Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Exécuté par ollie (administrateur) sur LAPTOP-9PH1NVLI (ASUSTeK COMPUTER INC. Zenbook UM5401QA_UM5401QA) (02-09-2022 15:42:41)
Exécuté depuis C:\Users\ollie\OneDrive\Bureau
Profils chargés: ollie
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.856 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\ModuleDll\HWSettings\AsusOLEDShifter.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.625.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Windows\ImmersiveControlPanel\SystemSettings.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNumPadService.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusInputlocaleMonitor.exe
(DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_b43f5856b08c04dc\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_115c92dc41c1fd92\AsusHidService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNumPadService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.542.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.826_none_04caa12d4c727e47\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.625.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(SystemSettingsAdminFlows.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Users\ollie\AppData\Local\Temp\D45970FE-7237-4596-8E20-5F8FA50A7035\DismHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-3664022494-3954249225-3457998549-1001\...\Run: [Discord] => C:\Users\ollie\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3664022494-3954249225-3457998549-1001\...\Run: [MicrosoftEdgeAutoLaunch_958449C8E61D0DA744FF5E455F59E9D3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2022-04-23]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2B5B7425-E5AF-4E53-801D-F57BF50AFB25} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EDD8CF1-0767-4F7E-ACE8-B6BEA8462C90} - System32\Tasks\CCleanerSkipUAC - ollie => C:\Users\ollie\OneDrive\Bureau\ccsetup588\CCleaner.exe $(Arg0) (Pas de fichier)
Task: {3F8AB425-4E71-4C35-A8F2-B41809722E06} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4071680 2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {40D99F9D-79D9-4DC6-801F-FF18FDB56997} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CB45E54-DE5B-43FE-B53F-BB40F394B960} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {503FFFF8-2D9C-4C9D-A6A5-CB0E57D8C3DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58328DC1-F310-453C-90EF-F5EA1050F853} - System32\Tasks\MSI Task Host - Detect_Monitor => "powershell" -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\ollie\AppData\Roaming\Winsoft\core.ps1
Task: {62B2815E-F771-4B51-8F84-5ABAAEEC82C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {64BF662D-6818-495A-A1E6-6070310C64BD} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusUpdateChecker.exe [790744 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {78A4E936-8A8A-4366-89D2-BBC18F3313C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E47D118-3A89-42B9-9A80-BA68CE8299AB} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3664022494-3954249225-3457998549-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1580.24.216.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [1873656 2022-08-29] (Facebook, Inc. -> Facebook Inc.)
Task: {A4AE22CE-4C93-4175-B8C4-7CA7F94A3E62} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.70\Installer\setup.exe [3286944 2022-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3094FD7-F5F9-4095-A3CA-FB137D57C08C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6028AB4-16DF-4A69-AE1C-F7A28800FEBF} - System32\Tasks\GoogleUpdateTaskMachineUA{ADED828B-7A67-49E9-B632-6BADD97B427E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-11] (Google LLC -> Google LLC)
Task: {BE5DAF01-2CEA-422A-A276-9E693891174B} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusHotkey.exe [240296 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {CAAFA45C-8D41-48CA-B905-2A2727EC5633} - System32\Tasks\GoogleUpdateTaskMachineCore{810B3034-FE1A-4842-BC53-0573A88FDBE7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-11] (Google LLC -> Google LLC)
Task: {CE989671-4E0A-4353-B3C1-82E108CE1847} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3578072 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {D07916E8-A600-4E4C-B9F0-937E51532DF9} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DFE98A92-07A6-44DB-8DF9-BD0BB5816388} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC78D956-485D-4FEA-8ACA-9D81597D32BC} - System32\Tasks\ViGEmBusUpdater1 => "powershell" -ExecutionPolicy Bypass C:\WINDOWS\core.ps1
Task: {FF17C004-7800-464C-B547-E62311D2860C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1377d30c-4319-4ce7-b139-b04bb1b3f3e5}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\ollie\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-02]
