\Local\Apps\2.0 2025-01-20 19:36 - 2025-01-20 19:36 - 000000000 ____D C:\Users\dede\AppData\Local\NVIDIA 2025-01-20 19:27 - 2025-01-20 19:27 - 000000000 ____D C:\Users\dede\AppData\Local\VirtualStore 2025-01-20 19:20 - 2025-01-20 19:20 - 000000000 ____D C:\Users\dede\AppData\Roaming\NVIDIA 2025-01-20 19:15 - 2025-01-21 08:39 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-01-20 19:15 - 2025-01-20 19:15 - 000000000 ____D C:\Users\dede\AppData\Local\Symantec 2025-01-20 19:15 - 2025-01-20 19:15 - 000000000 ____D C:\ProgramData\Propagation 2025-01-20 19:15 - 2025-01-20 19:15 - 000000000 ____D C:\ProgramData\AMD 2025-01-20 19:11 - 2025-01-21 08:43 - 000000000 ____D C:\temp 2025-01-20 19:11 - 2025-01-20 19:11 - 000000000 ____D C:\WINDOWS\Sun 2025-01-20 19:11 - 2025-01-20 19:11 - 000000000 ____D C:\WINDOWS\Java 2025-01-20 19:11 - 2025-01-20 19:11 - 000000000 ____D C:\Users\dede\AppData\Local\PeerDistRepub 2025-01-20 19:11 - 2025-01-20 19:11 - 000000000 ____D C:\Users\dede\AppData\Local\CrashDumps 2025-01-20 19:11 - 2025-01-12 13:00 - 000006794 _____ C:\auditbaseline.csv 2025-01-20 19:10 - 2025-01-20 19:10 - 000000000 ____D C:\Users\dede\AppData\Local\OO Software 2025-01-20 19:08 - 2025-01-21 08:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection 2025-01-20 19:08 - 2025-01-20 19:08 - 000000000 ____D C:\Users\dede\AppData\LocalLow\AMD 2025-01-20 19:07 - 2025-01-20 19:19 - 000000000 ____D C:\Program Files\Symantec 2025-01-20 19:07 - 2025-01-20 19:08 - 000000000 ____D C:\ProgramData\Symantec 2025-01-20 19:07 - 2025-01-20 19:07 - 000483016 _____ (Broadcom) C:\WINDOWS\system32\SymVPN.dll 2025-01-20 19:07 - 2025-01-20 19:07 - 000455368 _____ (Broadcom) C:\WINDOWS\system32\FwsVpn.dll 2025-01-20 19:07 - 2025-01-20 19:07 - 000390344 _____ (Broadcom) C:\WINDOWS\SysWOW64\SymVPN.dll 2025-01-20 19:07 - 2025-01-20 19:07 - 000366792 _____ (Broadcom) C:\WINDOWS\SysWOW64\FwsVpn.dll 2025-01-20 19:07 - 2025-01-20 19:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\symefasi 2025-01-20 19:07 - 2025-01-20 19:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\SEP 2025-01-20 19:07 - 2025-01-20 19:07 - 000000000 ____D C:\ProgramData\SymEFASI 2025-01-20 19:07 - 2025-01-20 19:07 - 000000000 ____D C:\ProgramData\regid.1992-12.com.symantec 2025-01-20 19:07 - 2025-01-20 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection 2025-01-20 19:07 - 2025-01-20 19:07 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared 2025-01-20 19:06 - 2025-01-20 19:06 - 000000000 ____D C:\ProgramData\Temp 2025-01-20 19:02 - 2025-01-20 19:02 - 000000000 ____D C:\Users\dede\AppData\Local\Patch_My_PC,_LLC 2025-01-20 19:00 - 2025-01-20 19:02 - 000000000 ___HD C:\$WinREAgent 2025-01-20 18:58 - 2025-01-20 18:58 - 000000000 ____D C:\Users\dede\Documents\PowerShell 2025-01-20 18:58 - 2025-01-20 18:58 - 000000000 ____D C:\Users\dede\AppData\Roaming\NuGet 2025-01-20 18:58 - 2025-01-20 18:58 - 000000000 ____D C:\PE 2025-01-20 18:57 - 2024-12-27 10:55 - 006568872 _____ (PortableApps.com) C:\PortableApps.com_Platform_Setup_29.5.3.paf.exe 2025-01-20 18:56 - 2025-01-20 18:56 - 000000000 ____D C:\WINDOWS\Firmware 2025-01-20 18:53 - 2025-01-20 18:53 - 000000000 ____D C:\Users\dede\AppData\Local\PlaceholderTileLogoFolder 2025-01-20 18:51 - 2025-01-21 08:45 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-01-20 18:47 - 2025-01-20 18:47 - 000000000 ____D C:\Users\dede\AppData\Roaming\Synaptics 2025-01-20 18:46 - 2025-01-21 08:53 - 000000000 ____D C:\Users\dede\AppData\Roaming\VMware 2025-01-20 18:46 - 2025-01-21 08:47 - 000000000 ____D C:\Users\dede\AppData\Local\VMware 2025-01-20 18:46 - 2025-01-20 18:46 - 000000000 ____D C:\Users\dede\Doctor Web 2025-01-20 18:45 - 2025-01-20 19:20 - 000000000 ____D C:\Users\dede\AppData\Local\AMD 2025-01-20 18:45 - 2024-07-09 22:03 - 001031464 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2025-01-20 18:45 - 2024-07-09 22:03 - 000632000 _____ C:\WINDOWS\system32\GameManager64.dll 2025-01-20 18:45 - 2024-07-09 22:03 - 000526016 _____ C:\WINDOWS\system32\EEURestart.exe 2025-01-20 18:45 - 2024-07-09 22:03 - 000479640 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2025-01-20 18:45 - 2024-07-09 22:03 - 000280360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2025-01-20 18:45 - 2024-07-09 22:03 - 000236736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2025-01-20 18:45 - 2024-07-09 22:03 - 000196288 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2025-01-20 18:45 - 2024-07-09 22:03 - 000190760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2025-01-20 18:45 - 2024-07-09 22:03 - 000150208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 002288024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 002152640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 001796800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 001796800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 001347760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 001254600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 001077184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 001055528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 000558888 _____ C:\WINDOWS\system32\atieah64.exe 2025-01-20 18:45 - 2024-07-09 22:02 - 000473384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 000421568 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2025-01-20 18:45 - 2024-07-09 22:02 - 000142528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 000139968 _____ C:\WINDOWS\system32\amdxc64.