Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version: 03-11-2016
Exécuté par barrow 2 & widen (05-11-2016 06:04:26)
Exécuté depuis C:\Users\barrow 2 & widen\Desktop
Microsoft Windows 7 Édition Starter Service Pack 1 (X86) (2016-10-08 19:55:30)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-1541472888-895532398-2178115478-500 - Administrator - Disabled)
barrow 2 & widen (S-1-5-21-1541472888-895532398-2178115478-1000 - Administrator - Enabled) => C:\Users\barrow 2 & widen
Invité (S-1-5-21-1541472888-895532398-2178115478-501 - Limited - Disabled)
Power2Go 11 promo (S-1-5-21-1541472888-895532398-2178115478-1001 - Administrator - Enabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: COMODO Cloud Antivirus (Disabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AS: COMODO Sandbox (Disabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Acer Crystal Eye webcam Ver:1.1.192.810 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.192.810 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0624.2010 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Ad-Aware Antivirus (HKLM\...\{3F5DFA1C-DAD9-49F7-B40D-DE40559C439F}_AdAwareUpdater) (Version: 11.12.945.9202 - Lavasoft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.82.76 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AndroidInstaller (Version: 1.00.022 - Nom de votre société) Hidden
Apowersoft Online Launcher version 1.4.5 (HKU\S-1-5-21-1541472888-895532398-2178115478-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.5 - APOWERSOFT LIMITED)
Assistant de connexion Windows Live (HKLM\...\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
AutoIt v3.3.14.2 (HKLM\...\AutoItv3) (Version: 3.3.14.2 - AutoIt Team)
AvcEngine (Version: 3.11.12293.0 - Lavasoft) Hidden
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.1 - Bitdefender)
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
Chromodo (HKLM\...\Chromodo) (Version: 52.15.25.665 - Comodo)
ClipGrab 3.6.1 (HKLM\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
COMODO Cloud Antivirus (HKLM\...\COMODO Cloud Antivirus_list_uninstall) (Version: 1.6.401581.355 - COMODO)
COMODO Cloud Antivirus (Version: 1.6.355.0 - COMODO) Hidden
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 52.15.25.664 - Comodo)
EaseUS EverySync 3.0 (HKLM\...\EaseUS EverySync_is1) (Version: - EaseUS)
EaseUS Partition Master 11.9 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 9.2 (HKLM\...\EaseUS Todo Backup_is1) (Version: 9.2 - CHENGDU YIWO Tech Development Co., Ltd)
e-Carte Bleue LCL (HKLM\...\{DB981AC8-910B-4C0E-8250-829243E85934}) (Version: 5.6.0.0 - e-Carte Bleue LCL)
ENE USB Card Reader Driver (HKLM\...\3B29FD3CCF1F5B855DA0C521597413EBABE97DFB) (Version: 5.89.0.70 - ENE)
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-X86 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FirewallEngine (Version: 1.6.1.0 - Lavasoft) Hidden
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Galerie de photos Windows Live (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
GeekBuddy (HKLM\...\Geekbuddy) (Version: 4.29.207 - Comodo Security Solutions Inc)
GeekBuddy (Version: 4.29.207 - Comodo Security Solutions Inc) Hidden
Google Chrome (HKLM\...\{77CD02E9-7F33-33D9-B5CB-13C332E0E575}) (Version: 54.0.2840.87 - Google, Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Installation Windows Live (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Installation Windows Live (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.5.1001 - Intel Corporation)
Internet Security Essentials (HKLM\...\ComodoIse) (Version: 1.1.400604.29 - Comodo)
ISO to USB (HKLM\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Laplink PCmover Professional (HKLM\...\{06D3FAB0-9DDE-40A9-B130-D6B8003B104D}) (Version: 10.01.648 - Laplink Software, Inc.)
Launch Manager (HKLM\...\LManager) (Version: 4.0.14 - Acer Inc.)
