cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01
Exécuté par Poste1 (administrateur) sur STATION01 (12-01-2016 14:01:11)
Exécuté depuis C:\Users\Poste1\Downloads
Profils chargés: Poste1 (Profils disponibles: Administrateur & Poste1)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\avp.exe
(Berger-Levrault) C:\Program Files\BL\BL\bin\e.magnus.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(Intel Corporation) C:\Program Files\Intel\Services\IPT\jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\avpui.exe
(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Enter Srl) C:\Program Files\Iperius Backup\Iperius.exe
(Berger-Levrault) C:\Program Files\BL\BL\bin\e.magnus.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(TeamViewer GmbH) C:\Users\Poste1\AppData\Local\Temp\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Users\Poste1\AppData\Local\Temp\TeamViewer\tv_w32.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(www.shadowexplorer.com) C:\Program Files\ShadowExplorer\sesvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
HKU\S-1-5-21-3233776131-3664448580-1722375526-1105\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3233776131-3664448580-1722375526-1105\...\Run: [Iperius Backup] => C:\Program Files\Iperius Backup\Iperius.exe [22818192 2014-11-28] (Enter Srl)
HKU\S-1-5-21-3233776131-3664448580-1722375526-1105\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3233776131-3664448580-1722375526-1105\...\MountPoints2: E - E:\autorun.exe
Startup: C:\Users\Administrateur.STATION01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.html [2015-12-21] ()
Startup: C:\Users\Administrateur.STATION01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.txt [2015-12-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Berger-Levrault - Notifier.lnk [2015-12-31]
ShortcutTarget: Berger-Levrault - Notifier.lnk -> C:\Program Files\BL\BL\bin\e.magnus.exe (Berger-Levrault)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.html [2015-12-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.txt [2015-12-21] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.html [2015-12-21] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.txt [2015-12-21] ()
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.html [2015-12-21] ()
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.txt [2015-12-21] ()
Startup: C:\Users\Poste1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+saq.txt [2015-12-21] ()

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 194.2.0.20 194.2.0.50
Tcpip\..\Interfaces\{93224442-A69E-43FE-8B6F-060F763BF700}: [DhcpNameServer] 194.2.0.20 194.2.0.50

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3233776131-3664448580-1722375526-1105\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKLM -> {45595201-E78C-41D4-8106-EAB9A7F2B0BD} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-5/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> DefaultScope {13C33377-A058-4639-9D2D-B0501E0509E0} URL = hxxp://www.google.com/search?hl=fr&q={searchTerms}&rlz=
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> {13C33377-A058-4639-9D2D-B0501E0509E0} URL = hxxp://www.google.com/search?hl=fr&q={searchTerms}&rlz=
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> {45595201-E78C-41D4-8106-EAB9A7F2B0BD} URL =
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
SearchScopes: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-3233776131-3664448580-1722375526-1105 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/FR/Core/Player/2020PlayerAX_IKEA_Win32.cab

FireFox:
========
FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-12-22] ()
FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-12-22] ()
FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-12-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-12-22] [non signé]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-12-22] [non signé]
FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-12-22] [non signé]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext => non trouvé(e)

Chrome:
=======
CHR Profile: C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Google Drive) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (YouTube) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Google Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-06]
CHR Extension: (Recherche Google) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Google Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-12-22]
CHR Extension: (Google Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-21]
CHR Extension: (Google Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-21]
CHR Extension: (Gmail) - C:\Users\Poste1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\avp.exe [194000 2015-07-07] (Kaspersky Lab ZAO)
R2 BL_AGENT; C:\Program Files\BL\BL\bin\e.magnus.exe [317760 2015-12-31] (Berger-Levrault)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [3051408 2014-03-18] (CANON INC.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277024 2013-01-11] (Intel Corporation)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [4343968 2015-12-14] (SurfRight B.V.)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
R2 jhi_service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [212944 2011-02-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 sesvc; C:\Program Files\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-07-07] (Kaspersky Lab UK Ltd)
R3 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [131248 2016-01-06] (SurfRight B.V.)
R3 hmpnet; C:\Windows\system32\drivers\hmpnet.sys [64112 2016-01-06] (SurfRight B.V.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-07-07] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-07-07] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-07-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-07-07] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [692920 2015-12-22] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-07-07] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-07-07] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-07-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-07-07] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-07-07] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [72560 2015-07-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-12-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-12] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2011-09-09] (Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [816792 2012-09-14] () [Fichier non signé]
U0 ugbwn; C:\Windows\System32\drivers\yofqwxg.sys [52440 2016-01-12] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2014-07-29] (Huawei Technologies Co., Ltd.)
