Publicité
Publicité
Format du document : text/plain
Prévisualisation
¤ ScanRapide 0.100 Beta ¤
¤ Lancé le 02/11/2016 à 12:11:08 ¤
¤ Système d'exploitation : Windows 7 Professionnel Service Pack 1 64 bits ¤
¤ Utilisateur : Username ¤
¤ Démarrage en mode Normal (D:\Documents\AutoIt\ScanRapide\ScanRapide.au3) ¤
¤ Processus :
smss.exe (296)
csrss.exe (472)
wininit.exe (548)
csrss.exe (584)
services.exe (608)
winlogon.exe (648)
lsass.exe (660)
lsm.exe (668)
svchost.exe (788)
svchost.exe (872)
atiesrxx.exe (936)
svchost.exe (996)
svchost.exe (144)
svchost.exe (324)
svchost.exe (484)
svchost.exe (1032)
svchost.exe (1136)
atieclxx.exe (1284)
spoolsv.exe (1396)
svchost.exe (1432)
HD-LogRotatorService.exe (1572)
C:\Windows\System32\taskhost.exe (1628)
C:\Windows\System32\dwm.exe (1708)
C:\Windows\explorer.exe (1848)
PnkBstrA.exe (1664)
svchost.exe (1936)
WLIDSVC.EXE (1176)
C:\Program Files (x86)\ownCloud\owncloud.exe (2132)
WLIDSVCM.EXE (2280)
C:\Program Files (x86)\Bluestacks\HD-Agent.exe (2452)
svchost.exe (2644)
WmiPrvSE.exe (2864)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (2680)
svchost.exe (3988)
D:\Documents\KeePassX\KeePassX.exe (3880)
D:\KOPLAYER\KOPLAYER.exe (3652)
D:\KOPLAYER\Tools\kpzsJoystickTool.exe (3084)
D:\KOPLAYER\Tools\adb.exe (3672)
audiodg.exe (1416)
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe (3340)
WmiPrvSE.exe (1148)
C:\Windows\SysWOW64\notepad.exe (4852)
C:\Windows\SysWOW64\notepad.exe (4364)
C:\Windows\SysWOW64\notepad.exe (4264)
C:\Windows\System32\dllhost.exe (4668)
C:\Windows\System32\dllhost.exe (4440)
C:\Windows\System32\dllhost.exe (4896)
¤ Sécurité :
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot] --> AlternateShell (cmd.exe)
[HKLM\SYSTEM\CurrentControlSet\Services\winmgmt\Parameters] --> ServiceDll (%SystemRoot%\system32\wbem\WMIsvc.dll)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableVirtualization (1)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorUser (3)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorAdmin (2)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableLUA (1)
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> Shell (explorer.exe)
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> Userinit (userinit.exe)
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] --> AppInit_DLLs ()
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] --> AppInit_DLLs ()
[HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> UserInit (C:\Windows\system32\userinit.exe,)
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] --> RPSessionInterval (1)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableVirtualization (1)
[HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> Shell (explorer.exe)
[HKLM64\SOFTWARE\Microsoft\Security Center\Svc] --> AntiSpywareOverride (0)
[HKLM64\SOFTWARE\Microsoft\Security Center\Svc] --> AntiVirusOverride (0)
[HKLM64\SOFTWARE\Microsoft\Security Center\Svc] --> FirewallOverride (0)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorUser (3)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorAdmin (2)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableLUA (1)
¤ Associations :
[.exe] --> (exefile)
[.exe] --> ("%1" %*)
[.exe] --> ("%1" %*)
[.exe] --> ("%1" %*)
[.exe] --> ("%1" %*)
[.bat] --> (batfile)
[.bat] --> (%SystemRoot%\System32\cmd.exe /C "%1" %*)
[.bat] --> ("%1" %*)
[.cmd] --> (cmdfile)
[.cmd] --> (%SystemRoot%\System32\cmd.exe /C "%1" %*)