Logiciel pour périphérique à chipset Intel® (Version: 10.0.27 - Intel(R) Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 fr) (HKLM\...\Mozilla Firefox 49.0.2 (x86 fr)) (Version: 49.0.2 - Mozilla)
MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Outil de téléchargement Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.9 - Panda Security)
Panda USB Vaccine 1.0.1.16 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6171 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Unchecky v1.0.1 (HKLM\...\Unchecky) (Version: 1.0.1 - RaMMicHaeL)
UsbFix (HKLM\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live FolderShare (HKLM\...\{76810709-A7D3-468D-9167-A1780C1E766C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Wondershare Filmora(Build 7.5.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.0 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)
Wondershare TidyMyMusic(Build 1.5.0.1) (HKLM\...\Wondershare TidyMyMusic_is1) (Version: 1.5.0.1 - Wondershare Software)
ZebHelpProcess 2016 (HKLM\...\ZebHelpProcess_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1E4A408B-8347-4350-AEAC-D63481ECE662} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {7089C146-3A46-467A-B7DE-C3C357A86B67} - System32\Tasks\{3FE4FA56-B019-4F16-A61D-3CDC8B31C0F2} => pcalua.exe -a G:\start.exe -d G:\
Task: {9FD1F42C-D7FC-4B82-A14F-BDB00020D0D6} - System32\Tasks\{6848CD13-085C-450A-A985-F50011F476FD} => pcalua.exe -a "C:\Users\barrow 2 & widen\Downloads\devoir.exe" -d "C:\Users\barrow 2 & widen\Downloads"
Task: {D6678260-760D-4A84-8A61-A039F665FDDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-11-05] (Google Inc.)
Task: {DEBA87F4-7C49-4726-8B78-6CE4A760C8B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-11-05] (Google Inc.)
Task: {FE0C4D39-72A2-41A0-8808-C615EEB45D54} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\barrow 2 & widen\Desktop\AdsFix_Donate.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN
ShortcutWithArgument: C:\Users\barrow 2 & widen\Desktop\Pre_Scan_Donate.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN
==================== Modules chargés (Avec liste blanche) ==============
2016-10-10 07:31 - 2016-10-10 07:31 - 00080936 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 01296424 _____ () C:\Program Files\EaseUS\Todo Backup\bin\libxml2.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00060968 _____ () C:\Program Files\EaseUS\Todo Backup\bin\zlib1.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00017448 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CompressFile.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00088616 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00024768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00188608 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00173760 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCAdapt.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00056512 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBInfo.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00018112 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2016-10-10 07:30 - 2016-10-10 07:30 - 00128192 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActivationOnline.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00085184 _____ () C:\Program Files\EaseUS\Todo Backup\bin\logsys.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00030760 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00068136 _____ () C:\Program Files\EaseUS\Todo Backup\bin\MountImg.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00158248 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ImgFile.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00281128 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DsImgFile.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00072232 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CheckImg.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00139816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\vhdvmdk.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00040128 _____ () C:\Program Files\EaseUS\Todo Backup\bin\BootDriver.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00769064 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExImage.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00193064 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00443944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidImage.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00148008 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumDisk.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00076840 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FatLib.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00207912 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSLib.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00114880 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FileStorage.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00169512 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudInterface.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00501800 _____ () C:\Program Files\EaseUS\Todo Backup\bin\StorageMgr.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00024616 _____ () C:\Program Files\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00020520 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CorrectMbr.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00032296 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00034856 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00064040 _____ () C:\Program Files\EaseUS\Todo Backup\bin\RegLib.dll
2016-10-10 07:30 - 2016-10-10 07:30 - 00026816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AccountManager.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00059944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NasOperator.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00220864 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBrowser.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00077864 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudOperator.dll
2016-10-10 07:30 - 2016-10-10 07:30 - 00021184 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActiveOnline.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00136232 _____ () C:\Program Files\EaseUS\Todo Backup\bin\VMConfig.dll
2016-10-10 07:30 - 2016-10-10 07:31 - 00020008 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00043048 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbDataSwap.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00353832 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DeviceManager.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00027176 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00138792 _____ () C:\Program Files\EaseUS\Todo Backup\bin\Device.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00146984 _____ () C:\Program Files\EaseUS\Todo Backup\bin\Partition.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00050216 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00061992 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00089640 _____ () C:\Program Files\EaseUS\Todo Backup\bin\Common.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00056360 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2016-10-10 07:31 - 2016-10-10 07:31 - 00278720 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
2016-10-10 07:31 - 2016-10-10 07:31 - 00224808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\SmartBackup.dll
2010-09-17 08:18 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00992808 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe
2016-10-08 15:38 - 2016-10-08 15:38 - 00206208 _____ () C:\Windows\PLFSetI.exe
2010-07-20 13:54 - 2010-07-20 13:54 - 00411648 _____ () C:\Program Files\Acer\Android Manager\FRA.dll
2016-10-09 07:20 - 2016-06-20 13:48 - 01506304 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-10-09 07:20 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-10-11 15:53 - 2016-10-11 15:53 - 00877056 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\platforms\qwindows.dll
2016-10-11 15:52 - 2016-10-11 15:52 - 00308416 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\GarbageGather.dll
2016-10-11 15:52 - 2016-10-11 15:52 - 00118464 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\FHProcess.dll
2016-10-11 15:53 - 2016-10-11 15:53 - 00014336 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\fsclog.dll
2016-10-11 15:52 - 2016-10-11 15:52 - 00174784 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\BigFileGather.dll
2016-10-11 15:52 - 2016-10-11 15:52 - 00088256 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\EnumVolumes.dll
2016-10-11 15:52 - 2016-10-11 15:52 - 00224960 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\FragAnalysis.dll
2016-10-11 15:53 - 2016-10-11 15:53 - 00024064 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\imageformats\qico.dll
2016-10-11 15:53 - 2016-10-11 15:53 - 00023552 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 11.9\bin\imageformats\qgif.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00356904 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\BPQtLib.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00341032 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\EuShlAgent.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00016424 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\fsclog.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00877056 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\platforms\qwindows.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00426536 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\uexper.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00024064 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\imageformats\qico.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00023552 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\imageformats\qgif.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00665640 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\FSyncCC.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00014888 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\fscdb.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00497192 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\sqlite.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00081960 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\EuActiveOnline.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00430632 _____ () C:\Program Files\EaseUS\EaseUS EverySync\bin\StorageMgr.dll