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3664022494-3954249225-3457998549-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Notifications: Default -> hxxps://assiste.com; hxxps://calendar.google.com; hxxps://magazine-economie.fr; hxxps://meet.google.com; hxxps://planetes360.fr; hxxps://teams.live.com; hxxps://www.cnetfrance.fr; hxxps://www.facebook.com; hxxps://www.oscaro.com; hxxps://www.youtube.com
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\AsusAppService\AsusAppService.exe [872112 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusHidService; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_115c92dc41c1fd92\AsusHidService.exe [247712 2021-06-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkNear\AsusLinkNear.exe [1163480 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkRemote\AsusLinkRemote.exe [762032 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusNumPadService; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNumPadService.exe [242608 2021-09-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimization.exe [375000 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManager.exe [1086168 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSwitch\AsusSwitch.exe [623848 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3578072 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [710576 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [235744 2021-12-21] (DTS, Inc. -> DTS Inc.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [119912 2022-02-03] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65640 2022-02-03] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2022-02-03] (Proton Technologies AG -> )
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\amdkmdag.sys [80561072 2022-03-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AsusKeyboard; C:\WINDOWS\System32\DriverStore\FileRepository\asuskeyboardfilter.inf_amd64_ac35ad5e049347c5\AsusKeyboardFilter.sys [71664 2021-09-08] (ASUSTeK COMPUTER INC. -> Human Interface Tech.)
R3 AsusNumpadPTP; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNUMPADFilter.sys [189416 2021-09-08] (ASUSTeK COMPUTER INC. -> Human Interface Tech.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSAIO.sys [46704 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusWmiAcpi.sys [45248 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 MpKsl5091b6fb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4C53B3A-61CE-4AB8-851C-6818B74C5EC7}\MpKslDrv.sys [141576 2022-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslcf9562e7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4C53B3A-61CE-4AB8-851C-6818B74C5EC7}\MpKslDrv.sys [141576 2022-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [937464 2021-03-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 14:41 - 2022-09-02 14:41 - 000000292 _____ C:\Users\ollie\OneDrive\Documents\SAUVEGARDE.reg
2022-09-02 08:30 - 2022-09-02 15:03 - 000000000 ____D C:\WINDOWS\Minidump
2022-08-31 14:51 - 2022-08-31 14:51 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-08-30 14:32 - 2022-08-30 14:31 - 000098333 _____ C:\Users\ollie\OneDrive\Documents\AG sauguis.pdf
2022-08-29 12:21 - 2022-04-29 22:01 - 004890720 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-08-29 12:21 - 2022-04-29 22:01 - 001626208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2022-08-29 12:21 - 2022-04-29 21:35 - 053613352 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-08-15 23:05 - 2022-08-15 23:05 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll
2022-08-15 23:05 - 2022-08-15 23:05 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-08-15 23:05 - 2022-08-15 23:05 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-08-15 23:05 - 2022-08-15 23:05 - 000015026 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-15 23:04 - 2022-08-15 23:04 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-15 22:57 - 2022-08-15 22:57 - 000000000 ___HD C:\$WinREAgent
2022-07-23 22:30 - 2022-07-23 22:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2022-07-23 16:08 - 2022-07-24 13:28 - 000068435 _____ C:\Users\ollie\OneDrive\Documents\Productions Cachau.xlsx
2022-07-22 16:26 - 2022-09-02 14:26 - 004895065 _____ C:\WINDOWS\cat.zip
2022-07-22 16:26 - 2021-09-10 13:48 - 000008898 _____ C:\WINDOWS\core.bin
2022-07-22 16:26 - 2021-09-10 13:35 - 000000712 _____ C:\WINDOWS\core.ps1
2022-07-22 16:26 - 2021-08-02 04:18 - 008278016 _____ C:\WINDOWS\svhost.exe
2022-07-17 18:12 - 2022-07-17 18:12 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-17 18:12 - 2022-07-17 18:12 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-10 22:26 - 2022-07-10 22:26 - 000003774 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-07-10 22:26 - 2022-07-10 22:26 - 000003548 _____ C:\WINDOWS\system32\Tasks\ViGEmBusUpdater1