[.cmd] --> ("%1" %*)
[.vbs] --> (VBSFile)
[.vbs] --> ("%SystemRoot%\System32\WScript.exe" "%1" %*)
[.vbe] --> (VBEFile)
[.vbe] --> ("%SystemRoot%\System32\WScript.exe" "%1" %*)
[.reg] --> (regfile)
[.reg] --> (regedit.exe "%1")
[.scr] --> (scrfile)
[.scr] --> ("%1" /S)
¤ Proxy :
ProxyEnable (0)
¤ DNS :
Serveur : dns1.proxad.net
Address: 212.27.40.240
¤ IFEO :
[taskmgr.exe] --> Debugger ("D:\Documents\ProcessHacker\ProcessHacker.exe")
¤ Démarrage :
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] --> ownCloud (C:\Program Files (x86)\ownCloud\owncloud.exe)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] --> BlueStacks Agent (C:\Program Files (x86)\Bluestacks\HD-Agent.exe)
¤ Listing :
C:\Users\desktop.ini
C:\CFinder[R0].txt
C:\CFinder[R1].txt
C:\FixAll[R0].txt
C:\FixAll[R10].txt
C:\FixAll[R11].txt
C:\FixAll[R12].txt
C:\FixAll[R13].txt
C:\FixAll[R14].txt
C:\FixAll[R15].txt
C:\FixAll[R16].txt
C:\FixAll[R17].txt
C:\FixAll[R18].txt
C:\FixAll[R19].txt
C:\FixAll[R1].txt
C:\FixAll[R20].txt
C:\FixAll[R21].txt
C:\FixAll[R22].txt
C:\FixAll[R23].txt
C:\FixAll[R24].txt
C:\FixAll[R25].txt
C:\FixAll[R26].txt
C:\FixAll[R27].txt
C:\FixAll[R2].txt
C:\FixAll[R3].txt
C:\FixAll[R4].txt
C:\FixAll[R5].txt
C:\FixAll[R6].txt
C:\FixAll[R7].txt
C:\FixAll[R8].txt
C:\FixAll[R9].txt
C:\hiberfil.sys
C:\pagefile.sys
C:\ScanRapide[R10].txt
C:\ScanRapide[R11].txt
C:\ScanRapide[R12].txt
C:\ScanRapide[R13].txt
C:\ScanRapide[R14].txt
C:\ScanRapide[R15].txt
C:\ScanRapide[R16].txt
C:\ScanRapide[R17].txt
C:\ScanRapide[R18].txt
C:\ScanRapide[R19].txt
C:\ScanRapide[R20].txt
C:\ScanRapide[R21].txt
C:\ScanRapide[R22].txt
C:\ScanRapide[R23].txt
C:\ScanRapide[R24].txt
C:\ScanRapide[R6].txt
C:\ScanRapide[R7].txt
C:\ScanRapide[R8].txt
C:\ScanRapide[R9].txt
C:\WinV[1].txt
C:\Program Files (x86)\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\Users\Default\NTUSER.DAT
C:\Users\Default\NTUSER.DAT.LOG
C:\Users\Default\NTUSER.DAT.LOG1
C:\Users\Default\NTUSER.DAT.LOG2
C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
C:\Users\Default\NTUSER.DAT{84f51a86-910e-11e6-94a7-bc5ff4bf66b8}.TM.blf
C:\Users\Default\NTUSER.DAT{84f51a86-910e-11e6-94a7-bc5ff4bf66b8}.TMContainer00000000000000000001.regtrans-ms
C:\Users\Default\NTUSER.DAT{84f51a86-910e-11e6-94a7-bc5ff4bf66b8}.TMContainer00000000000000000002.regtrans-ms
C:\Users\Username\Comptes_20160705T162629.gsb
C:\Users\Username\Comptes_20160705T193914.gsb
C:\Users\Username\Mes comptes_20151122T185320.gsb
C:\Users\Username\Mes comptes_20151124T221212.gsb
C:\Users\Username\Mes comptes_20151124T221251.gsb
C:\Users\Username\Mes comptes_20151127T225936.gsb
C:\Users\Username\Mes comptes_20151128T115751.gsb
C:\Users\Username\Mes comptes_20151209T172308.gsb
C:\Users\Username\Mes comptes_20151219T120402.gsb
C:\Users\Username\Mes comptes_20151226T170306.gsb
C:\Users\Username\Mes comptes_20160102T195355.gsb
C:\Users\Username\Mes comptes_20160103T163021.gsb
C:\Users\Username\Mes comptes_20160108T184343.gsb
C:\Users\Username\Mes comptes_20160109T145811.gsb
C:\Users\Username\Mes comptes_20160109T150210.gsb
C:\Users\Username\Mes comptes_20160123T135928.gsb
C:\Users\Username\Mes comptes_20160131T225501.gsb
C:\Users\Username\Mes comptes_20160207T161314.gsb
C:\Users\Username\Mes comptes_20160207T161348.gsb
C:\Users\Username\Mes comptes_20160207T205253.gsb
C:\Users\Username\Mes comptes_20160210T195227.gsb
C:\Users\Username\Mes comptes_20160211T153810.gsb