2016-10-20 16:46 - 2016-10-20 16:46 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e676d4d4f9d659b596668c1e8f9b0450\IsdiInterop.ni.dll
2010-09-17 08:04 - 2012-06-12 15:06 - 00059904 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Windows\bfsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\twain_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\accessibilitycpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acppage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionQueue.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\activeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsldp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitagent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\amstream.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodev.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthFWSnapin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\autochk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\autoconv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\autofmt.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\autoplay.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\avifil32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AxInstSv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\azroles.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\azroleui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AzSqlExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\batmeter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdboot.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BFE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\biocpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsadmin.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsperf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BlbEvents.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BootMan.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bootres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\browcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\browser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\browseui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bthprops.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Bubbles.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cabinet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cabview.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\calc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\capiprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cca.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\centel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certenc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertEnroll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertPolEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certprop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certutil.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cfgmgr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmstp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cngprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptdlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\C_ISCII.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dbghelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\defaultlocationcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\desk.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DeviceCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DevicePairingFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dfrgui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dfshim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dhcpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dhcpcsvc6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DiagCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagperf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dimsroam.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskpart.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskraid.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Display.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\djoin.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnscmmc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dosx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dot3api.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dot3cfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dot3msm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dot3svc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dot3ui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dpapiprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dpnaddr.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dpnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dpx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dsauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DShowRdpFilter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dskquoui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dsuiext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmredir.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxdiagn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DXP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DxpTaskSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\eapp3hst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\eappgnui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\eapphost.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\efscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EhStorAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\elsTrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\epmntdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\eudcedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EuEpmGdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EuGdiDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Faultrep.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\fbnative.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fdeploy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\findstr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FirewallControlPanel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fphc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\framedyn.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\framedynos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fsutil.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ftp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FXSCOVER.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FXSMON.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FXSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FXSTIFF.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\g711codc.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\GeneIcon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GSCoinst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\halacpi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\halmacpi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hbaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hgprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\httpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iasacct.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iasrad.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iasrecst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iccvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ifsutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imagehlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetmib1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\intl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iologmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iphlpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ipsmsnap.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\iscsicli.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iscsium.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\isoburn.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itircl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iyuv_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBLR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBULG.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDCZ1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDGEO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDGKL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDGR1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDINBEN.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDINHIN.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDINKAN.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDINMAR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDINORI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDINTAM.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDINTEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdlk41a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDLT1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDMAORI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDMON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDNEPR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDPO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDSF.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDSG.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTAJIK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTUF.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTUQ.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTURME.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDUGHR1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDUS.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KMSVC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kstvtune.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Kswdmcap.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksxbar.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ListSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\localsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\localspl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logagent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logoncli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\LogonUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpksetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpremove.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsmproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\luainstall.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\manage-bde.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcbuilder.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MCEWMDRMNDBootstrap.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mciavi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mciqtz32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MdSched.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MediaMetadataHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfc40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfc40u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfc42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfc42u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\migisol.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mimefilt.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmsys.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mobsync.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Mpeg2Data.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mpg2splt.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msasn1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msconfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscoree.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscorier.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscories.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdmo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdtctm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSDvbNP.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msieftp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msinfo32.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSNP.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscntrs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mssphtb.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mssrch.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstask.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msvcrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msvfw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msvidc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msyuv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxclu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\muifontsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MuiUnattend.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MultiDigiMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mydocs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Mystify.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NAPCRYPT.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\napdsnap.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NAPHLPR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Narrator.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NaturalLanguage6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\net1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netcenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netcfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netcfgx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netcorehc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netdiagfx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netfxperf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netid.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netjoin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netlogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netplwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netshell.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\netutils.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\networkexplorer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\networkmap.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nltest.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nrpsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\nslookup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntlanman.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntshrui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\objsel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ocsetapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ocsetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\odbc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\odbcconf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\odbccp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\odbccr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\odbccu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\odbcjt32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\odbctrac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\oleacc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\olethk32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\onex.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\onexui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OnLineIDCpl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\OobeFldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpcServices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\osk.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\OxpsConverter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PerfCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perfts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\photowiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pifmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PkgMgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pnidui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PnPUnattend.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PortableDeviceApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PortableDeviceStatus.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PortableDeviceSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powercfg.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powercpl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationHostProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\prevhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PrintIsolationProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\printui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\prncache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\prnfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\prntvpt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\propsys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\proquota.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\provsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\psisdecd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\psisrndr.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\puiobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\QAGENT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\QAGENTRT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qcap.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\QCLIPROV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\QSHVHOST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\QSVRMGMT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\QUTIL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RacEngn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\raschap.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasmans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasppp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rastapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rastls.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcfgex.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpd3d.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rdpdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RDPENCDD.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rdpencom.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RDPREFDD.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdprefdrvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpwsx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdrmemptylst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ReAgentc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\recdisc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\recovery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\regapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RelPost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\remotepg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\repair-bde.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\resutils.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Ribbons.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\riched20.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\riched32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RMActivate.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RMActivate_isv.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RMActivate_ssp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RMActivate_ssp_isv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Robocopy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RpcRtRemote.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rtutils.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\runonce.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sbe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scansetting.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scecli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\schedcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scrrun.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdengin2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdrsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SearchFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secproc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\secproc_isv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secproc_ssp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\secproc_ssp_isv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sethc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setupapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setupcl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setupcln.