2022-07-10 22:26 - 2022-07-10 22:26 - 000000000 ____D C:\Users\ollie\AppData\Roaming\Winsoft
2022-06-24 12:03 - 2022-06-24 12:04 - 000000000 ____D C:\Users\ollie\OneDrive\Documents\AVIS DE VALEUR
2022-06-20 20:16 - 2022-06-20 13:03 - 000009709 _____ C:\Users\ollie\OneDrive\Documents\zone de chalandise.xlsx
2022-06-20 20:16 - 2022-05-31 11:28 - 000502763 _____ C:\Users\ollie\OneDrive\Documents\LIVRET DE TRAVAIL.odt
2022-06-13 19:21 - 2022-06-13 19:21 - 000001399 _____ C:\Users\ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-06-13 18:33 - 2022-06-13 18:33 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-13 18:33 - 2022-06-13 18:33 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 15:42 - 2022-04-11 19:56 - 000000000 ____D C:\FRST
2022-09-02 15:37 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-02 15:23 - 2021-11-15 20:13 - 000000000 ____D C:\Users\ollie\AppData\Roaming\ZHP
2022-09-02 15:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-09-02 15:03 - 2021-11-11 12:23 - 000000000 ____D C:\Users\ollie\AppData\Local\D3DSCache
2022-09-02 14:56 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-02 14:55 - 2021-11-11 12:23 - 000000000 ____D C:\Users\ollie\AppData\Local\Packages
2022-09-02 14:55 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-02 14:46 - 2021-11-11 12:26 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-02 14:44 - 2021-11-11 14:03 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-09-02 14:41 - 2021-11-11 14:07 - 001709664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-02 14:41 - 2021-06-05 20:14 - 000771102 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-02 14:41 - 2021-06-05 20:14 - 000148364 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-02 14:41 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-09-02 14:40 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-02 14:37 - 2021-11-11 13:44 - 000000000 ____D C:\Users\ollie
2022-09-02 14:36 - 2021-11-11 14:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-02 14:36 - 2021-11-11 13:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-02 14:36 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-02 14:36 - 2020-11-21 14:38 - 000012288 ___SH C:\DumpStack.log.tmp
2022-09-01 14:45 - 2021-11-24 21:56 - 000153040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 002835920 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000443856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000067024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-09-01 13:55 - 2022-02-21 21:55 - 000000000 ____D C:\Users\ollie\AppData\Roaming\WhatsApp
2022-08-31 15:05 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-08-31 14:51 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-08-31 14:40 - 2022-01-21 20:22 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ADED828B-7A67-49E9-B632-6BADD97B427E}
2022-08-31 14:40 - 2022-01-21 20:22 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{810B3034-FE1A-4842-BC53-0573A88FDBE7}
2022-08-31 08:11 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-08-30 14:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-30 14:32 - 2021-11-11 12:25 - 000000000 ___RD C:\Users\ollie\OneDrive
2022-08-30 14:31 - 2021-12-12 17:53 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3664022494-3954249225-3457998549-1001
2022-08-30 14:31 - 2021-11-11 14:03 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3664022494-3954249225-3457998549-1001
2022-08-30 14:31 - 2021-11-11 12:18 - 000002423 _____ C:\Users\ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-29 10:39 - 2022-02-21 21:55 - 000000000 ____D C:\Users\ollie\AppData\Local\WhatsApp
2022-08-29 10:26 - 2021-11-20 16:13 - 000004784 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-08-29 10:26 - 2020-11-21 14:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-23 22:59 - 2021-11-11 14:03 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 22:59 - 2021-11-11 14:03 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-23 22:55 - 2021-11-11 12:26 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-18 00:39 - 2021-11-11 12:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-18 00:27 - 2021-11-11 12:29 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-18 00:27 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-18 00:27 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-15 23:19 - 2021-11-11 13:59 - 000470480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-15 23:04 - 2021-11-11 14:02 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-11 17:18 - 2020-11-21 14:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-09 16:32 - 2022-03-03 21:46 - 000000000 ____D C:\Users\ollie\AppData\Local\ElevatedDiagnostics
==================== SigCheckExt =========================