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 000117040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 000116632 _____ C:\WINDOWS\SysWOW64\amdxc32.dll 2025-01-20 18:45 - 2024-07-09 22:02 - 000075048 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 110292784 _____ C:\WINDOWS\system32\amd_comgr_2.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 007598784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 007373608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 002921768 _____ C:\WINDOWS\system32\amd-smi.exe 2025-01-20 18:45 - 2024-07-09 22:01 - 000801576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 000785304 _____ C:\WINDOWS\system32\hiprt0200064.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 000678696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 000591152 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 000546200 _____ C:\WINDOWS\system32\dgtrayicon.exe 2025-01-20 18:45 - 2024-07-09 22:01 - 000471440 _____ C:\WINDOWS\system32\amdlogum.exe 2025-01-20 18:45 - 2024-07-09 22:01 - 000449320 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 000344368 _____ C:\WINDOWS\system32\clinfo.exe 2025-01-20 18:45 - 2024-07-09 22:01 - 000051392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2025-01-20 18:45 - 2024-07-09 22:01 - 000048320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 105432984 _____ C:\WINDOWS\system32\amd_comgr.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 093902128 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 021762456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 020438424 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64_6.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 001726432 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 001400888 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 000177048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 000168648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 000161696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 000145816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 000140632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2025-01-20 18:45 - 2024-07-09 22:00 - 000134296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2025-01-20 18:45 - 2024-07-09 21:59 - 000552984 _____ C:\WINDOWS\system32\amdmiracast.dll 2025-01-20 18:45 - 2024-07-09 21:59 - 000178976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2025-01-20 18:45 - 2024-07-09 21:59 - 000168536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2025-01-20 18:45 - 2024-07-09 21:59 - 000154248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2025-01-20 18:45 - 2024-07-09 21:59 - 000140632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2025-01-20 18:45 - 2024-07-09 21:24 - 113284336 _____ C:\WINDOWS\system32\amdxc64.so 2025-01-20 18:45 - 2024-07-09 21:24 - 009172760 _____ C:\WINDOWS\system32\hiprt02000_amd.hipfb 2025-01-20 18:45 - 2024-07-09 21:24 - 002254736 _____ C:\WINDOWS\system32\oro_compiled_kernels.hipfb 2025-01-20 18:45 - 2024-07-09 21:24 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin 2025-01-20 18:45 - 2024-07-09 21:24 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin 2025-01-20 18:45 - 2024-07-09 21:24 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin 2025-01-20 18:45 - 2024-07-09 21:24 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin 2025-01-20 18:44 - 2025-01-20 18:45 - 000000000 ____D C:\ProgramData\HP 2025-01-20 18:44 - 2025-01-20 18:44 - 000000000 ____D C:\Users\dede\AppData\Roaming\HP 2025-01-20 18:43 - 2025-01-20 18:43 - 000000000 ____D C:\Users\dede\AppData\Local\winutil 2025-01-20 18:43 - 2025-01-20 18:43 - 000000000 ____D C:\Users\dede\AppData\Local\SoundResearch 2025-01-20 18:42 - 2025-01-21 08:39 - 000000000 ____D C:\ProgramData\NVIDIA 2025-01-20 18:42 - 2025-01-20 18:58 - 000000000 ____D C:\Program Files\PowerShell 2025-01-20 18:42 - 2025-01-20 18:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2025-01-20 18:42 - 2025-01-20 18:42 - 000000000 ____D C:\Users\dede\AppData\LocalLow\NVIDIA 2025-01-20 18:42 - 2025-01-20 18:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2025-01-20 18:42 - 2025-01-20 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell 2025-01-20 18:42 - 2025-01-20 18:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2025-01-20 18:41 - 2025-01-20 18:46 - 