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setupempdrv03.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shacct.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sharemediacpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shgina.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimgvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shlwapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shunimpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shwebsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sisbkup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\slui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\slwga.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SmartcardCredentialProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SmiEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SndVol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spbcd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spinstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spopk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\sppcomapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppinst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppnp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppuinotify.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sppwinob.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spreview.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwizeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwizres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwizui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sqlcese30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sqlsrv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sqmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srchadmin.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srrstr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srvcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srvsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ssText3d.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SyncCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\synceng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\syncui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\sysclass.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysdm.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\syssetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\systemcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tabcal.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TabletPC.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TabSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\takeown.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tapisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskbarcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskmgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskschd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tcpipcfg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\termmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\themeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\thumbcache.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\timedate.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tlscsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TRAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsbyuv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsmf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWorkspace.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\twext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzutil.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIRibbonRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\umb.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\umpnpmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\umpo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\unattend.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\unimdm.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\unimdmat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\unlodctr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\untfs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\upnp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UserAccountControlSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\userenv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\utildll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\uxlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VAN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Vault.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vaultsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VBICodec.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbisurf.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vds.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vdsbas.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vdsutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vfwwdm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vpnike.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vpnikeapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\w32tm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WavDest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wavemsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wbemcomn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wbengine.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wcncsvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wdfres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdiasqmmodule.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdmaud.drv:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\werconcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WerFaultSecure.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wevtsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WFS.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wiadefui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wiarpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wiaservc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wiavideo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wimgapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wimserv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wincredprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsAnytimeUpgrade.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsAnytimeUpgradeResults.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winmm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSAT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSATAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winspool.drv:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wisptis.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wkscli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlangpui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanmsm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wlanpref.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmdev.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmicmiplugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMNetMgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPEncEn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpsrcwp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVCORE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpccpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdbusenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WPDShServiceObj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WPDSp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdwcn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpd_ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSDApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsdchngr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshbth.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshirda.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshom.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsqmcons.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSTPager.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wtsapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wusa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wwanconn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wwanprotdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xmllite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XpsRasterService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xpsservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\1394ohci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\acpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\acpipmi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\afd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdsata.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdxata.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ataport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cdrom.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\CompositeBus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\disk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Diskdump.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ETD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\eubakup.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\EUBKMON.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\eudskacs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\EuFdDisk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fs_rec.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\fvevol.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\GeneStor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hdaudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\HdAudio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidparse.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hwpolicy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iaStor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iaStorV.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ks.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\L1C63x86.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mpio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msahci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msdsm.