Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019 Exécuté par s (administrateur) sur SAMSUNG (14-04-2019 12:02:46) Exécuté depuis C:\Users\s\Downloads Profils chargés: s (Profils disponibles: UpdatusUser & s & Administrateur) Platform: Windows 10 Home Version 1803 17134.472 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (INDEX EDUCATION -> Index Education) C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Atheros Commnucations) [Fichier non signé] C:\Windows\System32\AdminService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe (Adobe Systems, Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\s\AppData\Local\Microsoft\BingSvc\BingSvc.exe (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) C:\Users\s\AppData\Roaming\ACEStream\engine\ace_engine.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (WONBO TECHNOLOGY Co.,LIMITED -> ) C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) C:\Users\s\AppData\Roaming\ACEStream\engine\ace_engine.exe (Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe (Innovative Digital Technologies -> ) C:\Users\s\AppData\Roaming\ACEStream\updater\ace_update.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\s\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\FXSSVC.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) HKLM-x32\...\Run: [KeepVidProUpdateHelper.exe] => C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe [33912 2017-09-06] (WONBO TECHNOLOGY Co.,LIMITED -> ) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [BingSvc] => C:\Users\s\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [Chromium] => c:\users\s\appdata\local\chromium\application\chrome.exe [1035264 2016-03-17] (The Chromium Authors) [Fichier non signé] HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-11-29] (TomTom International BV -> TomTom) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> ) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [AceStream] => C:\Users\s\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-30] (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-02-08] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\s\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\s\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\s\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64" HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\s\AppData\Local\Microsoft\OneDrive\19.033.0218.0011" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-05] (Google LLC -> Google Inc.) GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{1ce78b8c-aa04-4700-ae4a-8c1d309b091c}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{22bbfb51-d0c3-4802-bde9-b8b61a37884f}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{c9f07d4e-d772-4c2b-bb49-7a21e60adae6}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWVoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGB8LGNdMqB7Nd%3D%3D HKU\S-1-5-21-3774421412-1007907057-219690849-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWVoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGB8LGNdMqB7Nd%3D%3D HKU\S-1-5-21-3774421412-1007907057-219690849-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGt6MapdNGt7Nd%3D%3D&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGt6MapdNGt7Nd%3D%3D&p={searchTerms} SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_adsrch_16_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0A0FyDtCtC0AyD0B0AyCzytN0D0Tzu0StCyDyByDtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0DyBtAzz0DzytBtGyB0AtD0FtGtDyBtC0EtGyByBtCzytGyC0C0FtAyB0ByDtCtAtB0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0A0Ezz0C0EyBtBtGyDtD0CzytGyEyDyCzztG0AtC0F0DtGyEtDtAyE0FyDtAtA0E0CyEyB2QtN0A0LzuyE%26cr%3D1487297655%26a%3Dwbf_adsrch_16_16%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGt6MapdNGt7Nd%3D%3D&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGt6MapdNGt7Nd%3D%3D&p={searchTerms} SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