000000000 ____D C:\WINDOWS\system32\AMD 2025-01-20 18:41 - 2025-01-20 18:41 - 000002236 _____ C:\Users\dede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tabby Terminal.lnk 2025-01-20 18:41 - 2025-01-20 18:41 - 000002228 _____ C:\Users\dede\Desktop\Tabby Terminal.lnk 2025-01-20 18:41 - 2025-01-20 18:41 - 000000871 _____ C:\Users\dede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor Browser.lnk 2025-01-20 18:41 - 2025-01-20 18:41 - 000000823 _____ C:\Users\dede\Desktop\Tor Browser.lnk 2025-01-20 18:41 - 2025-01-20 18:41 - 000000000 ____D C:\Users\dede\AppData\Local\tabby-updater 2025-01-20 18:40 - 2025-01-20 18:40 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\MMC 2025-01-20 18:40 - 2024-10-03 04:49 - 000420216 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2025-01-20 18:40 - 2024-10-03 04:48 - 001307512 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2025-01-20 18:40 - 2024-10-03 04:48 - 000373112 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2025-01-20 18:39 - 2025-01-21 08:39 - 000000000 ____D C:\ProgramData\VMware 2025-01-20 18:39 - 2025-01-20 19:02 - 000000000 ____D C:\ProgramData\Package Cache 2025-01-20 18:39 - 2025-01-20 18:40 - 000000000 ____D C:\Users\dede\Desktop\Tor Browser 2025-01-20 18:39 - 2025-01-20 18:39 - 001715170 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2025-01-20 18:39 - 2025-01-20 18:39 - 000264592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwsguard64.dll 2025-01-20 18:39 - 2025-01-20 18:39 - 000235440 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwsguard32.dll 2025-01-20 18:39 - 2025-01-20 18:39 - 000001276 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk 2025-01-20 18:39 - 2025-01-20 18:39 - 000000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text.lnk 2025-01-20 18:39 - 2025-01-20 18:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Doctor Web 2025-01-20 18:39 - 2025-01-20 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2025-01-20 18:39 - 2025-01-20 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr.Web 2025-01-20 18:39 - 2025-01-20 18:39 - 000000000 ____D C:\Program Files\Sublime Text 2025-01-20 18:39 - 2025-01-20 18:39 - 000000000 ____D C:\Program Files\Common Files\VMware 2025-01-20 18:39 - 2025-01-20 18:39 - 000000000 ____D C:\Program Files (x86)\VMware 2025-01-20 18:39 - 2024-06-11 02:38 - 006187352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2025-01-20 18:39 - 2024-06-11 02:38 - 000022472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtEventLog.dll 2025-01-20 18:39 - 2023-02-17 15:02 - 000017232 _____ C:\WINDOWS\system32\Drivers\RTSPKPT.dat 2025-01-20 18:39 - 2023-02-17 15:01 - 000017232 _____ C:\WINDOWS\system32\Drivers\RTSPKPT1.dat 2025-01-20 18:38 - 2025-01-20 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2025-01-20 18:38 - 2025-01-20 18:38 - 000000000 ____D C:\Program Files\7-Zip 2025-01-20 18:37 - 2025-01-21 08:44 - 000000876 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2025-01-20 18:37 - 2025-01-20 18:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1400213605-400097259-2155796857-1001 2025-01-20 18:35 - 2025-01-20 19:00 - 000000000 ____D C:\Program Files\LibreOffice 2025-01-20 18:34 - 2025-01-20 19:15 - 000000000 ____D C:\ProgramData\Doctor Web 2025-01-20 18:34 - 2025-01-20 18:34 - 000000000 ____D C:\Program Files\Virtio-Win 2025-01-20 18:30 - 2025-01-20 18:30 - 000002414 _____ C:\Users\dede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-01-20 18:30 - 2025-01-20 18:30 - 000000000 ___RD C:\Users\dede\OneDrive 2025-01-20 18:29 - 2025-01-21 08:46 - 001723258 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-01-20 18:29 - 2025-01-20 18:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2025-01-20 18:29 - 2025-01-20 18:29 - 000000000 ____D C:\Users\dede\AppData\Local\Publishers 2025-01-20 18:29 - 2025-01-20 18:29 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2025-01-20 18:28 - 2025-01-20 19:45 - 000000000 ____D C:\Users\dede\AppData\Local\D3DSCache 2025-01-20 18:28 - 2025-01-20 19:29 - 000000000 ____D C:\Users\dede\AppData\Local\Packages 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 __RHD C:\Users\Public\AccountPictures 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ___SD C:\Users\dede\AppData\Roaming\Microsoft\SystemCertificates 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ___SD C:\Users\dede\AppData\Roaming\Microsoft\Protect 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ___SD C:\Users\dede\AppData\Roaming\Microsoft\Crypto 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ___SD C:\Users\dede\AppData\Roaming\Microsoft\Credentials 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\Vault 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\Network 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ____D C:\Users\dede\AppData\Roaming\Adobe 2025-01-20 18:28 - 2025-01-20 18:28 - 000000000 ____D C:\Users\dede\AppData\Local\ConnectedDevicesPlatform 