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msiscsi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndisuio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndiswan.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NETwsn00.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvraid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvstor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\partmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdbss.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\RDPCDD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdyboost.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\RNDISMP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\sbp2port.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\scfilter.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\scsiport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\sffp_sd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srvnet.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\storport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tdi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tdpipe.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tdtcp.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\termdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tunnel.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\udfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\umbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usb8023.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBCAMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBCAMD2.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbcir.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbrpm.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbvideo.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\vhdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\volsnap.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wanarp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Wdf01000.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\WdfLdr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\adsfix_3_03.11.2016.1.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\BDPUARLauncher_FR.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\BDUSBImmunizerLauncher.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x86.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\Pre_Scan.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\Rem-VBSworm.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\RSIT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\RSIT.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Desktop\ZHPDiag3.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\60Second_en_us.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\adsfix_3_03.11.2016.1.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\adwcleaner_6.030.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\army.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\army.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\BDAntiRansomwareSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\ccav_installer(1).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\ccav_installer(2).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\ccav_installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\ccav_installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\ccav_installer.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\cispremium_installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\cispremium_installer.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\cmd_fw_installer_6113_c7.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\CyberLink_PhotoDirector_Downloader(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\CyberLink_PhotoDirector_Downloader(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\CyberLink_PhotoDirector_Downloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\CyberLink_PhotoDirector_Downloader.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\dencopy.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\devoir.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\devoir.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\DriveSecurityPortable_1.0.paf.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\DSInstall.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\EmsisoftEmergencyKit.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\epm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\epm.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\epm.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\fdm5_x86_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\FYDLoad_inflvto_3.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\iobituninstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\JRT.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\kcfallout.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\metallic.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\mystandart.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\PortableApps.com_Platform_Setup_14.2.paf(1).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\PortableApps.com_Platform_Setup_14.2.paf.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3 (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3 (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3 (2).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3(1).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3(2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3(2).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\processclose_1.0.0.3(3).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\SkypePortable_7.29.0.102_online.paf.exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\ssskin.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\UsbFix_9.001 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\UsbFix_9.001 (2).exe:BDU [0]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\vst_dhlb.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\xpsoft.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\xpsoft.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\xpsolive.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\xpsolive.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\xpssilver.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\barrow 2 & widen\Downloads\xpssilver.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\barrow 2 & widen\Documents\PhotoDirector_8.0.2031.59859_GM2_Essential_PTD160719-10.exe:$CmdTcID [64]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2009-07-14 03:04 - 2016-11-05 05:13 - 00002034 __RSH C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Il y a 4 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-1541472888-895532398-2178115478-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [TCP Query User{DF7DBD58-1BE1-4505-AEA6-54B01F31F9CD}C:\program files\laplink\pcmover\pcmover.exe] => (Allow) C:\program files\laplink\pcmover\pcmover.exe
FirewallRules: [UDP Query User{005F1F79-229E-48C5-899D-3E7B5525203D}C:\program files\laplink\pcmover\pcmover.exe] => (Allow) C:\program files\laplink\pcmover\pcmover.exe
FirewallRules: [{F9ECA4BE-B157-424F-A37F-4F6A8C01914C}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{9C033B01-FD66-407A-B10B-F23E3CB00164}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{0C741A46-30D0-4576-9D18-71014D4DAB53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EFEAE4D2-3FFC-4490-9567-C2AB087F2FFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{044F6C44-F1E2-4DC2-9B60-4990FBD8D95A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
02-11-2016 22:31:52 Avant l'installation des nouveaux pilotes - 02/11/2016 22:31:47
04-11-2016 03:00:26 Windows Update
04-11-2016 03:07:35 Supprimé Microsoft Office 2010
04-11-2016 03:34:04 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
04-11-2016 07:23:36 JRT Pre-Junkware Removal
05-11-2016 05:28:52 ResetBrowser
05-11-2016 05:49:13 Installed AdAwareInstaller.
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (11/05/2016 05:52:28 AM) (Source: MsiInstaller) (EventID: 11606) (User: barrow2etwiden)
Description: Product: AdAwareInstaller -- Error 1606. Could not access network location \Ad-Aware Antivirus\11.12.945.9202.
Error: (11/05/2016 05:52:26 AM) (Source: MsiInstaller) (EventID: 11606) (User: barrow2etwiden)
Description: Product: AdAwareInstaller -- Error 1606. Could not access network location \Ad-Aware Antivirus\11.12.945.9202.
Error: (11/05/2016 05:48:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/04/2016 09:21:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/04/2016 09:07:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/04/2016 09:02:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/04/2016 03:49:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/04/2016 03:45:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Desktop\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/04/2016 03:43:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\barrow 2 & widen\Downloads\BootkitRemoval_x64.exe ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/01/2016 03:03:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x80070005, Accès refusé.
.
Erreurs système:
=============
Error: (11/05/2016 05:13:18 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Échec inattendu. Code d’erreur : D@01010004
Error: (11/05/2016 05:13:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger :
cdrom
epp
Error: (11/05/2016 05:12:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Filtre de bus AGP Intel n’a pas pu démarrer en raison de l’erreur :
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.
Error: (11/05/2016 05:12:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client DNS n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (11/05/2016 05:12:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Client DNS.
Error: (11/04/2016 09:24:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Le serveur {995C996E-D918-4A8C-A302-45719A6F4EA7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/04/2016 09:23:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Disque virtuel s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.
Error: (11/04/2016 09:23:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Spouleur d’impression s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.
