Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:24-02-2016 Exécuté par audic (administrateur) sur DESKTOP-IC3GU7R (27-02-2016 12:01:04) Exécuté depuis C:\Users\audic\Downloads Profils chargés: audic (Profils disponibles: audic) Platform: Microsoft Windows 10 Famille Version 1511 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Apple Inc.) C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (BlackBerry Limited) C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (BlackBerry Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (AMD) C:\Windows\System32\atieclxx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (BlackBerry Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (BlackBerry Limited) C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (IntelliBreeze Software) C:\Program Files\Gmail Notifier Pro\GmailNotifierPro.exe () C:\Program Files\Common Files\Research In Motion\nginx\nginx.exe () C:\Program Files\Common Files\Research In Motion\nginx\nginx.exe (Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe (Glarysoft Ltd) C:\Program Files\Glary Utilities 5\MemfilesService.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\WindowsApps\Microsoft.AgeCastles_1.16.33.0_x86__8wekyb3d8bbwe\CastlesClient_s.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x86__8wekyb3d8bbwe\WinStore.Mobile.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x86__8wekyb3d8bbwe\HxCalendarAppImm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x86__8wekyb3d8bbwe\HxTsr.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2484424 2015-10-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-08] (AVAST Software) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-2227119291-465177224-2525387193-1001\...\Run: [GmailNotifierPro] => C:\Program Files\Gmail Notifier Pro\GmailNotifierPro.exe [2870592 2015-08-01] (IntelliBreeze Software) HKU\S-1-5-21-2227119291-465177224-2525387193-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2016-02-18] (Glarysoft Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-28] (AVAST Software) BootExecute: autocheck autochk /p \??\C:autocheck autochk * ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{44f8640e-1c45-49f8-9f8d-965c2e163d90}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_strmio_16_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtBtCzzzzyDzz0ByB0D0CyD0DtBtCyCtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByCyE0CyEzztGtBzyzz0DtGyB0BtA0BtGtA0E0EyDtGtByDtC0ByC0AyB0CtBzyzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtCyDtDyDyB0AtGyE0AyD0BtGyE0EtD0EtG0BtD0AzztGyCzy0C0AtAzz0D0D0E0AtDyD2QtN0A0LzuyE%26cr%3D1550522199%26a%3Dwncy_strmio_16_02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_strmio_16_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtBtCzzzzyDzz0ByB0D0CyD0DtBtCyCtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByCyE0CyEzztGtBzyzz0DtGyB0BtA0BtGtA0E0EyDtGtByDtC0ByC0AyB0CtBzyzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtCyDtDyDyB0AtGyE0AyD0BtGyE0EtD0EtG0BtD0AzztGyCzy0C0AtAzz0D0D0E0AtDyD2QtN0A0LzuyE%26cr%3D1550522199%26a%3Dwncy_strmio_16_02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-2227119291-465177224-2525387193-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_strmio_16_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtBtCzzzzyDzz0ByB0D0CyD0DtBtCyCtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByCyE0CyEzztGtBzyzz0DtGyB0BtA0BtGtA0E0EyDtGtByDtC0ByC0AyB0CtBzyzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtCyDtDyDyB0AtGyE0AyD0BtGyE0EtD0EtG0BtD0AzztGyCzy0C0AtAzz0D0D0E0AtDyD2QtN0A0LzuyE%26cr%3D1550522199%26a%3Dwncy_strmio_16_02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-2227119291-465177224-2525387193-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_strmio_16_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtBtCzzzzyDzz0ByB0D0CyD0DtBtCyCtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByCyE0CyEzztGtBzyzz0DtGyB0BtA0BtGtA0E0EyDtGtByDtC0ByC0AyB0CtBzyzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtCyDtDyDyB0AtGyE0AyD0BtGyE0EtD0EtG0BtD0AzztGyCzy0C0AtAzz0D0D0E0AtDyD2QtN0A0LzuyE%26cr%3D1550522199%26a%3Dwncy_strmio_16_02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-28] (AVAST Software) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-12] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-12] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-12] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-12] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\audic\AppData\Roaming\Mozilla\Firefox\Profiles\p4x06qej.default FF NewTab: about:newtab FF SelectedSearchEngine: Search Provided by Yahoo FF Homepage: Google.fr FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-12] (Microsoft Corporation) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\audic\AppData\Roaming\Mozilla\Firefox\Profiles\qhdapimw.dev-edition-default\searchplugins\Search Provided by Yahoo.xml [2016-01-12] FF Extension: Zotero - C:\Users\audic\AppData\Roaming\Mozilla\Firefox\Profiles\p4x06qej.default\extensions\zotero@chnm.gmu.edu.xpi [2015-09-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10] Chrome: ======= CHR HomePage: Default -> hxxp://google.fr/ CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_strmio_16_02¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtBtCzzzzyDzz0ByB0D0CyD0DtBtCyCtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByCyE0CyEzztGtBzyzz0DtGyB0BtA0BtGtA0E0EyDtGtByDtC0ByC0AyB0CtBzyzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtAtCyDtDyDyB0AtGyE0AyD0BtGyE0EtD0EtG0BtD0AzztGyCzy0C0AtAzz0D0D0E0AtDyD2QtN0A0LzuyE%26cr%3D1550522199%26a%3Dwncy_strmio_16_02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome" CHR Profile: C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-28] CHR Extension: (Google Docs) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-28] CHR Extension: (Google Drive) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12] CHR Extension: (Recherche Google) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Zotero Connector) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-10-18] CHR Extension: (Google Sheets) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-28] CHR Extension: (Google Docs hors connexion) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23] CHR Extension: (Avast Online Security) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-28] CHR Extension: (Gmail) - C:\Users\audic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-28] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-28] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-28] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-28] (AVAST Software) R3 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [1926896 2016-02-04] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [124616 2015-10-12] (ELAN Microelectronics Corp.) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-05-26] (Apple Inc.) R2 RIM Tunnel Service; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation) S2 Update service; C:\Program Files\Popcorn Time\Updater.exe [X] ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-28] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-08-28] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-28] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [794952 2015-11-08] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [435464 2015-11-08] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [113592 2015-08-28] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-28] (AVAST Software) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63.sys [6811648 2015-10-30] (Broadcom Corporation) S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6.sys [22528 2015-01-23] (BlackBerry Limited) R3 ETD; C:\WINDOWS\system32\DRIVERS\ETD.sys [514760 2015-10-12] (ELAN Microelectronics Corp.) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-08-28] (Glarysoft Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb.sys [69120 2015-01-14] (BlackBerry Limited) R3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis6.sys [14848 2015-05-26] (BlackBerry Limited) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-02-27 12:01 - 2016-02-27 12:02 - 00016864 _____ C:\Users\audic\Downloads\FRST.txt 2016-02-27 11:59 - 2016-02-27 12:01 - 00000000 ____D C:\FRST 2016-02-27 11:52 - 2016-02-27 11:59 - 01722368 _____ (Farbar) C:\Users\audic\Downloads\FRST.exe 2016-02-27 09:00 - 2016-02-27 09:01 - 15575184 _____ C:\Users\audic\Downloads\Glary_Utilities_v5.45.0.65.exe 2016-02-24 06:49 - 2016-02-24 06:49 - 00808092 _____ C:\Users\audic\Downloads\Fiche de renseignement(2).pdf 2016-02-23 15:46 - 2016-02-23 15:47 - 03878112 _____ (Husdawg, LLC) C:\Users\audic\Downloads\Detection.exe 2016-02-23 14:00 - 2016-02-23 14:00 - 00239519 _____ C:\Users\audic\Downloads\cadrage évaluation UE 1040.1 et UE 1040.2 site Metz Montigny (1).pdf 2016-02-23 13:55 - 2016-02-23 13:56 - 00790943 _____ C:\Users\audic\Downloads\Fiche de renseignement(1).pdf 2016-02-23 13:55 - 2016-02-23 13:55 - 00790943 _____ C:\Users\audic\Downloads\Fiche de renseignement.pdf 2016-02-23 13:47 - 2016-02-23 13:48 - 00732015 _____ C:\Users\audic\Downloads\Stage1(1).pdf 2016-02-23 13:47 - 2016-02-23 13:47 - 00732015 _____ C:\Users\audic\Downloads\Stage1.pdf 2016-02-21 15:23 - 2016-02-21 15:23 - 