3774421412-1007907057-219690849-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGt6MapdNGt7Nd%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-3774421412-1007907057-219690849-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_6a16b5d3¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVE3vmIVwVU3vGYYNVA4ISIWwVNdJCoVNVRdJCoWvmo9GqYVNUI3wGYGwVM4Jmk3wVU9GqUNNos3wCIYwVA9JmoUwVA3vCITvFI4ICILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVwVRdJqYYwVU4J6IWwVU9I6IWvFE4JqYVwVw9JGYXwVRdJmISwVM3vmIVwVQ9IaYTNVQ4IGYVvFE3vmIVNVFdIWYUvmk9JGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvmpdJGYUvmldJaYUvFQ9JmISvFI9IWYWvmo9I6oUvFI4J6k3wVxdJCIWNVBdISISvFE9ISIYvFFdImoVwVU9JGYUNVM4ICoXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMqxaMGFbNqZ6QGR7BHFaISopzU0aCaV7CaJ7C78aBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D¶m2=NGt6MapdNGt7Nd%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-3774421412-1007907057-219690849-1002 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_adsrch_16_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0A0FyDtCtC0AyD0B0AyCzytN0D0Tzu0StCyDyByDtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0DyBtAzz0DzytBtGyB0AtD0FtGtDyBtC0EtGyByBtCzytGyC0C0FtAyB0ByDtCtAtB0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0A0Ezz0C0EyBtBtGyDtD0CzytGyEyDyCzztG0AtC0F0DtGyEtDtAyE0FyDtAtA0E0CyEyB2QtN0A0LzuyE%26cr%3D1487297655%26a%3Dwbf_adsrch_16_16%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-3774421412-1007907057-219690849-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = SearchScopes: HKU\S-1-5-21-3774421412-1007907057-219690849-1002 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH) BHO-x32: KeepVid Pro 4.10.0 -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\KVBrowserAppMgr.dll [2017-09-06] (WONBO TECHNOLOGY Co.,LIMITED -> ) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH) Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - Pas de fichier FireFox: ======== FF DefaultProfile: fmvcb4rj.default FF ProfilePath: C:\Users\s\AppData\Roaming\TomTom\HOME\Profiles\b32tst9n.default [2017-01-24] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2017-01-24] [Legacy] [non signé] FF ProfilePath: C:\Users\s\AppData\Roaming\Mozilla\Firefox\Profiles\fmvcb4rj.default [2019-04-14] FF Homepage: Mozilla\Firefox\Profiles\fmvcb4rj.default -> hxxps://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-334bb09d FF Extension: (Adblock Plus) - C:\Users\s\AppData\Roaming\Mozilla\Firefox\Profiles\fmvcb4rj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-19] FF Extension: (Telemetry coverage) - C:\Users\s\AppData\Roaming\Mozilla\Firefox\Profiles\fmvcb4rj.default\features\{359b88e4-ed57-4195-9b86-3a16bd8dcf0f}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-15] [Legacy] FF SearchPlugin: C:\Users\s\AppData\Roaming\Mozilla\Firefox\Profiles\fmvcb4rj.default\searchplugins\bing search engine.xml [2017-01-15] FF HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi FF Extension: (KeepVid Pro) - C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi [2017-09-29] [Legacy] FF HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\s\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\s\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3774421412-1007907057-219690849-1002: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\s\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies) FF Plugin HKU\S-1-5-21-3774421412-1007907057-219690849-1002: SkypePlugin -> C:\Users\s\AppData\Local\SkypePlugin\7.17.0.43\npGatewayNpapi.dll [2016-03-21] (Microsoft Corporation -> Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-3774421412-1007907057-219690849-1002: SkypePlugin64 -> C:\Users\s\AppData\Local\SkypePlugin\7.17.0.43\npGatewayNpapi-x64.dll [2016-03-21] (Microsoft Corporation -> Skype Technologies S.A.) Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\s\AppData\Local\Google\Chrome\User Data\Default [2019-04-14] CHR Extension: (Presentaciones) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Documentos) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-20] CHR Extension: (YouTube) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-20] CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-05] CHR Extension: (Hojas de cálculo) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Documentos de Google sin conexión) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-31] CHR Extension: (Ace Script) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-15] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-20] CHR Extension: (Chrome Media Router) - C:\Users\s\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24] CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3774421412-1007907057-219690849-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3774421412-1007907057-219690849-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3774421412-1007907057-219690849-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3774421412-1007907057-219690849-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3774421412-1007907057-219690849-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc. -> Apple Inc.) R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations) [Fichier non signé] R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R2 MajIndexEducationService; C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [3234064 2019-02-18] (INDEX EDUCATION -> Index Education) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-26] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-26] (Microsoft Corporation -> Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\DriverInstall.exe [107128 2017-09-06] (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-26] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-26] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-04-14 12:02 - 2019-04-14 12:05 - 000029164 _____ C:\Users\s\Downloads\FRST.txt 2019-04-14 11:59 - 2019-04-14 12:02 - 000000000 ____D C:\FRST 2019-04-14 11:59 - 2019-04-14 11:59 - 000000000 ____D C:\Users\s\Downloads\FRST-OlderVersion 2019-04-14 11:57 - 2019-04-14 11:59 - 002434048 _____ (Farbar) C:\Users\s\Downloads\FRST64-2.1.exe 2019-04-14 11:43 - 2019-04-14 11:43 - 000000280 _____ C:\Users\s\Desktop\fixlist.txt 2019-04-13 22:03 - 2019-04-13 22:03 - 001092468 _____ C:\Users\s\Downloads\facundo-o-civilizacion-i-barbarie-en-las-pampas-argentinas--0.pdf 2019-04-13 22:03 - 2019-04-13 22:03 - 001092468 _____ C:\Users\s\Downloads\facundo-o-civilizacion-i-barbarie-en-las-pampas-argentinas--0 (1).pdf 2019-04-12 17:54 - 2019-04-12 17:54 - 000465123 _____ C:\Users\s\Downloads\conseil de classe du troisième trimestre.pdf 2019-04-11 12:35 - 2019-04-11 12:36 - 000103232 _____ C:\Users\s\Downloads\cv F.A. Gonzalez 03_2018 +.pdf 2019-04-08 16:14 - 2019-04-08 16:14 - 000109238 _____ C:\Users\s\Downloads\ANDRES GONZALEZ_FLAVIO_029628002294_9615_DEV01_9628002294_9615_1 1.pdf 2019-04-08 16:14 - 2019-04-08 16:14 - 000054961 _____ C:\Users\s\Downloads\29615CTWB0118 (2).pdf 2019-04-08 16:13 - 2019-04-08 16:13 - 000054961 _____ C:\Users\s\Downloads\29615CTWB0118.pdf 2019-04-08 16:13 - 2019-04-08 16:13 - 000054961 _____ C:\Users\s\Downloads\29615CTWB0118 (1).pdf 2019-04-08 09:45 - 2019-04-08 09:45 - 000004537 _____ C:\Users\s\AppData\Roaming\CamStudio.cfg 2019-04-08 01:23 - 2019-04-07 18:15 - 000037877 _____ C:\Users\s\Documents\Culture%20general%20et%20expression%20devoir%202.doc_0.odt 2019-04-02 02:16 - 2019-04-02 02:16 - 000035039 _____ C:\Users\s\Downloads\9628002294_9615_1.pdf 2019-04-02 01:36 - 2019-04-02 01:36 - 000945537 _____ C:\Users\s\Downloads\GuideCELInscrit.2016 (2).pdf 2019-04-02 01:32 - 2019-04-02 01:32 - 000945537 _____ C:\Users\s\Downloads\GuideCELInscrit.2016.pdf 2019-04-02 01:32 - 2019-04-02 01:32 - 000945537 _____ C:\Users\s\Downloads\GuideCELInscrit.2016 (1).pdf 2019-04-02 01:21 - 2019-04-02 01:21 - 000291834 _____ C:\Users\s\Downloads\ANDRES