C:\Users\Username\Mes comptes_20160214T131900.gsb
C:\Users\Username\Mes comptes_20160228T183848.gsb
C:\Users\Username\Mes comptes_20160228T183916.gsb
C:\Users\Username\Mes comptes_20160303T183905.gsb
C:\Users\Username\Mes comptes_20160305T182155.gsb
C:\Users\Username\Mes comptes_20160309T213510.gsb
C:\Users\Username\Mes comptes_20160313T142807.gsb
C:\Users\Username\Mes comptes_20160313T143514.gsb
C:\Users\Username\Mes comptes_20160331T212151.gsb
C:\Users\Username\Mes comptes_20160331T212203.gsb
C:\Users\Username\Mes comptes_20160419T143809.gsb
C:\Users\Username\Mes comptes_20160419T144117.gsb
C:\Users\Username\Mes comptes_20160528T141621.gsb
C:\Users\Username\NTUSER.DAT
C:\Users\Username\ntuser.dat.LOG1
C:\Users\Username\ntuser.dat.LOG2
C:\Users\Username\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
C:\Users\Username\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
C:\Users\Username\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
C:\Users\Username\ntuser.ini
C:\Users\Username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\Users\Username\AppData\Roaming\dossier.txt
C:\Users\Username\AppData\Roaming\pcouffin.cat
C:\Users\Username\AppData\Roaming\pcouffin.inf
C:\Users\Username\AppData\Roaming\pcouffin.log
C:\Users\Username\AppData\Roaming\pcouffin.sys
C:\Users\Username\AppData\Roaming\vidiot.ini
C:\Users\Username\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Username\AppData\Local\GDIPFONTCACHEV1.DAT
C:\Users\Username\AppData\Local\IconCache.db
C:\Users\Username\AppData\Local\keepassxkeepassx2.ini
C:\Users\Username\AppData\Local\PUTTY.RND
C:\Users\Username\AppData\Local\recently-used.xbel
C:\Users\Username\AppData\Local\resmon.resmoncfg
C:\Users\Public\desktop.ini
¤ EOF : C:\ScanRapide[R24].txt ¤
¤ Lancé le 02/11/2016 à 12:11:08 ¤
¤ Système d'exploitation : Windows 7 Professionnel Service Pack 1 64 bits ¤
¤ Utilisateur : Username ¤
¤ Démarrage en mode Normal (D:\Documents\AutoIt\ScanRapide\ScanRapide.au3) ¤
¤ Processus :
smss.exe (296)
csrss.exe (472)
wininit.exe (548)
csrss.exe (584)
services.exe (608)
winlogon.exe (648)
lsass.exe (660)
lsm.exe (668)
svchost.exe (788)
svchost.exe (872)
atiesrxx.exe (936)
svchost.exe (996)
svchost.exe (144)
svchost.exe (324)
svchost.exe (484)
svchost.exe (1032)
svchost.exe (1136)
atieclxx.exe (1284)
spoolsv.exe (1396)
svchost.exe (1432)
HD-LogRotatorService.exe (1572)
C:\Windows\System32\taskhost.exe (1628)
C:\Windows\System32\dwm.exe (1708)
C:\Windows\explorer.exe (1848)
PnkBstrA.exe (1664)
svchost.exe (1936)
WLIDSVC.EXE (1176)
C:\Program Files (x86)\ownCloud\owncloud.exe (2132)
WLIDSVCM.EXE (2280)
C:\Program Files (x86)\Bluestacks\HD-Agent.exe (2452)
svchost.exe (2644)
WmiPrvSE.exe (2864)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (2680)
svchost.exe (3988)
D:\Documents\KeePassX\KeePassX.exe (3880)
D:\KOPLAYER\KOPLAYER.exe (3652)
D:\KOPLAYER\Tools\kpzsJoystickTool.exe (3084)
D:\KOPLAYER\Tools\adb.exe (3672)
audiodg.exe (1416)
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe (3340)
WmiPrvSE.exe (1148)
C:\Windows\SysWOW64\notepad.exe (4852)
C:\Windows\SysWOW64\notepad.exe (4364)
C:\Windows\SysWOW64\notepad.exe (4264)
C:\Windows\System32\dllhost.exe (4668)
C:\Windows\System32\dllhost.exe (4440)
C:\Windows\System32\dllhost.exe (4896)
¤ Sécurité :
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot] --> AlternateShell (cmd.exe)