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-12 13:59 - 2016-01-12 13:59 - 00030184 _____ C:\Users\Poste1\Downloads\Addition.txt
2016-01-12 13:58 - 2016-01-12 14:01 - 00018936 _____ C:\Users\Poste1\Downloads\FRST.txt
2016-01-12 13:56 - 2016-01-12 13:57 - 00000276 _____ C:\Users\Poste1\Downloads\Search.txt
2016-01-12 13:55 - 2016-01-12 13:55 - 01721856 _____ (Farbar) C:\Users\Poste1\Downloads\FRST.exe
2016-01-12 12:12 - 2016-01-12 12:14 - 15913472 _____ C:\Users\Poste1\Downloads\python-2.7.msi
2016-01-12 12:06 - 2016-01-12 12:06 - 00052440 _____ (Malwarebytes) C:\Windows\system32\Drivers\yofqwxg.sys
2016-01-12 12:03 - 2016-01-12 12:04 - 00972594 _____ C:\Users\Poste1\Downloads\pycrypto-2.6.win32-py2.7 (1).exe
2016-01-12 12:02 - 2016-01-12 12:03 - 00978046 _____ C:\Users\Poste1\Downloads\pycrypto-2.6.win32-py2.6.exe
2016-01-12 12:00 - 2016-01-12 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-01-12 11:59 - 2016-01-12 12:04 - 00000000 ____D C:\Python27
2016-01-12 11:49 - 2016-01-12 11:52 - 18636800 _____ C:\Users\Poste1\Downloads\python-2.7.11.msi
2016-01-12 11:32 - 2016-01-12 11:32 - 00000000 ____D C:\Users\Poste1\Desktop\yafu
2016-01-12 11:30 - 2016-01-12 11:32 - 04061336 _____ C:\Users\Poste1\Downloads\yafu-1.34.zip
2016-01-12 11:30 - 2016-01-12 11:30 - 00021350 _____ C:\Users\Poste1\Downloads\TeslaCrack-master.zip
2016-01-12 11:30 - 2016-01-09 14:03 - 00000000 ____D C:\Users\Poste1\Desktop\TeslaCrack-master
2016-01-12 11:29 - 2016-01-12 11:30 - 00972594 _____ C:\Users\Poste1\Downloads\pycrypto-2.6.win32-py2.7.exe
2016-01-12 11:18 - 2016-01-12 11:18 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\www.shadowexplorer.com
2016-01-12 11:18 - 2016-01-12 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
2016-01-12 11:18 - 2016-01-12 11:18 - 00000000 ____D C:\Program Files\ShadowExplorer
2016-01-12 11:08 - 2016-01-12 14:01 - 00000000 ____D C:\FRST
2016-01-12 09:34 - 2016-01-12 09:34 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\1ACF2DC0.sys
2016-01-12 09:34 - 2016-01-12 09:34 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\0C842E05.sys
2016-01-12 09:15 - 2016-01-12 09:15 - 05505632 _____ (TeamViewer) C:\Users\Poste1\Downloads\TeamViewerQS_fr-idcxqguqnq.exe
2016-01-12 08:37 - 2016-01-12 08:37 - 00016384 _____ C:\Windows\system32\��E
2016-01-11 13:47 - 2016-01-11 13:47 - 00016384 _____ C:\Windows\system32\(7�
2016-01-11 10:23 - 2016-01-11 10:23 - 00067086 _____ C:\Users\Poste1\Downloads\INTB0200059C (1).pdf
2016-01-11 10:19 - 2016-01-11 10:19 - 00067086 _____ C:\Users\Poste1\Downloads\INTB0200059C.pdf
2016-01-11 09:34 - 2016-01-11 14:34 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\25805FC2.sys
2016-01-11 09:34 - 2016-01-11 09:34 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\2DAB5F9B.sys
2016-01-11 08:56 - 2016-01-11 08:56 - 00016384 _____ C:\Windows\system32\��F
2016-01-08 13:42 - 2016-01-08 13:42 - 00016384 _____ C:\Windows\system32\��9
2016-01-06 09:21 - 2016-01-12 14:00 - 00000000 ____D C:\Windows\CryptoGuard
2016-01-06 09:21 - 2016-01-12 08:37 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-01-06 09:21 - 2016-01-06 09:27 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-06 09:21 - 2016-01-06 09:21 - 00763216 _____ (SurfRight B.V.) C:\Windows\system32\hmpalert.dll
2016-01-06 09:21 - 2016-01-06 09:21 - 00131248 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpalert.sys
2016-01-06 09:21 - 2016-01-06 09:21 - 00064112 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpnet.sys
2016-01-06 09:21 - 2016-01-06 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2016-01-06 09:21 - 2016-01-06 09:21 - 00000000 ____D C:\Program Files\HitmanPro.Alert
2016-01-05 14:03 - 2016-01-05 14:03 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\WinRAR
2016-01-05 14:03 - 2016-01-05 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-05 14:02 - 2016-01-05 14:03 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-05 14:02 - 2016-01-05 14:02 - 00000000 ____D C:\Program Files\WinRAR
2016-01-05 14:01 - 2016-01-05 14:02 - 01872760 _____ C:\Users\Poste1\Downloads\wrar530fr.exe
2016-01-05 14:01 - 2016-01-05 14:02 - 00567279 _____ C:\Users\Poste1\Downloads\wrar530fr (1).exe
2015-12-22 14:57 - 2015-12-22 14:57 - 00002318 _____ C:\Users\Poste1\Desktop\Protection bancaire.lnk
2015-12-22 14:57 - 2015-12-22 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Small Office Security
2015-12-22 14:57 - 2015-12-22 14:56 - 00002166 _____ C:\Users\Public\Desktop\Kaspersky Small Office Security.lnk
2015-12-22 14:55 - 2016-01-12 12:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-22 14:55 - 2015-12-22 15:24 - 00692920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-12-22 14:55 - 2015-12-22 14:55 - 00000000 ____D C:\Windows\ELAMBKUP
2015-12-22 14:55 - 2015-12-22 14:55 - 00000000 ____D C:\Program Files\Kaspersky Lab