GONZALEZ_FLAVIO_029628002294_0186_DEV01_culture general et expression corrigé.pdf 2019-04-02 01:07 - 2019-04-02 01:08 - 000086160 _____ C:\Users\s\Downloads\29615DKWC0118 (1).pdf 2019-03-21 01:29 - 2019-03-21 01:29 - 001988459 _____ C:\Users\s\Downloads\209617DKWC0118 (3).pdf 2019-03-20 09:38 - 2019-03-20 09:43 - 000000000 ____D C:\Users\s\Desktop\ecriture 2019-03-19 13:47 - 2019-03-19 13:47 - 001882411 _____ C:\Users\s\Downloads\Enoncé du cas Séquence 1.pdf 2019-03-17 17:08 - 2019-03-17 17:08 - 000142259 _____ C:\Users\s\Downloads\Lévolution du financement de léconomie.pdf 2019-03-17 17:07 - 2019-03-17 17:07 - 000395878 _____ C:\Users\s\Downloads\Finance cv février 2019.pdf 2019-03-17 17:07 - 2019-03-17 17:07 - 000081075 _____ C:\Users\s\Downloads\Enoncé QCM Financement 2019.pdf 2019-03-17 17:06 - 2019-03-17 17:06 - 000105629 _____ C:\Users\s\Downloads\Corrigé FINANCEMENT QCM 2019.pdf 2019-03-17 17:03 - 2019-03-17 17:03 - 000731201 _____ C:\Users\s\Downloads\Documents - CV 12-03-19 - Comprendre lactivité de lentreprise grâce au bilan et au compte de résulta.zip 2019-03-17 16:51 - 2019-03-17 16:51 - 001161046 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 07- La méthode de la synthèse.pdf 2019-03-17 16:51 - 2019-03-17 16:51 - 000644588 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 05-Analyse dun graphique.pdf 2019-03-17 16:51 - 2019-03-17 16:51 - 000611490 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 06-Plan.pdf 2019-03-17 16:51 - 2019-03-17 16:51 - 000590848 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 03-Analyse dun sujet déconomie.pdf 2019-03-17 16:51 - 2019-03-17 16:51 - 000464735 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 04-Analyse de tableau.pdf 2019-03-17 16:50 - 2019-03-17 16:50 - 000421794 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 01-épreuve économie-droit (1).pdf 2019-03-17 16:50 - 2019-03-17 16:50 - 000389093 _____ C:\Users\s\Downloads\Economie-Fiche Méthode 02-Mots clés.pdf 2019-03-17 16:44 - 2019-03-17 16:44 - 000560684 _____ C:\Users\s\Downloads\ECO_DROIT_BTS_sujetMetrop2011.pdf 2019-03-17 16:29 - 2019-03-17 16:29 - 000017300 _____ C:\Users\s\Downloads\Programme (2).xlsx 2019-03-17 16:27 - 2019-03-17 16:27 - 000041515 _____ C:\Users\s\Downloads\2096ACDKPC0218.pdf 2019-03-15 17:06 - 2019-03-15 17:06 - 000242948 _____ C:\Users\s\Downloads\296ACDAWB0115.pdf 2019-03-15 16:52 - 2019-03-15 16:52 - 000042225 _____ C:\Users\s\Downloads\Economie-et-droit-bts-cned-1ère-année-273102.pdf 2019-03-15 16:47 - 2019-03-15 16:47 - 001988459 _____ C:\Users\s\Downloads\209617DKWC0118 (2).pdf 2019-03-15 03:21 - 2019-03-15 03:21 - 000003060 _____ C:\Users\s\AppData\Local\recently-used.xbel ==================== Un mois (modifiés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-04-14 12:00 - 2019-02-12 03:39 - 000000683 _____ C:\Users\s\Desktop\recoverit_setup_full4144.exe.lnk 2019-04-14 12:00 - 2019-02-12 01:18 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2019-04-14 11:45 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-04-14 09:12 - 2018-12-28 16:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-04-13 12:59 - 2015-01-18 10:38 - 000000000 ___RD C:\Users\s\OneDrive 2019-04-13 12:58 - 2018-12-28 17:13 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3774421412-1007907057-219690849-1002 2019-04-13 12:58 - 2018-12-28 16:44 - 000002389 _____ C:\Users\s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-04-12 23:11 - 2018-05-16 21:26 - 000000000 ____D C:\Users\s\AppData\Roaming\.ACEStream 2019-04-12 23:11 - 2015-05-14 09:25 - 000000000 ____D C:\Users\s\AppData\Roaming\vlc 2019-04-12 22:57 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-04-12 21:42 - 2015-05-14 09:26 - 000000000 ____D C:\Users\s\AppData\Roaming\dvdcss 2019-04-12 20:49 - 2018-12-28 16:58 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-04-12 20:49 - 2018-04-12 18:18 - 000791028 _____ C:\WINDOWS\system32\perfh00C.dat 2019-04-12 20:49 - 2018-04-12 