00007254 _____ C:\Users\audic\Downloads\Affichage S9 MTY PEPA(1).pdf 2016-02-19 16:13 - 2016-02-19 16:13 - 00053653 _____ C:\Users\audic\Downloads\decimaux_aide_memoire.pdf 2016-02-19 16:08 - 2016-02-19 16:08 - 00126495 _____ C:\Users\audic\Downloads\ch10synthesedi.pdf 2016-02-19 16:05 - 2016-02-19 16:05 - 00173661 _____ C:\Users\audic\Downloads\decisynt.pdf 2016-02-19 15:34 - 2016-02-19 15:34 - 00076614 _____ C:\Users\audic\Downloads\CapmathsGeomCM2programme2008.pdf 2016-02-19 14:38 - 2016-02-19 14:38 - 00130958 _____ C:\Users\audic\Downloads\CR_atelier_78_Roditi.pdf 2016-02-19 14:35 - 2016-02-19 14:35 - 00122711 _____ C:\Users\audic\Downloads\Quelques_questions_pedagogiques_sur_les_decimaux.pdf 2016-02-18 20:45 - 2016-02-18 20:45 - 00125751 _____ C:\Users\audic\Downloads\Progression-pedagogique_Cycle2_Francais_203786.pdf 2016-02-18 17:00 - 2016-02-18 17:00 - 00000000 ____D C:\Users\audic\AppData\Local\TrayStatus 2016-02-18 14:53 - 2016-02-18 14:53 - 00267733 _____ C:\Users\audic\Downloads\TFM-Calculmental.pdf 2016-02-17 18:09 - 2016-02-17 18:09 - 00322748 _____ C:\Users\audic\Downloads\pdf_L_apprentissage_des_mathematiques_au_cycle_2_Numeration_et_calcul.pdf 2016-02-15 16:52 - 2016-02-15 16:52 - 00000000 ____D C:\Program Files\CCleaner 2016-02-15 16:50 - 2016-02-15 16:51 - 06828320 _____ (Piriform Ltd) C:\Users\audic\Downloads\ccsetup_514.exe 2016-02-15 16:50 - 2016-02-15 16:51 - 06828320 _____ (Piriform Ltd) C:\Users\audic\Downloads\ccsetup_514(1).exe 2016-02-13 13:08 - 2016-02-13 13:08 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-02-10 15:27 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 15:27 - 2016-01-27 07:15 - 05798240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 15:27 - 2016-01-27 07:15 - 01560848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 15:27 - 2016-01-27 07:15 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 15:27 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-02-10 15:27 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 15:27 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 15:27 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 15:27 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 15:27 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 15:27 - 2016-01-27 06:47 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 15:27 - 2016-01-27 06:15 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 15:27 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 15:27 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 15:27 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 15:27 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 15:27 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 15:27 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 15:27 - 2016-01-27 05:52 - 02977280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 15:27 - 2016-01-27 05:51 - 01903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 15:27 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 15:27 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 15:27 - 2016-01-27 05:49 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 15:26 - 2016-01-27 07:12 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 15:26 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 15:26 - 2016-01-27 06:47 - 01714016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 15:26 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll 2016-02-10 15:26 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 15:26 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 15:26 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 15:26 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 15:26 - 2016-01-27 06:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 15:26 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 15:26 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 15:26 - 2016-01-27 05:58 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 15:26 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 15:26 - 2016-01-27 05:44 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 15:26 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-10 15:11 - 2016-02-10 15:11 - 00239519 _____ C:\Users\audic\Downloads\cadrage évaluation UE 1040.1 et UE 1040.2 site Metz Montigny .pdf 2016-02-10 15:10 - 2016-02-10 15:10 - 00007254 _____ C:\Users\audic\Downloads\Affichage S9 MTY PEPA.pdf 2016-02-07 21:54 - 2016-02-07 21:54 - 00253845 _____ C:\Users\audic\Downloads\Portfolio stage PEPA .pdf 2016-02-04 18:11 - 2016-02-04 18:11 - 00127145 _____ C:\Users\audic\Downloads\Progression-pedagogique_Cycle3_Mathematiques_203769.pdf 2016-02-04 