2015-12-22 14:55 - 2015-07-07 23:49 - 00128728 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-12-22 14:55 - 2015-07-07 23:49 - 00044208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-12-22 14:51 - 2015-12-22 14:51 - 00083074 _____ C:\ProgramData\1450792182.bdinstall.bin
2015-12-22 14:51 - 2015-12-22 14:51 - 00000000 ____D C:\Program Files\Bitdefender
2015-12-22 14:27 - 2015-12-22 14:46 - 170910944 _____ (Kaspersky Lab) C:\Users\Poste1\Downloads\ksos15.0.2.361fr-fr.exe
2015-12-21 16:05 - 2016-01-12 13:38 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 16:05 - 2015-12-21 16:05 - 00001066 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-21 16:05 - 2015-12-21 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-21 16:05 - 2015-12-21 16:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-21 16:05 - 2015-12-21 16:05 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-12-21 16:05 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-21 16:05 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-21 16:05 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-21 15:59 - 2015-12-21 16:04 - 22908888 _____ (Malwarebytes ) C:\Users\Poste1\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-21 15:46 - 2015-12-21 15:46 - 00026112 _____ C:\Users\Poste1\Desktop\Classeur1.xls
2015-12-21 11:03 - 2015-12-21 11:03 - 00002934 _____ C:\Users\Poste1\Downloads\1450691851_operationsPass_N50218204271100.csv
2015-12-21 10:59 - 2015-12-21 10:59 - 00002934 _____ C:\Users\Poste1\Downloads\1450691651_operationsPass_N50218204271100.csv
2015-12-21 10:39 - 2015-12-21 10:39 - 00010608 _____ C:\Users\Public\how_recover+saq.html
2015-12-21 10:39 - 2015-12-21 10:39 - 00010608 _____ C:\Users\Public\Downloads\how_recover+saq.html
2015-12-21 10:39 - 2015-12-21 10:39 - 00010608 _____ C:\Users\Poste1\how_recover+saq.html
2015-12-21 10:39 - 2015-12-21 10:39 - 00002385 _____ C:\Users\Public\how_recover+saq.txt
2015-12-21 10:39 - 2015-12-21 10:39 - 00002385 _____ C:\Users\Public\Downloads\how_recover+saq.txt
2015-12-21 10:39 - 2015-12-21 10:39 - 00002385 _____ C:\Users\Poste1\how_recover+saq.txt
2015-12-21 10:37 - 2015-12-21 10:38 - 00010608 _____ C:\Users\Poste1\Documents\how_recover+saq.html
2015-12-21 10:37 - 2015-12-21 10:38 - 00002385 _____ C:\Users\Poste1\Documents\how_recover+saq.txt
2015-12-21 10:30 - 2015-12-21 10:30 - 00010608 _____ C:\Users\Poste1\AppData\Roaming\how_recover+saq.html
2015-12-21 10:30 - 2015-12-21 10:30 - 00010608 _____ C:\Users\Poste1\AppData\LocalLow\how_recover+saq.html
2015-12-21 10:30 - 2015-12-21 10:30 - 00010608 _____ C:\Users\Poste1\AppData\how_recover+saq.html
2015-12-21 10:30 - 2015-12-21 10:30 - 00002385 _____ C:\Users\Poste1\AppData\Roaming\how_recover+saq.txt
2015-12-21 10:30 - 2015-12-21 10:30 - 00002385 _____ C:\Users\Poste1\AppData\LocalLow\how_recover+saq.txt
2015-12-21 10:30 - 2015-12-21 10:30 - 00002385 _____ C:\Users\Poste1\AppData\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:39 - 00010608 _____ C:\Users\Public\Documents\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:39 - 00002385 _____ C:\Users\Public\Documents\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:38 - 00010608 _____ C:\Users\Poste1\AppData\Local\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:38 - 00002385 _____ C:\Users\Poste1\AppData\Local\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\Downloads\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\Documents\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\Desktop\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\AppData\Roaming\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\AppData\LocalLow\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\AppData\Local\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default\AppData\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\Downloads\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\Documents\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\Desktop\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\AppData\Roaming\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\AppData\LocalLow\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\AppData\Local\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Default User\AppData\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur\AppData\Roaming\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur\AppData\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\Downloads\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\Documents\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\Desktop\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\AppData\Roaming\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\AppData\LocalLow\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\AppData\Local\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\Users\Administrateur.STATION01\AppData\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00010608 _____ C:\ProgramData\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\Downloads\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\Documents\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\Desktop\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\AppData\Roaming\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\AppData\LocalLow\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\AppData\Local\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default\AppData\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\Downloads\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\Documents\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\Desktop\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\AppData\Roaming\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\AppData\LocalLow\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\AppData\Local\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Default User\AppData\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur\AppData\Roaming\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur\AppData\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\Downloads\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\Documents\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\Desktop\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\AppData\Roaming\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\AppData\LocalLow\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\AppData\Local\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\Users\Administrateur.STATION01\AppData\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:26 - 00002385 _____ C:\ProgramData\how_recover+saq.txt
2015-12-21 10:24 - 2015-12-21 10:24 - 00000252 _____ C:\Users\Poste1\Documents\recover_file_amjjplxtf.txt
2015-12-16 15:27 - 2015-12-21 10:34 - 00039342 _____ C:\Users\Poste1\Desktop\INSCRIPTION REPAS 18 DECEMBRE 2015 ALIZES.xls.vvv

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-01-12 14:00 - 2014-02-07 16:37 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 13:47 - 2012-09-14 10:54 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-12 11:13 - 2009-07-14 05:34 - 00017312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-12 11:13 - 2009-07-14 05:34 - 00017312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-12 11:10 - 2012-09-14 18:19 - 00747850 _____ C:\Windows\system32\perfh00C.dat
2016-01-12 11:10 - 2012-09-14 18:19 - 00149490 _____ C:\Windows\system32\perfc00C.dat
2016-01-12 11:10 - 2010-11-20 22:01 - 01669584 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-12 11:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-12 11:08 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-12 10:57 - 2013-02-28 15:32 - 00000000 ____D C:\Users\Poste1\Documents\Fichiers Outlook
2016-01-12 09:16 - 2013-12-18 16:39 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\TeamViewer
2016-01-12 09:00 - 2014-02-07 16:37 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 08:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-11 11:25 - 2014-09-12 13:47 - 00000000 ____D C:\Users\Poste1\Desktop\FICHE DE VISA
2016-01-11 11:24 - 2015-03-04 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2016-01-11 11:24 - 2015-02-03 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iperius Backup
2016-01-11 11:24 - 2014-10-07 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GestImmos
2016-01-11 11:24 - 2014-09-29 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Berger-Levrault
2016-01-11 11:24 - 2014-02-07 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-11 11:24 - 2014-02-07 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-11 11:24 - 2013-03-01 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012
2016-01-11 11:24 - 2012-09-14 18:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
2016-01-11 11:24 - 2012-09-14 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-11 11:24 - 2012-09-14 18:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-01-11 11:24 - 2012-09-14 18:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-01-11 11:24 - 2012-09-14 18:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-01-11 11:24 - 2012-09-14 18:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-01-11 11:24 - 2012-09-14 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-01-11 11:24 - 2012-09-14 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-01-11 11:24 - 2012-09-14 10:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-01-11 11:24 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-07 14:24 - 2009-07-14 05:53 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-07 10:16 - 2013-02-28 16:27 - 00000000 ____D C:\Users\Poste1\AppData\Local\CrashDumps
2016-01-05 12:49 - 2012-09-14 18:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-01-05 12:49 - 2012-09-14 10:54 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-01-05 09:45 - 2012-09-14 13:34 - 00000000 ____D C:\Users\Administrateur
2015-12-31 10:05 - 2013-02-28 15:30 - 00002078 _____ C:\Users\Public\Desktop\Berger-Levrault.lnk