[HKLM\SYSTEM\CurrentControlSet\Services\winmgmt\Parameters] --> ServiceDll (%SystemRoot%\system32\wbem\WMIsvc.dll)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableVirtualization (1)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorUser (3)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorAdmin (2)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableLUA (1)
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> Shell (explorer.exe)
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> Userinit (userinit.exe)
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] --> AppInit_DLLs ()
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] --> AppInit_DLLs ()
[HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> UserInit (C:\Windows\system32\userinit.exe,)
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] --> RPSessionInterval (1)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableVirtualization (1)
[HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] --> Shell (explorer.exe)
[HKLM64\SOFTWARE\Microsoft\Security Center\Svc] --> AntiSpywareOverride (0)
[HKLM64\SOFTWARE\Microsoft\Security Center\Svc] --> AntiVirusOverride (0)
[HKLM64\SOFTWARE\Microsoft\Security Center\Svc] --> FirewallOverride (0)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorUser (3)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> ConsentPromptBehaviorAdmin (2)
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] --> EnableLUA (1)
¤ Associations :
[.exe] --> (exefile)
[.exe] --> ("%1" %*)
[.exe] --> ("%1" %*)
[.exe] --> ("%1" %*)
[.exe] --> ("%1" %*)
[.bat] --> (batfile)
[.bat] --> (%SystemRoot%\System32\cmd.exe /C "%1" %*)
[.bat] --> ("%1" %*)
[.cmd] --> (cmdfile)
[.cmd] --> (%SystemRoot%\System32\cmd.exe /C "%1" %*)
[.cmd] --> ("%1" %*)
[.vbs] --> (VBSFile)
[.vbs] --> ("%SystemRoot%\System32\WScript.exe" "%1" %*)
[.vbe] --> (VBEFile)
[.vbe] --> ("%SystemRoot%\System32\WScript.exe" "%1" %*)
[.reg] --> (regfile)
[.reg] --> (regedit.exe "%1")
[.scr] --> (scrfile)
[.scr] --> ("%1" /S)
¤ Proxy :
ProxyEnable (0)
¤ DNS :
Serveur : dns1.proxad.net
Address: 212.27.40.240
¤ IFEO :
[taskmgr.exe] --> Debugger ("D:\Documents\ProcessHacker\ProcessHacker.exe")
¤ Démarrage :
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] --> ownCloud (C:\Program Files (x86)\ownCloud\owncloud.exe)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] --> BlueStacks Agent (C:\Program Files (x86)\Bluestacks\HD-Agent.exe)
¤ Listing :
C:\Users\desktop.ini
C:\CFinder[R0].txt
C:\CFinder[R1].txt
C:\FixAll[R0].txt
C:\FixAll[R10].txt
C:\FixAll[R11].txt
C:\FixAll[R12].txt
C:\FixAll[R13].txt
C:\FixAll[R14].txt
C:\FixAll[R15].txt
C:\FixAll[R16].txt
C:\FixAll[R17].txt
C:\FixAll[R18].txt
C:\FixAll[R19].txt
C:\FixAll[R1].txt
C:\FixAll[R20].txt
C:\FixAll[R21].txt
C:\FixAll[R22].txt
C:\FixAll[R23].txt
C:\FixAll[R24].txt
C:\FixAll[R25].txt
C:\FixAll[R26].txt
C:\FixAll[R27].txt
C:\FixAll[R2].txt
C:\FixAll[R3].txt
C:\FixAll[R4].txt
C:\FixAll[R5].txt
C:\FixAll[R6].txt
C:\FixAll[R7].txt
C:\FixAll[R8].txt
C:\FixAll[R9].txt
C:\hiberfil.sys
C:\pagefile.sys
C:\ScanRapide[R10].txt
C:\ScanRapide[R11].txt
C:\ScanRapide[R12].txt
C:\ScanRapide[R13].txt
C:\ScanRapide[R14].txt
C:\ScanRapide[R15].txt
C:\ScanRapide[R16].txt
C:\ScanRapide[R17].txt
C:\ScanRapide[R18].txt
C:\ScanRapide[R19].txt
C:\ScanRapide[R20].txt
C:\ScanRapide[R21].txt
C:\ScanRapide[R22].txt
C:\ScanRapide[R23].txt
C:\ScanRapide[R24].txt
C:\ScanRapide[R6].txt
C:\ScanRapide[R7].txt
C:\ScanRapide[R8].txt