Error: (11/04/2016 09:23:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service GeekBuddyRSP Server s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.
Error: (11/04/2016 09:23:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Bitdefender 60-Second Virus Scanner Service s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.
CodeIntegrity:
===================================
Date: 2016-11-05 05:42:14.444
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\iseguard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-05 05:42:14.388
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\CcavGuard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-05 05:31:03.469
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\iseguard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-05 05:31:03.344
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\CcavGuard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-05 05:12:10.663
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\iseguard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-05 05:12:10.647
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\CcavGuard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-04 21:15:01.109
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\iseguard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-04 21:15:01.078
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\CcavGuard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-04 19:00:32.344
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\iseguard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2016-11-04 19:00:32.328
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\System32\CcavGuard32.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
Pourcentage de mémoire utilisée: 78%
Mémoire physique - RAM - totale: 1013.09 MB
Mémoire physique - RAM - disponible: 216.46 MB
Mémoire virtuelle totale: 2037.09 MB
Mémoire virtuelle disponible: 504.56 MB
==================== Lecteurs ================================
Drive c: (Acer) (Fixed) (Total:215.78 GB) (Free:104.51 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (PARTED MAGI) (Removable) (Total:57.89 GB) (Free:41.73 GB) FAT32
Drive g: (COMPANION) (Removable) (Total:30.02 GB) (Free:1.71 GB) FAT32
Drive h: (CLONEZILLA) (Removable) (Total:1.86 GB) (Free:0.2 GB) FAT32
Drive i: (UUI) (Removable) (Total:7.26 GB) (Free:0.27 GB) FAT32
Drive l: (HITMANPRO) (Removable) (Total:57.55 GB) (Free:26.33 GB) FAT32
Drive m: (FRAMAKEY SA) (Removable) (Total:28.78 GB) (Free:11.29 GB) FAT32
Drive o: (PARTED MAGI) (Removable) (Total:15 GB) (Free:1.15 GB) FAT32
Drive q: (FramaLive) (Removable) (Total:14.41 GB) (Free:3.17 GB) FAT32
Drive r: (PARTED MAGI) (Removable) (Total:3.74 GB) (Free:0.43 GB) FAT32
Drive s: (PartedMagic) (Removable) (Total:59.5 GB) (Free:53.05 GB) exFAT
Drive v: (FRAMAKEY UB) (Removable) (Total:57.64 GB) (Free:53.06 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: B7B45E2D)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=4.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=215.8 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.5 GB) (Disk ID: 09950329)
Partition 1: (Active) - (Size=59.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 57.7 GB) (Disk ID: CA6D68A4)
Partition 1: (Active) - (Size=57.7 GB) - (Type=0B)
========================================================
Disk: 4 (Size: 30 GB) (Disk ID: 25C8BCC2)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)
========================================================
Disk: 5 (Size: 57.7 GB) (Disk ID: 720E7790)
Partition 1: (Active) - (Size=57.7 GB) - (Type=0B)
========================================================
Disk: 6 (Size: 1.9 GB) (Disk ID: 555925CE)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
========================================================
Disk: 7 (MBR Code: Windows 7 or 8) (Size: 7.3 GB) (Disk ID: 0C26E2E5)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0C)
========================================================
Disk: 8 (Size: 57.9 GB) (Disk ID: 027CE1A0)
Partition 1: (Active) - (Size=57.9 GB) - (Type=0C)
========================================================
Disk: 9 (MBR Code: Windows 7 or 8) (Size: 3.8 GB) (Disk ID: 319FE471)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0C)
========================================================
Disk: 10 (Size: 28.8 GB) (Disk ID: A716E9AC)
Partition 1: (Active) - (Size=28.8 GB) - (Type=0B)
========================================================
Disk: 11 (MBR Code: Windows 7 or 8) (Size: 14.4 GB) (Disk ID: 6088C201)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0B)
========================================================
Disk: 12 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: 319FE485)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
==================== Fin de Addition.txt ============================