2015-12-22 15:24 - 2015-07-07 23:49 - 00157240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-12-22 14:51 - 2013-03-01 09:31 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-12-22 14:19 - 2013-12-22 10:10 - 00000000 ____D C:\Windows\Minidump
2015-12-22 14:19 - 2011-02-10 22:16 - 00000000 ____D C:\Windows\Panther
2015-12-22 14:13 - 2013-03-01 10:18 - 00000376 _____ C:\Users\Poste1\AppData\Roamingprivacy.xml
2015-12-21 16:06 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1
2015-12-21 15:40 - 2013-02-28 15:19 - 00000112 _____ C:\Windows\system32\config\netlogon.ftl
2015-12-21 15:39 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Local\ElevatedDiagnostics
2015-12-21 14:38 - 2013-02-28 15:03 - 00000000 ____D C:\Users\Poste1\Desktop\T.P
2015-12-21 10:39 - 2015-12-08 11:01 - 00000000 ____D C:\Users\Public\scan
2015-12-21 10:39 - 2015-12-08 09:31 - 00000000 ____D C:\Users\Poste1\scan
2015-12-21 10:39 - 2015-04-23 13:36 - 00000000 ____D C:\Users\Poste1\schemas
2015-12-21 10:39 - 2013-05-10 08:44 - 00000000 ____D C:\Users\Public\Documents\ntr
2015-12-21 10:39 - 2012-09-14 18:50 - 00000000 ____D C:\Users\Public\Symantec
2015-12-21 10:39 - 2010-11-21 01:47 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-21 10:39 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-21 10:38 - 2015-11-24 09:21 - 00052190 _____ C:\Users\Poste1\Downloads\piece identite.pdf.vvv
2015-12-21 10:38 - 2015-08-25 10:08 - 00454654 _____ C:\Users\Poste1\Downloads\Règlement de Consultation photocopieurs 2012-2015.pdf.vvv
2015-12-21 10:38 - 2015-04-23 13:36 - 00000000 ____D C:\Users\Poste1\dsc
2015-12-21 10:38 - 2014-10-17 14:48 - 00189358 _____ C:\Users\Poste1\Downloads\Principaux tarifs colis, emballages préaffranchis, au départ de France métropolitaine au 1er mars 2014.pdf.vvv
2015-12-21 10:38 - 2014-10-17 14:48 - 00189358 _____ C:\Users\Poste1\Downloads\Principaux tarifs colis, emballages préaffranchis, au départ de France métropolitaine au 1er mars 2014 (1).pdf.vvv
2015-12-21 10:38 - 2014-02-17 16:01 - 00000000 ____D C:\Users\Poste1\Downloads\Installation_complete_Portail_Achats_v2.10 (1)
2015-12-21 10:38 - 2014-02-17 15:56 - 49390734 _____ C:\Users\Poste1\Downloads\Installation_complete_Portail_Achats_v2.10 (1).zip.vvv
2015-12-21 10:38 - 2014-02-17 15:17 - 49390734 _____ C:\Users\Poste1\Downloads\Installation_complete_Portail_Achats_v2.10.zip.vvv
2015-12-21 10:37 - 2015-10-26 15:47 - 00023982 _____ C:\Users\Poste1\Documents\ticket resto 2016 AMICALE DU PERSONNEL.doc.vvv
2015-12-21 10:37 - 2015-10-23 10:53 - 00026030 _____ C:\Users\Poste1\Documents\reunion preparation AG EXTRAORDINAIRE DU 17 NOVEMBRE 2015.doc.vvv
2015-12-21 10:37 - 2015-10-16 15:11 - 00044942 _____ C:\Users\Poste1\Documents\solde centre de voile.pdf.vvv
2015-12-21 10:37 - 2015-10-15 14:56 - 00002286 _____ C:\Users\Poste1\Downloads\Adh_telereg.pdf.vvv
2015-12-21 10:37 - 2015-07-16 16:50 - 00024494 _____ C:\Users\Poste1\Documents\sortie ordinateur m.bordier.doc.vvv
2015-12-21 10:37 - 2015-02-04 12:28 - 00002798 _____ C:\Users\Poste1\Downloads\1423048276_operationsPass_N50218204271100.csv.vvv
2015-12-21 10:37 - 2015-02-04 12:28 - 00002798 _____ C:\Users\Poste1\Downloads\1423048265_operationsPass_N50218204271100.csv.vvv
2015-12-21 10:37 - 2015-01-16 09:42 - 00024414 _____ C:\Users\Poste1\Downloads\CR reunion de travail 11 janv 15.docx.vvv
2015-12-21 10:37 - 2015-01-15 14:04 - 00006270 _____ C:\Users\Poste1\Downloads\edit_releve_u6f99ctcvhour0hnrobv1p1nt6.pdf.vvv
2015-12-21 10:37 - 2015-01-12 22:42 - 00061358 _____ C:\Users\Poste1\Documents\TRESORERIE FB 2015.xls.vvv
2015-12-21 10:37 - 2014-12-22 13:54 - 00029102 _____ C:\Users\Poste1\Documents\voeuxs.doc.vvv
2015-12-21 10:37 - 2014-11-28 17:00 - 00000000 ___RD C:\Users\Poste1\Documents\Scanned Documents
2015-12-21 10:37 - 2014-10-10 15:31 - 03317038 _____ C:\Users\Poste1\Downloads\coupe 024.JPG.vvv
2015-12-21 10:37 - 2014-10-10 15:31 - 03317038 _____ C:\Users\Poste1\Downloads\coupe 024 (1).JPG.vvv
2015-12-21 10:37 - 2014-06-16 13:02 - 00005934 _____ C:\Users\Poste1\Downloads\chaine_dgfip_dgcp.p7b.vvv
2015-12-21 10:37 - 2013-11-19 16:37 - 00145598 _____ C:\Users\Poste1\Documents\RIB bouclet .pdf.vvv
2015-12-21 10:37 - 2013-10-09 15:05 - 00040366 _____ C:\Users\Poste1\Documents\tableau region.xls.vvv
2015-12-21 10:37 - 2013-05-21 13:05 - 00009582 _____ C:\Users\Poste1\Downloads\iban_M_FREDERIC_DENIS_00020396401.pdf.vvv
2015-12-21 10:37 - 2013-03-26 09:01 - 00031150 _____ C:\Users\Poste1\Documents\SERT POINTAGE TP SARRY.xls.vvv
2015-12-21 10:37 - 2013-03-04 16:50 - 00000000 ____D C:\Users\Poste1\Documents\vacance arezki
2015-12-21 10:37 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\TVA NON DECLAREE
2015-12-21 10:37 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\SARRY 78
2015-12-21 10:37 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\REGION IDF
2015-12-21 10:36 - 2015-03-04 17:43 - 00000000 ____D C:\Users\Poste1\Documents\HiSuite