2021-11-13 15:38 - 2022-09-01 14:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-22 16:26 - 2021-08-02 04:18 - 008278016 _____ C:\WINDOWS\svhost.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{93760d32-8793-11ec-b226-d03674846638}
{93760d33-8793-11ec-b226-d03674846638}
{93760d34-8793-11ec-b226-d03674846638}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {adc2ff27-42e6-11ec-b20a-9843fa001017}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {93760d32-8793-11ec-b226-d03674846638}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {93760d33-8793-11ec-b226-d03674846638}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {93760d34-8793-11ec-b226-d03674846638}
description UEFI:Network Device
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {adc2ff2a-42e6-11ec-b20a-9843fa001017}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {adc2ff27-42e6-11ec-b20a-9843fa001017}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {adc2ff2a-42e6-11ec-b20a-9843fa001017}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{adc2ff2b-42e6-11ec-b20a-9843fa001017}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{adc2ff2b-42e6-11ec-b20a-9843fa001017}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {adc2ff27-42e6-11ec-b20a-9843fa001017}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {adc2ff2a-42e6-11ec-b20a-9843fa001017}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
isolatedcontext Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
isolatedcontext Yes
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
isolatedcontext Yes
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {adc2ff2b-42e6-11ec-b20a-9843fa001017}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par ollie (administrateur) sur LAPTOP-9PH1NVLI (ASUSTeK COMPUTER INC. Zenbook UM5401QA_UM5401QA) (02-09-2022 15:42:41)
Exécuté depuis C:\Users\ollie\OneDrive\Bureau
Profils chargés: ollie
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.856 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.5.0_x64__qmba6cd70vzyy\ModuleDll\HWSettings\AsusOLEDShifter.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.625.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Windows\ImmersiveControlPanel\SystemSettings.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNumPadService.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusInputlocaleMonitor.exe
(DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_b43f5856b08c04dc\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_115c92dc41c1fd92\AsusHidService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNumPadService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.542.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.826_none_04caa12d4c727e47\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.625.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(SystemSettingsAdminFlows.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Users\ollie\AppData\Local\Temp\D45970FE-7237-4596-8E20-5F8FA50A7035\DismHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-3664022494-3954249225-3457998549-1001\...\Run: [Discord] => C:\Users\ollie\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3664022494-3954249225-3457998549-1001\...\Run: [MicrosoftEdgeAutoLaunch_958449C8E61D0DA744FF5E455F59E9D3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2022-04-23]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2B5B7425-E5AF-4E53-801D-F57BF50AFB25} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EDD8CF1-0767-4F7E-ACE8-B6BEA8462C90} - System32\Tasks\CCleanerSkipUAC - ollie => C:\Users\ollie\OneDrive\Bureau\ccsetup588\CCleaner.exe $(Arg0) (Pas de fichier)
Task: {3F8AB425-4E71-4C35-A8F2-B41809722E06} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4071680 2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {40D99F9D-79D9-4DC6-801F-FF18FDB56997} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CB45E54-DE5B-43FE-B53F-BB40F394B960} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {503FFFF8-2D9C-4C9D-A6A5-CB0E57D8C3DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58328DC1-F310-453C-90EF-F5EA1050F853} - System32\Tasks\MSI Task Host - Detect_Monitor => "powershell" -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\ollie\AppData\Roaming\Winsoft\core.ps1
Task: {62B2815E-F771-4B51-8F84-5ABAAEEC82C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {64BF662D-6818-495A-A1E6-6070310C64BD} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusUpdateChecker.exe [790744 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {78A4E936-8A8A-4366-89D2-BBC18F3313C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E47D118-3A89-42B9-9A80-BA68CE8299AB} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3664022494-3954249225-3457998549-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1580.24.216.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [1873656 2022-08-29] (Facebook, Inc. -> Facebook Inc.)