C:\ScanRapide[R9].txt
C:\WinV[1].txt
C:\Program Files (x86)\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\Users\Default\NTUSER.DAT
C:\Users\Default\NTUSER.DAT.LOG
C:\Users\Default\NTUSER.DAT.LOG1
C:\Users\Default\NTUSER.DAT.LOG2
C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
C:\Users\Default\NTUSER.DAT{84f51a86-910e-11e6-94a7-bc5ff4bf66b8}.TM.blf
C:\Users\Default\NTUSER.DAT{84f51a86-910e-11e6-94a7-bc5ff4bf66b8}.TMContainer00000000000000000001.regtrans-ms
C:\Users\Default\NTUSER.DAT{84f51a86-910e-11e6-94a7-bc5ff4bf66b8}.TMContainer00000000000000000002.regtrans-ms
C:\Users\Username\Comptes_20160705T162629.gsb
C:\Users\Username\Comptes_20160705T193914.gsb
C:\Users\Username\Mes comptes_20151122T185320.gsb
C:\Users\Username\Mes comptes_20151124T221212.gsb
C:\Users\Username\Mes comptes_20151124T221251.gsb
C:\Users\Username\Mes comptes_20151127T225936.gsb
C:\Users\Username\Mes comptes_20151128T115751.gsb
C:\Users\Username\Mes comptes_20151209T172308.gsb
C:\Users\Username\Mes comptes_20151219T120402.gsb
C:\Users\Username\Mes comptes_20151226T170306.gsb
C:\Users\Username\Mes comptes_20160102T195355.gsb
C:\Users\Username\Mes comptes_20160103T163021.gsb
C:\Users\Username\Mes comptes_20160108T184343.gsb
C:\Users\Username\Mes comptes_20160109T145811.gsb
C:\Users\Username\Mes comptes_20160109T150210.gsb
C:\Users\Username\Mes comptes_20160123T135928.gsb
C:\Users\Username\Mes comptes_20160131T225501.gsb
C:\Users\Username\Mes comptes_20160207T161314.gsb
C:\Users\Username\Mes comptes_20160207T161348.gsb
C:\Users\Username\Mes comptes_20160207T205253.gsb
C:\Users\Username\Mes comptes_20160210T195227.gsb
C:\Users\Username\Mes comptes_20160211T153810.gsb
C:\Users\Username\Mes comptes_20160214T131900.gsb
C:\Users\Username\Mes comptes_20160228T183848.gsb
C:\Users\Username\Mes comptes_20160228T183916.gsb
C:\Users\Username\Mes comptes_20160303T183905.gsb
C:\Users\Username\Mes comptes_20160305T182155.gsb
C:\Users\Username\Mes comptes_20160309T213510.gsb
C:\Users\Username\Mes comptes_20160313T142807.gsb
C:\Users\Username\Mes comptes_20160313T143514.gsb
C:\Users\Username\Mes comptes_20160331T212151.gsb
C:\Users\Username\Mes comptes_20160331T212203.gsb
C:\Users\Username\Mes comptes_20160419T143809.gsb
C:\Users\Username\Mes comptes_20160419T144117.gsb
C:\Users\Username\Mes comptes_20160528T141621.gsb
C:\Users\Username\NTUSER.DAT
C:\Users\Username\ntuser.dat.LOG1
C:\Users\Username\ntuser.dat.LOG2
C:\Users\Username\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
C:\Users\Username\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
C:\Users\Username\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
C:\Users\Username\ntuser.ini
C:\Users\Username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\Users\Username\AppData\Roaming\dossier.txt
C:\Users\Username\AppData\Roaming\pcouffin.cat
C:\Users\Username\AppData\Roaming\pcouffin.inf
C:\Users\Username\AppData\Roaming\pcouffin.log
C:\Users\Username\AppData\Roaming\pcouffin.sys
C:\Users\Username\AppData\Roaming\vidiot.ini
C:\Users\Username\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Username\AppData\Local\GDIPFONTCACHEV1.DAT
C:\Users\Username\AppData\Local\IconCache.db
C:\Users\Username\AppData\Local\keepassxkeepassx2.ini
C:\Users\Username\AppData\Local\PUTTY.RND
C:\Users\Username\AppData\Local\recently-used.xbel
C:\Users\Username\AppData\Local\resmon.resmoncfg
C:\Users\Public\desktop.ini
¤ EOF : C:\ScanRapide[R24].txt ¤