2015-12-21 10:36 - 2014-12-29 15:03 - 00182190 _____ C:\Users\Poste1\Documents\GALETTE 2015.doc.vvv
2015-12-21 10:36 - 2014-12-16 17:36 - 02153278 _____ C:\Users\Poste1\Documents\DM3 SECTEUR NORMAL 2014.pdf.vvv
2015-12-21 10:36 - 2014-11-28 17:00 - 00000000 ____D C:\Users\Poste1\Documents\Fax
2015-12-21 10:36 - 2014-11-18 12:13 - 00368558 _____ C:\Users\Poste1\Documents\FACTURE TRAVAUX REGIE VOILE 2014.pdf.vvv
2015-12-21 10:36 - 2014-10-29 11:12 - 00509278 _____ C:\Users\Poste1\Documents\montigny centre equestre.pdf.vvv
2015-12-21 10:36 - 2014-03-08 14:37 - 00094126 _____ C:\Users\Poste1\Documents\DM 1word.doc.vvv
2015-12-21 10:36 - 2014-03-07 19:43 - 00035246 _____ C:\Users\Poste1\Documents\DM1.xls.vvv
2015-12-21 10:36 - 2013-07-19 06:54 - 00031150 _____ C:\Users\Poste1\Documents\interets moratoires.xls.vvv
2015-12-21 10:36 - 2013-03-26 09:12 - 00032174 _____ C:\Users\Poste1\Documents\FOREM POINTAGE TP SARRY.xls.vvv
2015-12-21 10:36 - 2013-03-08 12:01 - 00032686 _____ C:\Users\Poste1\Documents\RECETTES ALIZES MARS AVRIL 2012.xls.vvv
2015-12-21 10:36 - 2013-03-01 16:28 - 00030638 _____ C:\Users\Poste1\Documents\PROBLEME TVA.XLS.vvv
2015-12-21 10:36 - 2013-03-01 16:28 - 00030638 _____ C:\Users\Poste1\Documents\NOTAIRE.xls.vvv
2015-12-21 10:36 - 2013-03-01 15:00 - 00000000 ____D C:\Users\Poste1\Documents\Mes éditions BL
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ___SD C:\Users\Poste1\Documents\Mes sources de données
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\RATTACHEMENT
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\PREFECTURE
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\Mes éditions e.magnus
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\Mes échanges Magnus
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\Mes eBooks
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\LITIGE CAMPING
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\FACTURE
2015-12-21 10:36 - 2013-02-28 15:05 - 00000000 ____D C:\Users\Poste1\Documents\eMagnusEdu
2015-12-21 10:36 - 2013-02-28 14:57 - 00000000 ____D C:\Users\Poste1\Documents\DIVERS
2015-12-21 10:35 - 2015-10-23 08:02 - 00025518 _____ C:\Users\Poste1\Documents\ANNEXE CONVOCATION AG EXTRAORDINAIRE DU 17 NOVEMBRE 2015.doc.vvv
2015-12-21 10:35 - 2015-08-28 09:41 - 00034222 _____ C:\Users\Poste1\Documents\DEPOT AMICAL JUILLETClasseur1.xls.vvv
2015-12-21 10:35 - 2015-07-27 10:24 - 00073950 _____ C:\Users\Poste1\Documents\CE 1.000.00€ 2015.pdf.vvv
2015-12-21 10:35 - 2015-07-23 11:48 - 00017838 _____ C:\Users\Poste1\Documents\decision bourgeois 1500.doc.vvv
2015-12-21 10:35 - 2015-06-10 16:38 - 00057774 _____ C:\Users\Poste1\Documents\Copie de ca 2014 GENERAL (2).xls.vvv
2015-12-21 10:35 - 2015-02-04 10:05 - 00137614 _____ C:\Users\Poste1\Documents\CAISSE EPARGNE 4 FEVRIER.pdf.vvv
2015-12-21 10:35 - 2014-12-23 14:31 - 00232366 _____ C:\Users\Poste1\Documents\Copie de Budget Prévisionnel 2015.xls.vvv
2015-12-21 10:35 - 2014-07-25 15:02 - 00020270 _____ C:\Users\Poste1\Documents\Copie de 015-Reporting accueil - janv-fev-mars-avril-mai-juin2014 (2).xlsx.vvv
2015-12-21 10:35 - 2014-02-13 15:12 - 00037806 _____ C:\Users\Poste1\Documents\Copie de REMISE D'ESPECES .xls.vvv
2015-12-21 10:35 - 2013-05-22 08:42 - 00000000 ____D C:\Users\Poste1\Documents\BLEdu
2015-12-21 10:35 - 2013-03-27 17:04 - 00031150 _____ C:\Users\Poste1\Documents\Copie de SERT POINTAGE TP SARRY.xls.vvv
2015-12-21 10:35 - 2013-02-28 15:00 - 00003342 _____ C:\Users\Poste1\Documents\denis.pfx.vvv
2015-12-21 10:35 - 2013-02-28 14:57 - 00000000 ____D C:\Users\Poste1\Documents\CERTIFICAT INVENTAIRE
2015-12-21 10:35 - 2013-02-28 14:57 - 00000000 ____D C:\Users\Poste1\Documents\CENTRE DE VOILE
2015-12-21 10:35 - 2013-02-28 14:57 - 00000000 ____D C:\Users\Poste1\Documents\BUDGET
2015-12-21 10:35 - 2013-02-28 14:57 - 00000000 ____D C:\Users\Poste1\Documents\amortissement
2015-12-21 10:35 - 2013-02-28 14:52 - 00000000 ____D C:\Users\Poste1\Documents\AMICALE
2015-12-21 10:34 - 2015-12-09 15:54 - 00139934 _____ C:\Users\Poste1\Desktop\facture 15-015-46.pdf.vvv
2015-12-21 10:34 - 2015-11-26 12:09 - 00043950 _____ C:\Users\Poste1\Desktop\TRAVAUX JEUX D EAU.xls
2015-12-21 10:34 - 2015-11-05 11:39 - 00038318 _____ C:\Users\Poste1\Desktop\TP CANALE3.xls.vvv
2015-12-21 10:34 - 2015-09-01 11:08 - 00040366 _____ C:\Users\Poste1\Desktop\PREPARATION BS 2015.xls.vvv
2015-12-21 10:34 - 2015-08-18 09:42 - 00045998 _____ C:\Users\Poste1\Desktop\SIT HANGAR VOILE protocole .xls.vvv
2015-12-21 10:34 - 2015-08-12 10:33 - 00106414 _____ C:\Users\Poste1\Desktop\SIT CENTRE DE VOILE ET RESTAURANT protocole.xls.vvv
2015-12-21 10:34 - 2015-07-24 15:23 - 00000000 ____D C:\Users\Poste1\Desktop\VACANCES KAMEL JUILLET AOUT
2015-12-21 10:34 - 2015-06-22 10:58 - 00000000 ____D C:\Users\Poste1\Desktop\Nouveau dossier
2015-12-21 10:34 - 2015-04-17 09:36 - 00000000 ____D C:\Users\Poste1\Desktop\FD
2015-12-21 10:34 - 2015-03-10 12:13 - 00000000 ____D C:\Users\Poste1\Desktop\DIVERS