Task: {A4AE22CE-4C93-4175-B8C4-7CA7F94A3E62} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.70\Installer\setup.exe [3286944 2022-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3094FD7-F5F9-4095-A3CA-FB137D57C08C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6028AB4-16DF-4A69-AE1C-F7A28800FEBF} - System32\Tasks\GoogleUpdateTaskMachineUA{ADED828B-7A67-49E9-B632-6BADD97B427E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-11] (Google LLC -> Google LLC)
Task: {BE5DAF01-2CEA-422A-A276-9E693891174B} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusHotkey.exe [240296 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {CAAFA45C-8D41-48CA-B905-2A2727EC5633} - System32\Tasks\GoogleUpdateTaskMachineCore{810B3034-FE1A-4842-BC53-0573A88FDBE7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-11] (Google LLC -> Google LLC)
Task: {CE989671-4E0A-4353-B3C1-82E108CE1847} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3578072 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {D07916E8-A600-4E4C-B9F0-937E51532DF9} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DFE98A92-07A6-44DB-8DF9-BD0BB5816388} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC78D956-485D-4FEA-8ACA-9D81597D32BC} - System32\Tasks\ViGEmBusUpdater1 => "powershell" -ExecutionPolicy Bypass C:\WINDOWS\core.ps1
Task: {FF17C004-7800-464C-B547-E62311D2860C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1377d30c-4319-4ce7-b139-b04bb1b3f3e5}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\ollie\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-02]
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3664022494-3954249225-3457998549-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Notifications: Default -> hxxps://assiste.com; hxxps://calendar.google.com; hxxps://magazine-economie.fr; hxxps://meet.google.com; hxxps://planetes360.fr; hxxps://teams.live.com; hxxps://www.cnetfrance.fr; hxxps://www.facebook.com; hxxps://www.oscaro.com; hxxps://www.youtube.com
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\AsusAppService\AsusAppService.exe [872112 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusHidService; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_115c92dc41c1fd92\AsusHidService.exe [247712 2021-06-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkNear\AsusLinkNear.exe [1163480 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSLinkRemote\AsusLinkRemote.exe [762032 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusNumPadService; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNumPadService.exe [242608 2021-09-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusOptimization.exe [375000 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSoftwareManager\AsusSoftwareManager.exe [1086168 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSwitch\AsusSwitch.exe [623848 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3578072 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [710576 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [235744 2021-12-21] (DTS, Inc. -> DTS Inc.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [119912 2022-02-03] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65640 2022-02-03] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2022-02-03] (Proton Technologies AG -> )
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0377160.inf_amd64_e16cb44bb08cca0e\B377005\amdkmdag.sys [80561072 2022-03-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AsusKeyboard; C:\WINDOWS\System32\DriverStore\FileRepository\asuskeyboardfilter.inf_amd64_ac35ad5e049347c5\AsusKeyboardFilter.sys [71664 2021-09-08] (ASUSTeK COMPUTER INC. -> Human Interface Tech.)