2025-01-20 18:26 - 2025-01-21 08:54 - 000000000 ____D C:\Users\dede 2025-01-20 18:26 - 2025-01-20 20:02 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\Spelling 2025-01-20 18:26 - 2025-01-20 18:32 - 000000000 ____D C:\Users\dede\AppData\Roaming\Microsoft\Windows 2025-01-20 18:26 - 2025-01-20 18:26 - 000000020 ___SH C:\Users\dede\ntuser.ini 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Voisinage réseau 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Voisinage d'impression 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Modèles 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Mes documents 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Menu Démarrer 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Documents\Mes vidéos 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Documents\Mes images 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\Documents\Ma musique 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2025-01-20 18:26 - 2025-01-20 18:26 - 000000000 _SHDL C:\Users\dede\AppData\Local\Historique 2025-01-20 18:24 - 2025-01-20 19:29 - 000000000 ____D C:\ProgramData\Packages 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Public\Documents\Mes vidéos 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Public\Documents\Mes images 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Public\Documents\Ma musique 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Modèles 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Mes documents 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Documents\Mes images 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\Documents\Ma musique 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\ProgramData\Modèles 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\ProgramData\Bureau 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Program Files\Fichiers communs 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 _SHDL C:\Documents and Settings 2025-01-20 18:23 - 2025-01-20 18:23 - 000000000 ____D C:\WINDOWS\CSC 2025-01-20 18:22 - 2025-01-21 08:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-01-20 18:22 - 2025-01-21 08:38 - 000012288 ___SH C:\DumpStack.log.tmp 2025-01-20 18:22 - 2025-01-20 23:53 - 000474824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2025-01-20 18:22 - 2025-01-20 22:27 - 003489705 ____N C:\WINDOWS\Minidump\012025-36109-01.dmp 2025-01-20 18:22 - 2025-01-20 22:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-01-20 18:22 - 2025-01-20 22:18 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2025-01-20 18:22 - 2025-01-20 20:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-01-20 18:22 - 2025-01-20 18:49 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-01-20 18:22 - 2025-01-20 18:43 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{EB207B5A-AC7E-477C-97A4-AB17AFBE3384} 2025-01-20 18:22 - 2025-01-20 18:43 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{76EEFA90-A1B0-43F1-AFBF-5445ABE77F3F} 2025-01-20 18:22 - 2025-01-20 18:24 - 000000000 ___DC C:\WINDOWS\Panther 2025-01-20 18:22 - 2025-01-20 18:22 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2025-01-20 18:22 - 2025-01-20 18:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2025-01-20 18:22 - 2025-01-20 18:22 - 000000000 ____D C:\Windows.old 2025-01-20 18:21 - 2025-01-20 18:21 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2024-12-12 08:24 - 2024-12-12 08:24 - 025313456 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2024-12-12 08:24 - 2024-12-12 08:24 - 002040696 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-12-12 08:24 - 2024-12-12 08:24 - 002040696 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-12-12 08:24 - 2024-12-12 08:24 - 001583992 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-12-12 08:24 - 2024-12-12 08:24 - 001583992 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-12-12 08:24 - 2024-12-12 08:24 - 001446776 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-12-12 08:24 - 2024-12-12 08:24 - 001446776 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-12-12 08:24 - 2024-12-12 08:24 - 001296760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-12-12 08:24 - 2024-12-12 08:24 - 001296760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-12-12 08:24 - 2024-12-12 08:24 - 000477856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-12-12 08:24 - 2024-12-12 08:24 - 000374952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-12-12 08:21 - 2024-12-12 08:21 - 000246504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpcf.sys 2024-12-12 08:20 - 2024-12-12 08:20 - 071874184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2024-12-12 08:20 - 2024-12-12 08:20 - 001078920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-12-12 08:20 - 2024-12-12 08:20 - 000670352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-12-12 08:20 - 2024-12-12 08:20 - 000506000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 