2015-12-21 10:34 - 2015-01-27 09:04 - 00000590 ____H C:\Users\Poste1\Desktop\~$TRES RESTAURANT PERIMES 2014.doc.vvv
2015-12-21 10:34 - 2015-01-26 13:58 - 04823854 _____ C:\Users\Poste1\Documents\2188 bst.pdf.vvv
2015-12-21 10:34 - 2014-11-07 11:37 - 00040878 _____ C:\Users\Poste1\Desktop\TRAVAUX HANGAR 2014.xls.vvv
2015-12-21 10:34 - 2014-08-29 11:18 - 00045998 _____ C:\Users\Poste1\Desktop\SINISTRE EQUITATION 2014.xls.vvv
2015-12-21 10:34 - 2014-08-27 16:06 - 00068014 _____ C:\Users\Poste1\Desktop\TRAVAUX CENTRE EQUESTRE2.xls.vvv
2015-12-21 10:34 - 2014-07-29 13:56 - 00048558 _____ C:\Users\Poste1\Desktop\TRAVAUX HEBERGEMENT 2014.xls.vvv
2015-12-21 10:34 - 2014-06-16 15:32 - 00046510 _____ C:\Users\Poste1\Desktop\TRAVAUX ENTREE LOGE SUD NOUVELLE ENTREE.xls.vvv
2015-12-21 10:30 - 2015-12-11 17:37 - 00072990 _____ C:\Users\Poste1\Desktop\commande carte cadeau.pdf.vvv
2015-12-21 10:30 - 2015-09-11 19:40 - 00000000 ____D C:\Users\Poste1\Desktop\CA 2014 BASE DE LOISIRS
2015-12-21 10:30 - 2015-08-26 16:16 - 00000000 ____D C:\Users\Poste1\Desktop\ca reserve 2013
2015-12-21 10:30 - 2015-08-26 16:15 - 00000000 ____D C:\Users\Poste1\Desktop\ca reserve 2014
2015-12-21 10:30 - 2015-08-26 15:43 - 00000000 ____D C:\Users\Poste1\Desktop\ca 2014
2015-12-21 10:30 - 2015-08-26 15:42 - 00000000 ____D C:\Users\Poste1\Desktop\ca 2013
2015-12-21 10:30 - 2014-10-07 21:21 - 00000000 ____D C:\Users\Poste1\AppData\Local\WDSetup
2015-12-21 10:30 - 2014-08-01 07:36 - 00000000 ____D C:\Users\Poste1\Desktop\AMICALE
2015-12-21 10:30 - 2014-02-17 15:52 - 00000000 ____D C:\Users\Poste1\AppData\Local\WindowsUpdate
2015-12-21 10:30 - 2013-05-10 08:44 - 00000000 ____D C:\Users\Poste1\AppData\LocalLow\ntr
2015-12-21 10:30 - 2013-03-04 11:34 - 00000000 ____D C:\Users\Poste1\AppData\LocalLow\Adobe
2015-12-21 10:30 - 2013-03-01 09:31 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\QuickScan
2015-12-21 10:30 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\NewspaperDirect
2015-12-21 10:30 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Media Center Programs
2015-12-21 10:30 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Macromedia
2015-12-21 10:30 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\hpqLog
2015-12-21 10:30 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Roaming\Adobe
2015-12-21 10:29 - 2013-05-10 08:44 - 00000000 ____D C:\Users\Poste1\AppData\Local\ntr
2015-12-21 10:29 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Local\PDFC
2015-12-21 10:29 - 2013-02-28 15:25 - 00000000 ____D C:\Users\Poste1\AppData\Local\Microsoft Help
2015-12-21 10:27 - 2015-03-04 17:43 - 00000000 ____D C:\Users\Poste1\AppData\Local\HiSuite
2015-12-21 10:27 - 2014-02-07 16:37 - 00000000 ____D C:\Users\Poste1\AppData\Local\Google
2015-12-21 10:26 - 2015-04-23 13:37 - 00000000 ____D C:\Users\Poste1\.print-comp
2015-12-21 10:26 - 2015-04-23 13:36 - 00000000 ____D C:\Users\Poste1\.dsc
2015-12-21 10:26 - 2015-03-05 11:13 - 00000000 ____D C:\ProgramData\Canon
2015-12-21 10:26 - 2015-03-04 17:43 - 00000000 ____D C:\Users\Poste1\.android
2015-12-21 10:26 - 2015-03-04 17:43 - 00000000 ____D C:\ProgramData\HiSuiteOuc
2015-12-21 10:26 - 2015-03-04 17:43 - 00000000 ____D C:\ProgramData\HiSuiteDataSvc
2015-12-21 10:26 - 2015-03-04 17:43 - 00000000 ____D C:\ProgramData\HandSetService
2015-12-21 10:26 - 2015-02-03 15:46 - 00000000 ____D C:\ProgramData\IperiusBackup
2015-12-21 10:26 - 2014-02-07 16:38 - 00000000 ____D C:\ProgramData\Google
2015-12-21 10:26 - 2013-12-18 12:00 - 00000000 ____D C:\ProgramData\GestImmos
2015-12-21 10:26 - 2013-09-09 08:01 - 00000000 ____D C:\ProgramData\bdch
2015-12-21 10:26 - 2013-05-06 13:18 - 00000000 ____D C:\temp_phw
2015-12-21 10:26 - 2013-03-04 11:34 - 00000000 ____D C:\Users\Poste1\AppData\Local\Adobe
2015-12-21 10:26 - 2013-03-01 15:00 - 00000000 ____D C:\Users\Poste1\.magnus
2015-12-21 10:26 - 2013-03-01 15:00 - 00000000 ____D C:\Users\Poste1\.jfreereport
2015-12-21 10:26 - 2013-03-01 09:36 - 00000000 ____D C:\ProgramData\BDLogging
2015-12-21 10:26 - 2013-02-28 17:23 - 00000000 ____D C:\ProgramData\RICOH
2015-12-21 10:26 - 2013-02-28 15:30 - 00000000 ____D C:\Users\Poste1\.emagnus
2015-12-21 10:26 - 2013-02-28 15:29 - 00000000 ____D C:\ProgramData\Berger-Levrault
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Roaming\NewspaperDirect
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Roaming\Media Center Programs
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Roaming\Macromedia
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Roaming\hpqLog
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Roaming\Adobe
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Local\PDFC
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Local\Microsoft Help
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01\AppData\Local\ElevatedDiagnostics
2015-12-21 10:26 - 2013-02-22 09:07 - 00000000 ____D C:\Users\Administrateur.STATION01