R3 AsusNumpadPTP; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_b39210c85a646bd0\AsusNUMPADFilter.sys [189416 2021-09-08] (ASUSTeK COMPUTER INC. -> Human Interface Tech.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSSystemAnalysis\AsusSAIO.sys [46704 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_6d80c4e5e6c9db97\ASUSOptimization\AsusWmiAcpi.sys [45248 2022-06-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 MpKsl5091b6fb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4C53B3A-61CE-4AB8-851C-6818B74C5EC7}\MpKslDrv.sys [141576 2022-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslcf9562e7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4C53B3A-61CE-4AB8-851C-6818B74C5EC7}\MpKslDrv.sys [141576 2022-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [937464 2021-03-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 14:41 - 2022-09-02 14:41 - 000000292 _____ C:\Users\ollie\OneDrive\Documents\SAUVEGARDE.reg
2022-09-02 08:30 - 2022-09-02 15:03 - 000000000 ____D C:\WINDOWS\Minidump
2022-08-31 14:51 - 2022-08-31 14:51 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-08-30 14:32 - 2022-08-30 14:31 - 000098333 _____ C:\Users\ollie\OneDrive\Documents\AG sauguis.pdf
2022-08-29 12:21 - 2022-04-29 22:01 - 004890720 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-08-29 12:21 - 2022-04-29 22:01 - 001626208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2022-08-29 12:21 - 2022-04-29 21:35 - 053613352 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-08-15 23:05 - 2022-08-15 23:05 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll
2022-08-15 23:05 - 2022-08-15 23:05 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-08-15 23:05 - 2022-08-15 23:05 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-08-15 23:05 - 2022-08-15 23:05 - 000015026 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-15 23:04 - 2022-08-15 23:04 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-15 22:57 - 2022-08-15 22:57 - 000000000 ___HD C:\$WinREAgent
2022-07-23 22:30 - 2022-07-23 22:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2022-07-23 16:08 - 2022-07-24 13:28 - 000068435 _____ C:\Users\ollie\OneDrive\Documents\Productions Cachau.xlsx
2022-07-22 16:26 - 2022-09-02 14:26 - 004895065 _____ C:\WINDOWS\cat.zip
2022-07-22 16:26 - 2021-09-10 13:48 - 000008898 _____ C:\WINDOWS\core.bin
2022-07-22 16:26 - 2021-09-10 13:35 - 000000712 _____ C:\WINDOWS\core.ps1
2022-07-22 16:26 - 2021-08-02 04:18 - 008278016 _____ C:\WINDOWS\svhost.exe
2022-07-17 18:12 - 2022-07-17 18:12 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-17 18:12 - 2022-07-17 18:12 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-10 22:26 - 2022-07-10 22:26 - 000003774 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2022-07-10 22:26 - 2022-07-10 22:26 - 000003548 _____ C:\WINDOWS\system32\Tasks\ViGEmBusUpdater1
2022-07-10 22:26 - 2022-07-10 22:26 - 000000000 ____D C:\Users\ollie\AppData\Roaming\Winsoft
2022-06-24 12:03 - 2022-06-24 12:04 - 000000000 ____D C:\Users\ollie\OneDrive\Documents\AVIS DE VALEUR
2022-06-20 20:16 - 2022-06-20 13:03 - 000009709 _____ C:\Users\ollie\OneDrive\Documents\zone de chalandise.xlsx
2022-06-20 20:16 - 2022-05-31 11:28 - 000502763 _____ C:\Users\ollie\OneDrive\Documents\LIVRET DE TRAVAIL.odt
2022-06-13 19:21 - 2022-06-13 19:21 - 000001399 _____ C:\Users\ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-06-13 18:33 - 2022-06-13 18:33 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-13 18:33 - 2022-06-13 18:33 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 15:42 - 2022-04-11 19:56 - 000000000 ____D C:\FRST
2022-09-02 15:37 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-02 15:23 - 2021-11-15 20:13 - 000000000 ____D C:\Users\ollie\AppData\Roaming\ZHP
2022-09-02 15:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-09-02 15:03 - 2021-11-11 12:23 - 000000000 ____D C:\Users\ollie\AppData\Local\D3DSCache
2022-09-02 14:56 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-02 14:55 - 2021-11-11 12:23 - 000000000 ____D C:\Users\ollie\AppData\Local\Packages
2022-09-02 14:55 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-02 14:46 - 2021-11-11 12:26 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-02 14:44 - 2021-11-11 14:03 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-09-02 14:41 - 2021-11-11 14:07 - 001709664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-02 14:41 - 2021-06-05 20:14 - 000771102 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-02 14:41 - 2021-06-05 20:14 - 000148364 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-02 14:41 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-09-02 14:40 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-09-02 14:37 - 2021-11-11 13:44 - 000000000 ____D C:\Users\ollie