002178208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 001629344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 001546888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 001202824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 001034920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 000857232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-12-12 08:19 - 2024-12-12 08:19 - 000797360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-12-12 08:19 - 2024-12-12 08:19 - 000131696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2024-12-12 08:18 - 2024-12-12 08:18 - 016199840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-12-12 08:18 - 2024-12-12 08:18 - 014270112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-12-12 08:18 - 2024-12-12 08:18 - 006914208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-12-12 08:18 - 2024-12-12 08:18 - 005349024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-12-12 08:18 - 2024-12-12 08:18 - 003788976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-12-12 08:18 - 2024-12-12 08:18 - 000461472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-12-12 08:17 - 2024-12-12 08:17 - 005910176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-12-12 08:17 - 2024-12-12 08:17 - 000853680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-12-12 08:16 - 2024-12-12 08:16 - 007133144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2024-12-12 08:16 - 2024-12-12 08:16 - 006212320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-12-12 07:43 - 2024-12-12 07:43 - 000127313 _____ C:\WINDOWS\system32\nvinfo.pb ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-01-21 09:16 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF 2025-01-21 08:53 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-01-21 08:50 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-01-20 23:59 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-01-20 23:19 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2025-01-20 23:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\spool 2025-01-20 20:50 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender 2025-01-20 20:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-01-20 19:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2025-01-20 19:29 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps 2025-01-20 19:08 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2025-01-20 19:07 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2025-01-20 19:07 - 2024-04-01 08:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2025-01-20 19:00 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2025-01-20 18:46 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate 2025-01-20 18:40 - 2024-09-06 05:02 - 000259528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys 2025-01-20 18:40 - 2024-09-06 05:02 - 000124320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcip.sys 2025-01-20 18:30 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat 2025-01-20 18:27 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2025-01-20 18:24 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2025-01-20 18:24 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState 2025-01-20 18:23 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Windows NT 2025-01-20 18:22 - 2024-04-01 08:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2025-01-20 18:22 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {0e4593b5-d753-11ef-b375-ec15bf5266af} {1756e9b0-d753-11ef-bc93-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {0e4593b7-d753-11ef-b375-ec15bf5266af} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {0e4593b5-d753-11ef-b375-ec15bf5266af} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {0e4593b6-d753-11ef-b375-ec15bf5266af} device partition=E: description USB Hard Drive (UEFI) - Lexar (Lexar) Application logicielle (101fffff) -------------------------------- identificateur {1756e9b0-d753-11ef-bc93-806e6f6e6963} description Internal Hard Disk or Solid State Disk Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {0e4593b9-d753-11ef-b375-ec15bf5266af} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {0e4593b7-d753-11ef-b375-ec15bf5266af} nx OptOut bootmenupolicy Standard hypervisorlaunchtype Auto Chargeur de démarrage Windows ----------------------------- identificateur {0e4593b9-d753-11ef-b375-ec15bf5266af} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0e4593ba-d753-11ef-b375-ec15bf5266af} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0e4593ba-d753-11ef-b375-ec15bf5266af} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {0e4593b7-d753-11ef-b375-ec15bf5266af} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {0e4593b9-d753-11ef-b375-ec15bf5266af} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {0e4593ba-d753-11ef-b375-ec15bf5266af} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================