18:00 - 2016-02-04 18:01 - 09934987 _____ C:\Users\audic\Downloads\CAPMATHS_guide_de_l_enseignant_CM2.pdf 2016-02-04 17:40 - 2016-02-04 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WahOO 2016-02-04 17:39 - 2016-02-04 17:39 - 00000000 ____D C:\Program Files\KowMedia 2016-02-04 17:34 - 2016-02-04 17:38 - 38013672 _____ (Kow Media ) C:\Users\audic\Downloads\wahoosetup.exe 2016-02-04 13:59 - 2016-02-04 13:59 - 00561514 _____ C:\Users\audic\Downloads\Schang_Fiche Visite_Annexe 4.pdf 2016-02-01 22:21 - 2016-02-01 22:21 - 00000000 ____D C:\Users\audic\AppData\Local\Macromedia 2016-02-01 22:16 - 2016-02-27 11:49 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-01 18:26 - 2016-02-01 18:26 - 00573724 _____ C:\Users\audic\Downloads\Cadrage stage PEPA [2015-11-12].pdf 2016-01-31 14:53 - 2016-01-31 14:53 - 01642566 _____ C:\Users\audic\Downloads\Snap-2_0_0_2.bar 2016-01-31 14:39 - 2016-01-31 14:39 - 01100534 _____ C:\Users\audic\Downloads\cobalt-mobilenetwork-1.0.apk 2016-01-31 14:30 - 2016-01-31 14:30 - 86992804 _____ C:\Users\audic\Downloads\both android bar files from 2813.rar 2016-01-31 13:50 - 2016-01-31 13:50 - 09300148 _____ C:\Users\audic\Downloads\Sachesi2.0.2-Windows (1).7z 2016-01-31 13:45 - 2016-01-31 13:45 - 09300148 _____ C:\Users\audic\Downloads\Sachesi2.0.2-Windows.7z ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-02-27 11:36 - 2015-08-28 14:12 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-27 09:08 - 2015-12-02 20:20 - 00000000 ____D C:\Users\audic 2016-02-27 09:02 - 2015-08-28 12:33 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2016-02-27 09:02 - 2015-08-28 12:33 - 00000000 ____D C:\Program Files\Glary Utilities 5 2016-02-27 09:00 - 2015-10-30 06:48 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-27 09:00 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-27 08:46 - 2015-08-28 14:12 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-23 17:39 - 2015-08-28 08:41 - 00000000 ____D C:\Users\audic\AppData\Local\Packages 2016-02-23 13:49 - 2015-10-30 16:07 - 00825500 _____ C:\WINDOWS\system32\perfh00C.dat 2016-02-23 13:49 - 2015-10-30 16:07 - 00155764 _____ C:\WINDOWS\system32\perfc00C.dat 2016-02-23 13:49 - 2015-08-28 08:43 - 01848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-23 13:48 - 2015-10-30 06:47 - 00000000 ____D C:\WINDOWS\INF 2016-02-21 14:14 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\rescache 2016-02-20 09:41 - 2015-08-28 14:17 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-19 21:13 - 2015-08-28 08:51 - 00000000 ___RD C:\Users\audic\OneDrive 2016-02-18 21:08 - 2015-08-29 20:26 - 00000000 ____D C:\Users\audic\Documents\Master 2 PEPA 2016-02-18 17:23 - 2015-08-28 11:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-17 19:27 - 2016-01-11 09:32 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-02-17 19:27 - 2015-09-01 09:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-02-17 19:25 - 2015-08-28 08:41 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-17 19:23 - 2015-12-02 20:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-17 18:47 - 2015-10-30 06:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-17 18:46 - 2015-10-30 16:13 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-17 13:18 - 2015-10-30 06:39 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-17 13:10 - 2015-12-02 20:10 - 00000000 ___DC C:\WINDOWS\Panther 2016-02-17 13:10 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\ModemLogs 2016-02-15 16:46 - 2015-08-28 10:48 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-15 15:49 - 2015-08-28 10:48 - 144254680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-13 13:09 - 2015-10-30 06:48 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-13 13:08 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-02-13 13:00 - 2015-08-28 14:02 - 00000000 ____D C:\Program Files\Microsoft Office 2016-02-06 11:43 - 2015-08-28 08:51 - 00002407 _____ C:\Users\audic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-03 20:01 - 2015-10-30 06:49 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 06:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-02-01 22:16 - 2015-08-28 11:06 - 00000000 ____D C:\Users\audic\AppData\Local\Adobe 2016-01-31 13:54 - 2015-12-20 21:57 - 00000000 ____D C:\Users\audic\AppData\Roaming\Research In Motion ==================== Fichiers à la racine de certains dossiers ======= 2016-01-25 17:42 - 2016-01-25 17:46 - 0000000 _____ () C:\Users\audic\AppData\Local\{AF9A389E-240E-4EF9-87FF-125BA0708808} ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-02-24 07:00 ==================== Fin de FRST.txt ============================