18:18 - 000149524 _____ C:\WINDOWS\system32\perfc00C.dat 2019-04-12 20:49 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2019-04-12 20:43 - 2018-12-28 16:44 - 000000000 ____D C:\Users\s 2019-04-12 20:42 - 2018-12-28 17:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-04-10 09:17 - 2018-10-20 16:23 - 000000000 ____D C:\Users\s\Desktop\CNED 2019-04-10 09:04 - 2017-04-13 23:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-04-09 21:43 - 2019-03-12 22:44 - 004234808 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2019-04-09 21:43 - 2018-12-28 17:13 - 000004700 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-04-09 21:43 - 2018-12-28 17:13 - 000004558 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2019-04-09 21:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-04-09 21:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-04-08 12:01 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-04-08 09:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-04-08 09:45 - 2016-12-10 03:15 - 000000408 _____ C:\Users\s\AppData\Roaming\CamShapes.ini 2019-04-08 09:45 - 2016-12-10 03:15 - 000000408 _____ C:\Users\s\AppData\Roaming\CamLayout.ini 2019-04-08 09:45 - 2016-12-10 03:15 - 000000096 _____ C:\Users\s\AppData\Roaming\Camdata.ini 2019-04-08 09:45 - 2016-12-10 01:51 - 000000000 ____D C:\Users\s\Documents\My CamStudio Temp Files 2019-04-08 09:44 - 2016-12-10 01:50 - 000000096 _____ C:\Users\s\AppData\Roaming\version2.xml 2019-04-08 00:46 - 2018-12-28 17:13 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1AA19C4D-E79C-48B0-8AF5-4F6DB173674C} 2019-04-07 16:53 - 2016-07-10 17:40 - 000000000 ____D C:\Users\s\Desktop\CV 2019-04-05 21:57 - 2016-04-20 23:00 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-04-04 16:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-03-27 22:57 - 2018-12-28 17:13 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-27 22:57 - 2018-12-28 17:13 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-24 22:55 - 2019-01-23 10:31 - 000000000 ____D C:\Users\s\AppData\Local\D3DSCache 2019-03-24 22:52 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-03-20 10:39 - 2019-03-02 01:07 - 000000000 ____D C:\Users\s\Desktop\Samsung2019 2019-03-15 03:21 - 2014-09-10 16:30 - 000000000 ____D C:\Users\s\.gimp-2.8 ==================== Fichiers à la racine de certains dossiers ======= 2014-01-07 18:15 - 2014-01-07 18:15 - 000113224 _____ () C:\Users\s\g2ax_customer_downloadhelper_win32_x86.exe 2016-12-10 03:15 - 2019-04-08 09:45 - 000000096 _____ () C:\Users\s\AppData\Roaming\Camdata.ini 2016-12-10 03:15 - 2019-04-08 09:45 - 000000408 _____ () C:\Users\s\AppData\Roaming\CamLayout.ini 2016-12-10 03:15 - 2019-04-08 09:45 - 000000408 _____ () C:\Users\s\AppData\Roaming\CamShapes.ini 2019-04-08 09:45 - 2019-04-08 09:45 - 000004537 _____ () C:\Users\s\AppData\Roaming\CamStudio.cfg 2016-12-10 01:54 - 2016-12-10 02:03 - 000000098 _____ () C:\Users\s\AppData\Roaming\CamStudio.Producer.command 2016-12-10 01:54 - 2016-12-10 02:05 - 000000000 _____ () C:\Users\s\AppData\Roaming\CamStudio.Producer.Data.ini 2016-12-10 01:54 - 2016-12-10 02:05 - 000001207 _____ () C:\Users\s\AppData\Roaming\CamStudio.Producer.ini 2017-01-17 21:55 - 2016-09-26 22:55 - 000000492 _____ () C:\Users\s\AppData\Roaming\install.log 2016-12-10 01:50 - 2019-04-08 09:44 - 000000096 _____ () C:\Users\s\AppData\Roaming\version2.xml 2016-09-27 09:46 - 2017-01-15 01:55 - 000000400 _____ () C:\Users\s\AppData\Roaming\WB.CFG 2019-03-15 03:21 - 2019-03-15 03:21 - 000003060 _____ () C:\Users\s\AppData\Local\recently-used.xbel 2016-04-20 23:07 - 2016-04-20 23:07 - 000353118 _____ () C:\Users\s\AppData\Local\SquareClock.Production_HBMV1Icon.ico ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dllhost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dllhost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-12-28 16:38 ==================== Fin de FRST.txt ============================