2022-09-02 14:36 - 2021-11-11 14:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-02 14:36 - 2021-11-11 13:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-02 14:36 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-02 14:36 - 2020-11-21 14:38 - 000012288 ___SH C:\DumpStack.log.tmp
2022-09-01 14:45 - 2021-11-24 21:56 - 000153040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 002835920 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000443856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-09-01 14:45 - 2021-11-13 15:38 - 000067024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-09-01 13:55 - 2022-02-21 21:55 - 000000000 ____D C:\Users\ollie\AppData\Roaming\WhatsApp
2022-08-31 15:05 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-08-31 14:51 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-08-31 14:40 - 2022-01-21 20:22 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ADED828B-7A67-49E9-B632-6BADD97B427E}
2022-08-31 14:40 - 2022-01-21 20:22 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{810B3034-FE1A-4842-BC53-0573A88FDBE7}
2022-08-31 08:11 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-08-30 14:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-30 14:32 - 2021-11-11 12:25 - 000000000 ___RD C:\Users\ollie\OneDrive
2022-08-30 14:31 - 2021-12-12 17:53 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3664022494-3954249225-3457998549-1001
2022-08-30 14:31 - 2021-11-11 14:03 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3664022494-3954249225-3457998549-1001
2022-08-30 14:31 - 2021-11-11 12:18 - 000002423 _____ C:\Users\ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-29 10:39 - 2022-02-21 21:55 - 000000000 ____D C:\Users\ollie\AppData\Local\WhatsApp
2022-08-29 10:26 - 2021-11-20 16:13 - 000004784 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-08-29 10:26 - 2020-11-21 14:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-23 22:59 - 2021-11-11 14:03 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 22:59 - 2021-11-11 14:03 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-23 22:55 - 2021-11-11 12:26 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-18 00:39 - 2021-11-11 12:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-18 00:27 - 2021-11-11 12:29 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-18 00:27 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-18 00:27 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-15 23:19 - 2021-11-11 13:59 - 000470480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-08-15 23:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-15 23:04 - 2021-11-11 14:02 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-11 17:18 - 2020-11-21 14:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-09 16:32 - 2022-03-03 21:46 - 000000000 ____D C:\Users\ollie\AppData\Local\ElevatedDiagnostics
==================== SigCheckExt =========================
2021-11-13 15:38 - 2022-09-01 14:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-22 16:26 - 2021-08-02 04:18 - 008278016 _____ C:\WINDOWS\svhost.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{93760d32-8793-11ec-b226-d03674846638}
{93760d33-8793-11ec-b226-d03674846638}
{93760d34-8793-11ec-b226-d03674846638}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {adc2ff27-42e6-11ec-b20a-9843fa001017}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {93760d32-8793-11ec-b226-d03674846638}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {93760d33-8793-11ec-b226-d03674846638}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {93760d34-8793-11ec-b226-d03674846638}
description UEFI:Network Device
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {adc2ff2a-42e6-11ec-b20a-9843fa001017}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {adc2ff27-42e6-11ec-b20a-9843fa001017}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {adc2ff2a-42e6-11ec-b20a-9843fa001017}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{adc2ff2b-42e6-11ec-b20a-9843fa001017}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{adc2ff2b-42e6-11ec-b20a-9843fa001017}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {adc2ff27-42e6-11ec-b20a-9843fa001017}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {adc2ff2a-42e6-11ec-b20a-9843fa001017}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
isolatedcontext Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
isolatedcontext Yes
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
isolatedcontext Yes
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {adc2ff2b-42e6-11ec-b20a-9843fa001017}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================