2015-12-21 10:26 - 2012-12-27 15:54 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-21 10:26 - 2012-12-27 15:54 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-21 10:26 - 2012-09-14 18:49 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-21 10:26 - 2012-09-14 18:49 - 00000000 ____D C:\ProgramData\Norton
2015-12-21 10:26 - 2012-09-14 18:48 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-21 10:26 - 2012-09-14 18:48 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-21 10:26 - 2012-09-14 18:47 - 00000000 ____D C:\ProgramData\Skype
2015-12-21 10:26 - 2012-09-14 18:47 - 00000000 ____D C:\ProgramData\CyberLink
2015-12-21 10:26 - 2012-09-14 18:45 - 00000000 ____D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2015-12-21 10:26 - 2012-09-14 18:44 - 00000000 ____D C:\ProgramData\Temp
2015-12-21 10:26 - 2012-09-14 18:44 - 00000000 ____D C:\ProgramData\intel
2015-12-21 10:26 - 2012-09-14 18:42 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-21 10:26 - 2012-09-14 18:10 - 00000000 __RHD C:\SYSTEM.SAV
2015-12-21 10:26 - 2012-09-14 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-12-21 10:26 - 2012-09-14 13:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\NewspaperDirect
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default\AppData\Local\PDFC
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default\AppData\Local\ElevatedDiagnostics
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\NewspaperDirect
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default User\AppData\Local\PDFC
2015-12-21 10:26 - 2012-09-14 13:31 - 00000000 ____D C:\Users\Default User\AppData\Local\ElevatedDiagnostics
2015-12-21 10:26 - 2012-09-14 11:08 - 00000000 ____D C:\ProgramData\PDFC
2015-12-21 10:26 - 2012-09-14 10:48 - 00000000 ____D C:\ProgramData\Adobe
2015-12-21 10:26 - 2012-09-14 10:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-12-21 10:26 - 2011-02-11 17:24 - 00000000 ____D C:\SWSETUP
2015-12-21 10:26 - 2010-11-21 01:47 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-12-21 10:26 - 2010-11-21 01:47 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-12-21 10:25 - 2014-10-07 21:09 - 00000000 ____D C:\INTERACT
2015-12-21 10:25 - 2013-03-01 15:39 - 00000000 ____D C:\solon suivi
2015-12-21 10:25 - 2013-02-28 15:32 - 00000000 ____D C:\Portail_Achats
2015-12-21 10:25 - 2012-09-14 13:46 - 00000000 __RHD C:\MSOCache
2015-12-21 10:25 - 2009-07-14 03:37 - 00000000 ____D C:\PerfLogs
2015-12-21 10:24 - 2014-10-07 21:21 - 00000000 ____D C:\gestimmo
2015-12-21 10:24 - 2012-09-14 13:54 - 00000000 ____D C:\IDE
2015-12-21 10:24 - 2012-09-14 13:06 - 00000000 ____D C:\Intel
2015-12-21 10:24 - 2011-10-18 04:51 - 00000000 _RSHD C:\hp
2015-12-17 10:02 - 2014-08-20 09:50 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Fichiers à la racine de certains dossiers =======

2015-12-21 10:30 - 2015-12-21 10:30 - 0010608 _____ () C:\Users\Poste1\AppData\Roaming\how_recover+saq.html
2015-12-21 10:30 - 2015-12-21 10:30 - 0002385 _____ () C:\Users\Poste1\AppData\Roaming\how_recover+saq.txt
2015-12-21 10:30 - 2015-12-21 10:30 - 0010608 _____ () C:\Users\Poste1\AppData\Roaming\Microsoft\how_recover+saq.html
2015-12-21 10:30 - 2015-12-21 10:30 - 0002385 _____ () C:\Users\Poste1\AppData\Roaming\Microsoft\how_recover+saq.txt
2015-12-21 10:26 - 2015-12-21 10:38 - 0010608 _____ () C:\Users\Poste1\AppData\Local\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:38 - 0002385 _____ () C:\Users\Poste1\AppData\Local\how_recover+saq.txt
2014-01-16 11:10 - 2014-01-16 11:10 - 0000017 _____ () C:\Users\Poste1\AppData\Local\resmon.resmoncfg
2013-03-01 09:31 - 2013-03-01 09:32 - 0000876 _____ () C:\ProgramData\1362126687.2680.bin
2013-03-01 09:31 - 2013-03-01 09:32 - 0039552 _____ () C:\ProgramData\1362126687.2968.bin
2013-03-01 09:31 - 2013-03-01 09:32 - 0010231 _____ () C:\ProgramData\1362126687.2976.bin
2013-03-01 09:31 - 2013-03-01 09:32 - 0141661 _____ () C:\ProgramData\1362126687.3036.bin
2013-03-01 09:31 - 2013-03-01 09:32 - 0000876 _____ () C:\ProgramData\1362126687.3164.bin
2013-03-01 09:31 - 2013-03-01 09:32 - 0005486 _____ () C:\ProgramData\1362126687.3172.bin
2013-03-01 09:31 - 2013-03-01 09:32 - 0005781 _____ () C:\ProgramData\1362126687.708.bin
2013-03-01 09:38 - 2013-03-01 09:38 - 1369689 _____ () C:\ProgramData\1362126802.bdinstall.bin
2013-05-06 13:11 - 2013-05-06 13:11 - 0035370 _____ () C:\ProgramData\1367842272.bdinstall.bin
2015-12-22 14:51 - 2015-12-22 14:51 - 0083074 _____ () C:\ProgramData\1450792182.bdinstall.bin
2015-12-21 10:26 - 2015-12-21 10:26 - 0010608 _____ () C:\ProgramData\how_recover+saq.html
2015-12-21 10:26 - 2015-12-21 10:26 - 0002385 _____ () C:\ProgramData\how_recover+saq.txt

Certains fichiers dans TEMP:
====================
C:\Users\Poste1\AppData\Local\Temp\abs22.exe
C:\Users\Poste1\AppData\Local\Temp\HitmanPro.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2016-01-11 10:43

==================== Fin de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité