Solved Computer runs at high CPU and overheats.

N

needhelp51

Posts: 368   +0
Hello, my computer overheats and works often at high CPU. Many freezes and hang-ups. I suspect malware.

Here are requested logs:

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Exécuté par Utilisateur (administrateur) sur UTILISATEUR-PC (21-01-2019 18:52:50)
Exécuté depuis C:\Users\Utilisateur\Desktop
Profils chargés: Utilisateur & (Profils disponibles: Utilisateur)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
( ) C:\Windows\System32\lxdxcoms.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [lxdxmon.exe] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424 2010-02-04] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe [107176 2010-02-04] (Lexmark International Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-07] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2015-03-23] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2019-01-21] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511346\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511346\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511377\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511393\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-21] (Piriform Software Ltd)
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-21] (Piriform Software Ltd)
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32-x32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corp.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{663285AB-AD47-4946-BDC2-0D2DFC414EAE}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{809B5500-7F35-4BE2-AB1C-7BB6D860B9D8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL =
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://qc.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000 -> {A8527447-EB8E-4873-ABB3-8A5429FAD7D0} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL =
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://qc.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424 -> {A8527447-EB8E-4873-ABB3-8A5429FAD7D0} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2019-01-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-01-18] (Microsoft Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler: WSISVCUchrome - Pas de valeur CLSID

FireFox:
========
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default [2019-01-21]
FF Homepage: Mozilla\Firefox\Profiles\im9xbt9s.default -> hxxp://www.google.ca/
FF NewTab: Mozilla\Firefox\Profiles\im9xbt9s.default -> about:blank
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\Extensions\sp@avast.com.xpi [2019-01-09]
FF Extension: (Avast Online Security) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\Extensions\wrc@avast.com.xpi [2019-01-09]
FF Extension: (Telemetry coverage) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\features\{1a905522-370e-43d8-ad8f-4a5608db7694}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-13] [Legacy]
FF SearchPlugin: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\searchplugins\yahoo-lavasoft.xml [2016-06-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-11-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3561402276-1669811274-1820601791-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Utilisateur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Utilisateur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Slides) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-07-26]
CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Recherche Google) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-15]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-19]
CHR Extension: (Sheets) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-01]
CHR Extension: (Avast Online Security) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-22] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2018-02-26] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817200 2016-06-07] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-07] (COMODO)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-07] (WildTangent)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 lxdx_device; C:\Windows\system32\lxdxcoms.exe [1039872 2010-02-03] ( )
R2 lxdx_device; C:\Windows\SysWOW64\lxdxcoms.exe [589824 2010-02-03] ( )
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-12-12] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-04-27] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829608 2016-04-27] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-04-27] (COMODO)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2015-05-11] (LeapFrog)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-04-27] (COMODO)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-06-07] ()
R3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-01-21 18:52 - 2019-01-21 18:55 - 000028115 _____ C:\Users\Utilisateur\Desktop\FRST.txt
2019-01-21 18:52 - 2019-01-21 18:52 - 000000000 ____D C:\Users\Utilisateur\Desktop\FRST-OlderVersion
2019-01-21 18:52 - 2019-01-21 18:52 - 000000000 ____D C:\FRST
2019-01-21 18:51 - 2019-01-21 18:52 - 002428416 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2019-01-21 18:47 - 2019-01-21 18:46 - 000110968 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2019-01-21 18:46 - 2019-01-21 18:46 - 000110968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-01-21 18:45 - 2019-01-21 18:45 - 000000000 ____D C:\Program Files\Java
2019-01-21 18:40 - 2019-01-21 18:42 - 074907488 _____ (Oracle Corporation) C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe
2019-01-21 18:35 - 2019-01-21 18:36 - 019341880 _____ (Piriform Software Ltd) C:\Users\Utilisateur\Desktop\ccsetup552.exe
2019-01-21 18:33 - 2019-01-21 18:34 - 000000170 _____ C:\Windows\wininit.ini
2019-01-21 18:04 - 2019-01-21 18:04 - 000002814 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-15 10:00 - 2019-01-21 15:30 - 000000000 ____D C:\Users\Utilisateur\Desktop\cd medley
2019-01-14 18:20 - 2019-01-14 18:20 - 000000000 ____D C:\Windows\D2073531CBB04AFDAB89CE167C88B3C5.TMP
2019-01-14 17:47 - 2019-01-14 17:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\_
2019-01-14 17:46 - 2019-01-14 17:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Downloaded Installations
2019-01-14 17:44 - 2019-01-14 17:45 - 037776362 _____ (SelectATrack) C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe
2019-01-14 17:23 - 2019-01-14 18:03 - 000000000 ____D C:\Users\Utilisateur\Desktop\Karaoke
2019-01-14 17:23 - 2019-01-14 18:02 - 000000168 _____ C:\Users\Utilisateur\Desktop\CB40115 - Chartbuster - Full Disc - Michael Jackson - Karaoke CDG.zip
2019-01-14 17:03 - 2019-01-14 17:03 - 000000000 ____D C:\Users\Utilisateur\Documents\Ripped karaoke
2019-01-14 17:03 - 2019-01-14 17:03 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Doblon
2019-01-14 17:03 - 2019-01-14 17:03 - 000000000 ____D C:\Program Files (x86)\Doblon
2019-01-14 14:52 - 2019-01-14 14:52 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\mbam
2019-01-14 11:45 - 2019-01-14 11:45 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-10 16:22 - 2019-01-10 16:22 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\{90DB832A-6C15-484D-8FC8-38DEE0E9573D}
 
2019-01-09 07:23 - 2019-01-09 07:23 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 07:23 - 2019-01-09 07:23 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 07:23 - 2019-01-09 07:23 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 07:23 - 2019-01-09 07:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 07:23 - 2019-01-09 07:23 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 07:23 - 2019-01-09 07:23 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 07:23 - 2019-01-09 07:23 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 07:23 - 2018-12-28 13:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 07:23 - 2018-12-28 13:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 07:23 - 2018-12-27 18:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 07:23 - 2018-12-27 18:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 07:23 - 2018-12-27 18:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 07:23 - 2018-12-27 18:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-06 19:45 - 2019-01-06 19:43 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-06 19:45 - 2019-01-06 19:43 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-06 19:45 - 2019-01-06 19:43 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-06 19:45 - 2019-01-06 19:43 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-06 19:44 - 2019-01-06 19:44 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-01-21 18:49 - 2013-07-10 18:09 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\vlc
2019-01-21 18:47 - 2014-11-26 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-21 18:47 - 2013-07-11 19:51 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-21 18:41 - 2013-11-04 18:36 - 000000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA.job
2019-01-21 18:41 - 2013-11-04 18:36 - 000000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core.job
2019-01-21 18:37 - 2018-03-28 14:33 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-21 18:37 - 2012-09-13 12:08 - 000000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-21 18:37 - 2012-09-13 12:08 - 000000000 ____D C:\Program Files\CCleaner
2019-01-21 18:34 - 2018-07-26 11:26 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Mozilla
2019-01-21 18:34 - 2018-07-26 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-21 18:33 - 2013-05-18 20:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-21 18:10 - 2009-07-13 23:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-21 18:10 - 2009-07-13 23:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-21 18:08 - 2012-07-28 01:35 - 000000000 ____D C:\ProgramData\clear.fi
2019-01-21 18:07 - 2012-03-25 07:22 - 000914660 _____ C:\Windows\system32\perfh00C.dat
2019-01-21 18:07 - 2012-03-25 07:22 - 000208768 _____ C:\Windows\system32\perfc00C.dat
2019-01-21 18:07 - 2009-07-14 00:13 - 001898642 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-21 18:07 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-01-21 17:59 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-21 17:15 - 2018-03-13 07:22 - 000004658 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-21 17:15 - 2015-01-03 13:22 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-01-21 17:15 - 2013-11-04 18:36 - 000003950 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA
2019-01-21 17:15 - 2013-11-04 18:36 - 000003582 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core
2019-01-21 17:15 - 2013-07-11 20:26 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-21 17:15 - 2013-07-11 20:26 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-21 17:15 - 2013-07-11 20:19 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-21 17:15 - 2013-07-11 19:59 - 000003124 _____ C:\Windows\System32\Tasks\{9DA6A169-A2FA-41D8-B1B6-D334CAA3D2F0}
2019-01-21 17:15 - 2013-07-10 18:30 - 000003096 _____ C:\Windows\System32\Tasks\{5DE2E2D5-CDB0-4A9F-891E-5120668A1983}
2019-01-21 17:15 - 2012-11-03 16:21 - 000003216 _____ C:\Windows\System32\Tasks\Installation App Launcher
2019-01-21 17:14 - 2015-12-03 07:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-01-18 15:43 - 2012-07-28 02:59 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-18 15:43 - 2012-07-28 02:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 15:37 - 2012-07-28 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-18 14:46 - 2012-08-24 19:52 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-18 14:36 - 2018-12-12 20:29 - 000000000 ____D C:\Users\Utilisateur\Desktop\Photos des enfants et cie
2019-01-18 06:57 - 2015-01-06 16:48 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-18 06:55 - 2015-01-06 16:35 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-17 22:46 - 2018-10-18 20:48 - 000101019 _____ C:\Users\Utilisateur\Desktop\Ces souvenirs qui s'envolent. - Copie.odt
2019-01-16 06:50 - 2018-05-22 15:56 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-16 06:50 - 2018-05-22 15:56 - 000002390 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-01-11 10:44 - 2017-03-12 17:42 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-10 08:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 17:46 - 2012-12-07 12:50 - 001873710 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 17:43 - 2013-07-11 20:32 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 17:39 - 2012-07-28 02:05 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-08 11:22 - 2013-07-11 20:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-08 11:22 - 2013-07-11 20:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-08 11:22 - 2012-07-28 02:59 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 11:22 - 2011-10-13 17:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-06 19:56 - 2017-04-13 07:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-06 19:45 - 2018-01-04 14:59 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-06 19:44 - 2018-10-21 20:27 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-06 19:44 - 2017-11-16 17:31 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-06 19:44 - 2014-05-31 22:20 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-06 19:44 - 2014-05-31 22:20 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-06 19:44 - 2013-07-10 18:23 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-06 19:44 - 2013-07-10 18:23 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-06 19:44 - 2012-08-24 19:52 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-06 19:44 - 2012-08-24 19:52 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-06 19:43 - 2012-08-24 19:52 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-12-22 10:12 - 2018-05-22 15:54 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\AVAST Software

==================== Bamital & volsnap ======================
 
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Exécuté par Utilisateur (21-01-2019 18:55:52)
Exécuté depuis C:\Users\Utilisateur\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-28 06:02:47)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3561402276-1669811274-1820601791-500 - Administrator - Disabled)
Invité (S-1-5-21-3561402276-1669811274-1820601791-501 - Limited - Disabled)
Utilisateur (S-1-5-21-3561402276-1669811274-1820601791-1000 - Administrator - Enabled) => C:\Users\Utilisateur

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-3514dcf7-c85e-40ee-b912-74b9527853e3) (Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\{AB398DDB-0E7B-400B-A940-7E61FB91A531}) (Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.42.68439 - Alcor Micro Corp.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - AVAST Software)
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-c84d156e-e662-46ef-8a12-4ffdb5ee5ac9) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (HKLM-x32\...\WTA-0d4abdc4-0ca4-4606-b90b-9e56a5736747) (Version: 2.2.0.97 - WildTangent) Hidden
Canaux de jeu (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Chronicles of Albian (HKLM-x32\...\WTA-ecedfd0e-6318-44c2-b869-944dbcab2e35) (Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-91f40732-562f-4402-b903-e9381ebddf9b) (Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}) (Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
COMODO Internet Security (HKLM\...\{BCC0552D-76C0-4130-BFBD-49BE49ACC594}) (Version: 6.0.2566.2708 - COMODO Security Solutions Inc.)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Rome 2 (HKLM-x32\...\WTA-474671dd-9ee4-4541-a63f-d0618511f40b) (Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-ef090399-fafd-47a5-8d1d-171cf05fae35) (Version: 2.2.0.95 - WildTangent) Hidden
Elevated Installer (HKLM-x32\...\{93765DFA-8A67-41FB-9FC0-B12341CA65F3}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE: The Cursed King (HKLM-x32\...\WTA-e72e6929-da59-4d6e-81db-e1d7418596d2) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (HKLM-x32\...\WTA-512efe47-2bbf-4ddf-8aaf-3cde77766978) (Version: 2.2.0.95 - WildTangent) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{65135558-F1AE-4B9B-8C0B-180730ACA261}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{C233BCC3-29C4-49C0-B955-0A94509FC4FC}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (HKLM-x32\...\{876AB032-B2A4-41FF-AF87-DBC78454C1B0}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-aea8b8b6-c844-4f67-91d5-3a190bc0f209) (Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-cdc58ee0-1182-43fa-8daa-35ef154b6704) (Version: 2.2.0.97 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Lexmark 3600-4600 Series (HKLM\...\Lexmark 3600-4600 Series) (Version: - Lexmark International, Inc.)
LogiCentre MF-INS (HKLM-x32\...\LOGICENTRE MF-INSLogiCentre MF (32 bits)) (Version: 6.22.5.1 - Programica)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft Office Starter 2010 - Français (HKLM-x32\...\{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 fr)) (Version: 56.0 - Mozilla)
Mozilla Firefox 64.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 64.0.2 (x64 fr)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (HKLM-x32\...\WTA-025c0025-db99-42e3-bd17-ad60ddae02f9) (Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
newsXpresso (HKLM-x32\...\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-040C-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{155C4F2E-7381-4B80-B258-FD0600C9C46B}) (Version: 4.15.9789 - Apache Software Foundation)
Penguins! (HKLM-x32\...\WTA-97944133-03ea-4a96-830e-bd0734efb62e) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-b889508c-e7c6-43f7-b308-17dc6064576e) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-b8cecda9-6f5a-42c1-9b64-f375e38105ab) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-01ed131c-4505-472d-b8c1-f76fc79e44fb) (Version: 2.2.0.95 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Relevé 24 Version 2012-MF (HKLM-x32\...\Relevé 24 Version 2012 Version Milieu Familial_is1) (Version: - )
Relevé 24 Version 2013-MF (HKLM-x32\...\Relevé 24 Version 2013 Version Milieu Familial_is1) (Version: - )
Relevé 24 Version 2014-MF (HKLM-x32\...\Relevé 24 Version 2014 Version Milieu Familial_is1) (Version: - )
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Torchlight (HKLM-x32\...\WTA-98b87892-683c-4b02-8c54-cd17a7ff2b2c) (Version: 2.2.0.97 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 5 - New Believers (HKLM-x32\...\WTA-a049c27f-dbc1-4791-a44d-e7745cb551ce) (Version: 2.2.0.97 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VTech Download Agent Library (HKLM-x32\...\{DB083AE1-3354-4AAD-BD44-5F2CC4B2ECE6}) (Version: 1.00.0000 - VTech) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.14 - WildTangent) Hidden
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAS 2016 (HKLM-x32\...\WinRAS_2016_is1) (Version: - Revenu Québec)
WinRAS 2016.07 (HKLM-x32\...\WinRAS_2016.07_is1) (Version: - Revenu Québec)
WinRAS 2017.01 (HKLM-x32\...\WinRAS_2017.01_is1) (Version: - Revenu Québec)
Zuma's Revenge (HKLM-x32\...\WTA-b9707395-8342-4661-9cc4-5346db47a18a) (Version: 2.2.0.97 - WildTangent) Hidden

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-04-27] (COMODO)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => -> Pas de fichier
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-04-27] (COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-06-21] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-04-27] (COMODO)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {116BE369-C3E2-4ACF-B16F-D7BB867F6F54} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {18DD8EBF-2FA1-4189-8A03-C1066711FFCE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-21] (Piriform Ltd)
Task: {25EDA95A-4AE4-4E93-8CB4-7AADBD906E7E} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {40CB29A8-6E26-4150-9788-3F04A6CE10D9} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {4DDAC371-2FD8-495A-8842-94BAEF186775} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {4FCFFE6B-A74E-40CC-A847-4EC84036B978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5AC9029A-A5FF-42C8-9F8B-D0E3276CE7C9} - System32\Tasks\{9DA6A169-A2FA-41D8-B1B6-D334CAA3D2F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Task: {60D3BD08-B159-45B2-AC83-DAC33074E05D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-09-20] (Adobe Systems Incorporated)
Task: {6305C233-F05E-40CD-83D1-779581769D66} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-04] (Facebook Inc.)
Task: {6BD68D2D-863F-4D47-A665-E7F3A68F4746} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-22] (AVAST Software)
Task: {79E8D535-7AC4-436A-AD3C-AB6C1B65D6A1} - System32\Tasks\{5DE2E2D5-CDB0-4A9F-891E-5120668A1983} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.6.73.106.456/fr/go/help.faq.installer?LastError=1618
Task: {7DD06E53-9549-4331-BB0A-6D6E2C14DEEC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {7E5932C8-FA6F-4D54-A6A9-ADB35FACFAAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {85DB4F51-2494-4B7E-8805-28CDDD0E97C3} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {93331F64-DAF6-4E7E-9026-E66E3A99784F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {98CC6DF4-B4E2-4E06-A24C-9CE23077D375} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-07] (COMODO)
Task: {9D9C3B88-7239-4B0F-A114-EA3E58ED0EEF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-04] (Facebook Inc.)
Task: {9FF465DF-CCE5-4AFD-85D5-9DD6A64A6FCC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2018-02-26] (Microsoft Corporation)
Task: {A23519E5-6B57-4738-AFEF-6C3DB8349AA3} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {B90637F5-62A7-47D7-8B50-23DEA9B08023} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-17] (AVAST Software)
Task: {BD6A3414-CEFA-4208-98CB-0220064E1D65} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-22] (AVAST Software)
Task: {BD859EB9-115C-4380-B15A-12FB54DC88F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2018-02-26] (Microsoft Corporation)
Task: {BDC98A27-4479-4895-87B4-973C59EE3C00} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-07] (COMODO)
Task: {D0EC01FD-85E3-42A4-ABDC-6E57C5A14DA7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {E9643065-3623-4705-80E9-7768E8D8B0E6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EC6CD308-5F6E-4ABB-BEE1-67EC45B68F9A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2019-01-18] (Microsoft Corporation)
Task: {F3A01A2B-DFAA-4E71-B3E1-86F0AB1A22CA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)
Task: {F4D8BC0E-7F13-4144-B2C7-A5E5BEB38989} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F7F5F030-281F-47D2-9989-D0998FE3D874} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-06-07] (COMODO)
Task: {F87C9117-EC7E-4B35-AFEE-8D089BD9ADA8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-21] (Piriform Software Ltd)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core.job => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA.job => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

Shortcut: C:\Users\Public\Desktop\Complete Installation of Lexmark 3600-4600 Series.LNK -> hxxp:\\www.lexmark.com\MD

==================== Modules chargés (Avec liste blanche) ==============

2019-01-06 19:44 - 2019-01-06 19:44 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-21 14:40 - 2019-01-21 14:40 - 006938256 _____ () C:\Program Files\AVAST Software\Avast\defs\19012104\algo64.dll
2019-01-06 19:44 - 2019-01-06 19:44 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-06 19:44 - 2019-01-06 19:44 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-06 19:44 - 2019-01-06 19:44 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2012-11-03 16:18 - 2009-10-16 17:12 - 000177664 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdxdrpp.dll
2015-01-06 16:35 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2009-01-21 18:45 - 2009-01-21 18:45 - 001401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-10-13 17:23 - 2011-03-25 04:28 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-03 16:21 - 2010-02-04 00:27 - 000672424 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
2019-01-06 19:44 - 2019-01-06 19:44 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-12 20:49 - 2015-03-23 12:43 - 000401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2019-01-10 05:01 - 2019-01-10 05:01 - 000107712 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 001044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-24 20:03 - 2011-08-24 20:03 - 000206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-11-03 16:21 - 2010-02-04 00:04 - 000380928 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll
2012-11-03 16:21 - 2010-02-03 23:52 - 000589824 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll
2012-11-03 16:21 - 2010-02-03 23:52 - 000073728 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll
2012-11-03 16:21 - 2010-02-04 00:04 - 000782336 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxDRS.dll
2012-11-03 16:21 - 2010-02-04 00:05 - 000081920 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll
2012-11-03 16:21 - 2010-02-03 23:52 - 000069632 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll
2012-11-03 16:21 - 2010-02-04 00:02 - 000364544 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\iptk.dll
2012-11-03 16:21 - 2007-09-06 04:11 - 000151552 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxptp.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 000465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 001081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 000125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-12-16 16:02 - 2014-10-31 16:40 - 001498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2014-12-16 16:02 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2014-10-12 20:49 - 2014-03-04 06:20 - 000117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-10-12 20:49 - 2014-04-21 21:14 - 000065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll
2014-10-12 20:49 - 2014-05-06 00:39 - 000861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-10-12 20:49 - 2014-05-06 00:58 - 000015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-10-12 20:49 - 2014-05-06 01:31 - 000015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2011-10-13 16:38 - 2010-09-13 20:28 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\HelpPane.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\hh.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BFE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\centel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
 
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fdWCN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hhsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icfupgd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetpp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetppui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtprio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itircl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\localspl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf3216.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MigAutoPlay.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT-KB890830.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrahc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ndptsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nsisvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\P2P.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\p2psvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pdh.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\plasrv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pnrpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\racpldlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\resmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rtm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rundll32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdchange.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srvsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\streamci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TabSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdc.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\themeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\traffic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wcncsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnEapAuthProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnEapPeerProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winnsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wisptis.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanhlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpnpinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshnetbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshqos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xpsrchvw.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
 
AlternateDataStreams: C:\Windows\SysWOW64\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\cic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fdWCN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hh.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hhsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iprtprio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\itircl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\itss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf3216.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MigAutoPlay.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msexch40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msexcl40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msimg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjet40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjetoledb40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjint40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjter40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjtes40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msltus40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mspbde40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrd2x40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrd3x40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrepl40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstext40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswdat10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswstr10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxbde40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ndptsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\P2P.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\racpldlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\resmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rtm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rundll32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdchange.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdc.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\themeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\traffic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wcncsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnEapAuthProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnEapPeerProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winnsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanhlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshqos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xpsrchvw.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\acpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\AGP440.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdk8.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdppm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswHdsKe.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswTap.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\errdev.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\exfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fastfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fltMgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FlyUsb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidparse.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\intelppm.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\isapnp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ks.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\luafv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mpsdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msisadrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msrpc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mssmbios.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndistapi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbios.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nsiproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NV_AGP.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nwifi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pacer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\processr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdyboost.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftfslh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftplaylh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftredirlh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftvollh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srvnet.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\swenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\termdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ULIAGPKX.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbehci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbhub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbohci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\vdrvroot.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\videoprt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgr.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgrx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wanarp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wmiacpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\227646_6964024071_4709_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\ccsetup552.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\ccsetup552.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\DSC_1719.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\HJWPL747-1-iymjto9fpu.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\HJWPL747-3-8tm8gyhmv4.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\JRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\JRT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Lettre-Annie (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\proof (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Service-Cancellation-FR.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Soren.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\TFC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\TFC.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\12227222_10153284249929072_4200517912926609568_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13624983_479999892199363_2003158930_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13633368_480904072108945_152728667_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13644232_480904062108946_1101332071_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13652456_480904082108944_1445790150_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13823433_486234614909224_983713098_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13871825_486234654909220_622643076_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14218480_10153954360549072_274147438_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14225465_10153944668259072_2864217039074824313_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14249075_10153954360434072_2064753517_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14287549_10153954360669072_556457948_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\144715.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\15073567_10154166052729072_5355811588223051121_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\15110898_918666388266228_6336666598917572651_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16466248_10154389269159072_1704001219_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\19- ATTESTATION DES SERVICES DE GARDE FOURNIS.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\20160502_Modif_nombre places subv.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\21078438_10155011744319072_6461025998085219307_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\27858317_10215487831851974_3029451992347559096_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\30092018_COMMANDE_C8E340887O80203.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\300x200_pied-main-bouche.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\4100-019-fr-cession-police.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\43204164_10156036215299072_886390862307655680_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\7. Jackson 5 - I Want You Back.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Annexe 2 Demande de modification.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ATT00006:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\AttestationFormation.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\BellPDF.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\biblio.mid:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Billie Jean.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Blocs_etudes_5227.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bloc_etudes_5357.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bonnie Tyler - I Need a Hero (Lyrics) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bordereau de paiement de la subvention pour la période terminée le 2016-09-04%2c versée le 2016-09-15 - FIPEQ-CSQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cadeau_sans_fin.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou - La chanson des couleurs (avec illustrations).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou - Les dinosaures.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou French Theme Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou- J'ai perdu mon nounours (paroles).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_ (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\carte-de-membre (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\carte-de-membre.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ccsetup545.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ccsetup545.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Certificat (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Certificat.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\CHANSON SOUVENIR paul daraiche les anges du mexique.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\China Girl - David Bowie (with lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\commentaire-ndh.doc:$CmdZnID [26]
 
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Contract_27514610.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\David Bowie - Modern Love.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dirty Dancing Soundtrack - I've Had The Time Of My Life.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\doc20170425073850.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\dpliantairmontmagny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_0970.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_1239.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_1242.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dynamite (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dynamite.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Earth, Wind & Fire - September.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\elaws_statutes_91m27_f.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Elton John - Can You Feel The Love Tonight (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\entente_services_dynamique.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Evanescence - My Immortal (Video).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Fiche embauche d%27une assistante.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Fiche suspension reconnaissance - révisé.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Firefox Installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Firefox Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\FORMATION_GENERALE.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Formulaire d%27adhésion - campagneRSG - Français.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Grille 1 an.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\grille 2 ans.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Grille 3 ans.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Générique - Clifford,le gros chien rouge.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Générique - La Maison de Mickey et la chanson -Mickey Dance-.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Harry Potter and the Sorcerer's Stone Soundtrack -19. Hedwig's Theme.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\horloge1_exercices.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\I'll Be There.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ileftmyheartinsanfran.mid:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\il_570xN.715537618_o2kw.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Immortals - Fall Out Boy (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (1).PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (2).PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Invitation Tournée BC avril 2018.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\J'ai adopté un dinosaure - Chansons d'école.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Jackson 5-Blame it on the Boogie.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - Evermore (From Beauty and the Beast) [Lyrics].mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - If I Can´t Love Her Beauty and the Beast 2017.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - When You Say You Love Me.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - You Are Loved [Don't Give Up] Official Music Video.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Justin Rêve - Générique - NICKELODEON JUNIOR.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Justin Timberlake - Can't Stop the Feeling ( Lyrics Video ) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\J`aime sa Jouer Caillou.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\L'amour a pris son temps de La guerre des tuques.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ladjectif.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_boite_aux_lettres_du_pÈre_noel.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_chauve-souris.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\La_Femme-licorne.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole (5).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole (6).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Le Festin- Camille (Ratatouille Soundtrack).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Le Roi Lion - L'histoire de la vie.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lecture_de_mots (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lecture_de_mots.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Les BB - T'es Dans La Lune.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\les_araignées.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\les_araignées.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Let's Dance with lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre de remerciement.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre-Annie (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre-Annie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_calendrier_du_pÈre_noel.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lheure_1_ (1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lheure_1_.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Life is a Highway lyrics - Rascal Flatts.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\loie.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\loie.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\London calling-The clash.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\main_pour_la_phrase (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\main_pour_la_phrase.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Mario Kart DS- Rainbow Road.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante.odt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\messenger_code_905359326236229.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\MIchael Jackson & Paul McCartney Say Say Say Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Give In To Me (lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Human Nature .mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Je Ne Veux Pas La Fin De Nous Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Man In The Mirror.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\michael-jackson-5-medley-at-motown-25-billie-jean-complete-restored.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michel Louvain - 25 ans d'amour.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michel Louvain - Sylvie (1962) [HD].mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Minions Song - YMCA - Despicable me 2.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\num (1).swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\num.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\OFFICIAL DEBUT - Fantastic Beasts and Where to Find Them - Main Titles - James Newton Howard.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\OFFICIAL Somewhere over the Rainbow - Israel IZ Kamakawiwo-ole.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Opening Theme - SPIRIT RIDING FREE.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\order-1311294-single-photos-part1of1.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Pascal DANEL Les neiges du Kilimanjaro.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\PDF_523157694_52_2018-02-19_0000000000.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Peppa Pig French Theme Song.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Petit Papa Noel.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\petit papa noël version Les Minions.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Petula Clark - Je me sens bien auprès de toi - 1963.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\proof (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\proof.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Publicite nuit de Noel.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RelevéNotes.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rl-24(2015-10)dxi.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (3).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (4).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (5).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (6).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (7).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RLZ-1.S(2017-10)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Rockwell - Somebody's Watching Me Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RptPrsNet3263_RecusInscL.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_anglais (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_anglais.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_des_complémentaires.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Shrek 2- Livin la vida loca (Eddie Murphy& Antonio).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\songci 08.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Starship - Nothing's Gonna Stop Us Now.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Surfaris - Wipe Out.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\suspension.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\tableau.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Teenage Mutant Ninja Turtles Theme.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\The Cars - You Might Think (OFFICIAL MUSIC VIDEO).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\The Champs - Tequila HQ.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\the-sound-of-silence-original-version-from-1964.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Tiësto ft. Icona Pop - Let's Go! (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Torture.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Tout à Coup, Histoire de Jouets.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TP-1026(2018-01)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Travail-de-deontologie.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\travail_ou_loisir.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TWISTEDSISTER-2003.jpg-c200:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TwistedSister-LiveAtWackenDVDandCD.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\USA for Africa - We are the World.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (2).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\You Are Not Alone Lyrics (Michael Jackson).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\~he-sound-of-silence-original-version-from-1964.tmp:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Ça va ça va - Claudio Capéo (Paroles).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Documents\Jean-Jacques Goldman - Quand La Musique Est Bonne.mp3:$CmdZnID [26]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-13 21:34 - 2019-01-06 19:39 - 000000030 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212019180511424\Control Panel\Desktop\\Wallpaper -> C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu is disabled.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{70969C10-61F7-42B4-BDC8-917270BE7C33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{B13AA4C6-50D3-420B-9874-6E867BD24A1E}] => (Allow) LPort=2869
FirewallRules: [{30124E73-E94B-4911-83FC-022D4E216A5E}] => (Allow) LPort=1900
FirewallRules: [{8440651C-DF0A-4C6E-8E37-96F8593DD308}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation)
FirewallRules: [{169C2CCE-9D71-4877-AC67-F9C167B8D0F0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (Acer Incorporated)
FirewallRules: [{40568FC8-A3B6-4A37-AA7D-B5C368482A62}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink Corp.)
FirewallRules: [{384BDA83-03FC-4DA2-A2A0-C35753D2F809}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (CyberLink Corp.)
FirewallRules: [{8F3D6905-F581-4331-B6DA-913AEA8DB8F1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink)
FirewallRules: [{B2A22939-E23E-4006-9798-63D77C326712}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink)
FirewallRules: [{54DBB9B5-1C85-4D6B-883D-3563BAFA2B1F}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink)
FirewallRules: [{008DA9DB-506E-4009-B9FF-3908242C07BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{05445CCC-06E2-4E35-AD7F-BCDF5E870CCF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{23D09075-C973-43AA-858B-7A4C17A0781D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{E3DA6737-5D93-46B0-A626-6F413DA73308}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{F8C006C5-BD5A-40FC-98B3-0E3D0F6235EE}] => (Allow) C:\Windows\SysWOW64\lxdxcoms.exe ( )
FirewallRules: [{13F8D7A2-8E77-45DA-A4A7-BCEB2B5627AD}] => (Allow) C:\Windows\SysWOW64\lxdxcoms.exe ( )
FirewallRules: [{91F9A524-CBAB-489D-854F-DAA7FC3B1F86}] => (Allow) C:\Windows\System32\lxdxcoms.exe ( )
FirewallRules: [{CE244355-C11B-48CF-91EE-BC57539E4F1B}] => (Allow) C:\Windows\System32\lxdxcoms.exe ( )
FirewallRules: [{B983845B-2CE1-4F19-8E91-44AC321E0FB4}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdxpswx.exe ()
FirewallRules: [{85B68524-E70B-400E-8F9C-530793C13874}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdxpswx.exe ()
FirewallRules: [{EB0D8EE0-E5B3-4019-B922-FACF62C46601}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
FirewallRules: [{C28C110B-89D1-40A4-BEE2-01EB778D41F6}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
FirewallRules: [{2084BC90-62DF-45F4-B596-67E1BFD5E8E6}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxlscn.exe ()
FirewallRules: [{4AA0E4CD-E65C-4E7B-A5D7-40915FF8D4A3}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxlscn.exe ()
FirewallRules: [TCP Query User{5AA57B40-3449-49C9-B73D-AA1CFD8C650F}C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe] => (Block) C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe ()
FirewallRules: [UDP Query User{2BF6D17C-CC83-4080-A2CB-98BE2D666B2C}C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe] => (Block) C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe ()
FirewallRules: [{90A44C2F-BADF-4E20-A83D-BA5D4F587800}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{8E1769DB-83BB-46D5-ABCA-B69BF5649CA1}] => (Allow) C:\Users\Utilisateur\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
FirewallRules: [{424DD0A4-874C-43DC-A29B-9205B2E0653C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation)
FirewallRules: [{1BC162E7-C5E3-43F1-9FAE-B174ADA7C96D}] => (Allow) C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
FirewallRules: [{A2A5435F-BB7F-4FA9-8187-41521602B5E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{C0065E6A-649F-46F0-8169-F1501363577E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{2A6962E3-D83B-4C61-B3B3-A0EA0C4A53F8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{AAFCD520-A6ED-48BE-AB7D-5DD22CDB27F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{160675F6-1373-4EAB-BA71-370D61F20663}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{41801634-31A5-44D5-9D83-04BAF777748F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{BDDBE133-5070-41B7-BDFC-61A44D99540B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{6475ED93-1E02-463F-B6DD-E15F58EF0ADA}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
FirewallRules: [{884B845A-A334-4317-A091-C9F952704072}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{CE7036EC-AA2D-454D-B71F-21082EE3F919}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Points de restauration =========================


==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (01/21/2019 06:11:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/21/2019 06:01:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Error: (01/21/2019 05:56:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Error: (01/21/2019 04:59:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/21/2019 03:59:44 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/21/2019 02:59:43 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/21/2019 01:59:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/21/2019 12:59:44 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.


Erreurs système:
=============
Error: (01/21/2019 05:57:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Le service Superfetch s’est arrêté avec l’erreur service particulière L’opération a réussi.
.

Error: (01/21/2019 05:57:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Agent de stratégie IPsec s’est arrêté avec l’erreur :
Service d’authentification inconnu.

Error: (01/21/2019 05:57:16 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: AUTORITE NT)
Description: Impossible de démarrer l’Assistant Installation du module linguistique. Redémarrez le système et exécutez l’Assistant à nouveau.

Error: (01/21/2019 05:57:16 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: AUTORITE NT)
Description: L’initialisation du client CBS a échoué. Dernière erreur : 0x8007045b

Error: (01/21/2019 05:57:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Service de l’iPod s’est arrêté avec l’erreur :
La classe est configurée pour être exécutée comme un ID de sécurité différent de celui de l’appelant

Error: (01/21/2019 08:26:59 AM) (Source: volsnap) (EventID: 14) (User: )
Description: Les clichés instantanés C: ont été annulés à cause d’une défaillance d’E/S sur le volume C:.

Error: (01/21/2019 08:15:57 AM) (Source: volsnap) (EventID: 14) (User: )
Description: Les clichés instantanés C: ont été annulés à cause d’une défaillance d’E/S sur le volume C:.

Error: (01/18/2019 03:48:31 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: AUTORITE NT)
Description: L’initialisation du client CBS a échoué. Dernière erreur : 0x8007041d


Windows Defender:
===================================
Date: 2012-09-02 20:08:03.975
Description:
L’analyse Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {CBD8C7D7-727C-4CBF-8515-C904BB8141EB}
Type de l’analyse : Logiciel anti-espion
Paramètres de l’analyse : Analyse rapide
Utilisateur : Utilisateur-PC\Utilisateur

Date: 2014-05-30 12:39:28.304
Description:
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070002
Description de l’erreur : Le fichier spécifié est introuvable.
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

Date: 2014-05-30 10:14:49.751
Description:
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070002
Description de l’erreur : Le fichier spécifié est introuvable.
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

Date: 2013-08-04 17:40:41.536
Description:
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070002
Description de l’erreur : Le fichier spécifié est introuvable.
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

CodeIntegrity:
===================================

Date: 2016-06-08 21:52:29.638
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\ComboFix\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

Date: 2016-06-08 21:52:29.466
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\ComboFix\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

Date: 2014-05-31 23:08:13.611
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Your_name\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

Date: 2014-05-31 23:08:13.502
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Your_name\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 31%
Mémoire physique - RAM - totale: 5995.86 MB
Mémoire physique - RAM - disponible: 4119.75 MB
Mémoire virtuelle totale: 11989.86 MB
Mémoire virtuelle disponible: 9626.89 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:451.66 GB) (Free:345.92 GB) NTFS

\\?\Volume{1cd41745-766d-11e1-bfdb-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{1cd41744-766d-11e1-bfdb-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:1.79 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 37E1A04C)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.7 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

========================================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
RogueKiller Anti-Malware V13.1.0.0 (x64) [Jan 21 2019] (Gratuit) par Adlice Software
email : https://adlice.com/contact/
Site web : https://adlice.com/download/roguekiller/
Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits
Démarré en : Mode normal
Utilisateur : Utilisateur [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20181112_000000, Driver : Chargé
Mode : Scan Standard, Suppression -- Date : 2019/01/21 21:18:14 (Durée : 00:20:41)
Commutateurs : -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Suppression ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Hj.Shortcut (Malicieux)] \{5DE2E2D5-CDB0-4A9F-891E-5120668A1983} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/6.6.73.106.456/fr/go/help.faq.installer?LastError=1618) -> Supprimé(e)
[PUP.Auslogics (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\Software\Auslogics -- -> Supprimé(e)
[PUP.Gen3 (Potentiellement Malicieux)] yahoo-lavasoft.xml -- %_Utilisateur_appdata%\Mozilla\Firefox\Profiles\im9xbt9s.default\searchplugins\yahoo-lavasoft.xml -> Supprimé(e)
[PUP.Auslogics (Potentiellement Malicieux)] Auslogics -- %programdata%\Auslogics -> Supprimé(e)
[PUP.Auslogics (Potentiellement Malicieux)] Auslogics -- %programdata%\Microsoft\Windows\Start Menu\Programs\Auslogics -> Supprimé(e)
[PUP.Auslogics (Potentiellement Malicieux)] Auslogics -- %programfiles(x86)%\Auslogics -> Supprimé(e)
[PUP.Auslogics (Potentiellement Malicieux)] Auslogics -- %programfiles(x86)%\Auslogics -> Trouvé(e)
[PUM.SearchEngine (Potentiellement Malicieux)] browser.search.defaultenginename -- Yahoo® -> Supprimé(e)
[PUM.SearchEngine (Potentiellement Malicieux)] browser.search.selectedEngine -- Yahoo® -> Supprimé(e)
 
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/21/19
Scan Time: 9:22 PM
Log File: 9c95b1ea-1dec-11e9-b4de-047d7b7ce3b2.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.519
Update Package Version: 1.0.8902
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Utilisateur-PC\Utilisateur

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 264958
Threats Detected: 4
Threats Quarantined: 4
Time Elapsed: 4 min, 57 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 4
PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\747F6DE277CEB4AB.VIR\DISKDEFRAG\DISKWIPEHELPER.DLL, Quarantined, [3592], [610189],1.0.8902
PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\747F6DE277CEB4AB.VIR\DISKDEFRAG\DISKCLEANERHELPER.DLL, Quarantined, [3592], [610189],1.0.8902
PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\747F6DE277CEB4AB.VIR\DISKDEFRAG\AXBROWSERS.DLL, Quarantined, [3592], [610189],1.0.8902
PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\747F6DE277CEB4AB.VIR\DISKDEFRAG\REGISTRYCLEANERHELPER.DLL, Quarantined, [3592], [610189],1.0.8902

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-21-2019
# Duration: 00:00:08
# OS: Windows 7 Home Premium
# Cleaned: 27
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AdTrustMedia
Deleted HKLM\Software\Wow6432Node\AdTrustMedia
Deleted HKLM\Software\AdTrustMedia
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{E043C840-CD76-4F58-920D-DF37C1A404DD}
Deleted HKLM\Software\Classes\TypeLib\{E043C840-CD76-4F58-920D-DF37C1A404DD}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{2B2B8941-29D3-4F81-BB1C-381AA74C0E0D}
Deleted HKLM\Software\Classes\TypeLib\{2B2B8941-29D3-4F81-BB1C-381AA74C0E0D}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{5E430C0F-FAD2-44C5-8A54-06BE9137D41B}
Deleted HKLM\Software\Classes\TypeLib\{5E430C0F-FAD2-44C5-8A54-06BE9137D41B}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3877 octets] - [21/01/2019 21:31:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Exécuté par Utilisateur (administrateur) sur UTILISATEUR-PC (22-01-2019 17:32:12)
Exécuté depuis C:\Users\Utilisateur\Desktop
Profils chargés: Utilisateur (Profils disponibles: Utilisateur)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
( ) C:\Windows\System32\lxdxcoms.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [lxdxmon.exe] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424 2010-02-04] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe [107176 2010-02-04] (Lexmark International Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-06-07] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2015-03-23] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2019-01-21] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-21] (Piriform Software Ltd)
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32-x32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corp.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{663285AB-AD47-4946-BDC2-0D2DFC414EAE}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{809B5500-7F35-4BE2-AB1C-7BB6D860B9D8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL =
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://qc.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000 -> {A8527447-EB8E-4873-ABB3-8A5429FAD7D0} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2019-01-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-01-18] (Microsoft Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler: WSISVCUchrome - Pas de valeur CLSID

FireFox:
========
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default [2019-01-21]
FF Homepage: Mozilla\Firefox\Profiles\im9xbt9s.default -> hxxp://www.google.ca/
FF NewTab: Mozilla\Firefox\Profiles\im9xbt9s.default -> about:blank
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\Extensions\sp@avast.com.xpi [2019-01-09]
FF Extension: (Avast Online Security) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\Extensions\wrc@avast.com.xpi [2019-01-09]
FF Extension: (Telemetry coverage) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\im9xbt9s.default\features\{1a905522-370e-43d8-ad8f-4a5608db7694}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-13] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-11-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3561402276-1669811274-1820601791-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Utilisateur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2019-01-22]
CHR Extension: (Slides) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-07-26]
CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Recherche Google) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-15]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-19]
CHR Extension: (Sheets) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-01]
CHR Extension: (Avast Online Security) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-12-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-22] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2018-02-26] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817200 2016-06-07] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-06-07] (COMODO)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-07] (WildTangent)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 lxdx_device; C:\Windows\system32\lxdxcoms.exe [1039872 2010-02-03] ( )
R2 lxdx_device; C:\Windows\SysWOW64\lxdxcoms.exe [589824 2010-02-03] ( )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2019-01-21] (Malwarebytes)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-12-12] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-04-27] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829608 2016-04-27] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-04-27] (COMODO)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2019-01-21] (Malwarebytes)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2015-05-11] (LeapFrog)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-04-27] (COMODO)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-01-21] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-01-22] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2019-01-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-01-22] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2019-01-22] (Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-01-21] ()

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-01-22 06:49 - 2019-01-22 06:49 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-01-22 06:48 - 2019-01-22 17:30 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-01-22 06:48 - 2019-01-22 06:48 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-01-22 06:44 - 2019-01-22 06:48 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-01-21 21:28 - 2019-01-21 21:28 - 000001861 _____ C:\Users\Utilisateur\Desktop\malware.txt
2019-01-21 21:22 - 2019-01-21 21:22 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-01-21 21:22 - 2019-01-21 21:22 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\mbamtray
2019-01-21 21:21 - 2019-01-21 21:21 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-21 21:21 - 2019-01-21 21:21 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-21 21:21 - 2019-01-21 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-21 20:56 - 2019-01-21 21:19 - 000000000 ____D C:\Program Files\RogueKiller
2019-01-21 20:56 - 2019-01-21 20:56 - 000000862 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-01-21 20:56 - 2019-01-21 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-01-21 20:51 - 2019-01-21 20:51 - 007320272 _____ (Malwarebytes) C:\Users\Utilisateur\Desktop\AdwCleaner.exe
2019-01-21 20:50 - 2019-01-21 20:52 - 082482456 _____ (Malwarebytes ) C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe
2019-01-21 20:49 - 2019-01-21 20:50 - 029373232 _____ (Adlice Software ) C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe
2019-01-21 18:55 - 2019-01-21 18:56 - 000143994 _____ C:\Users\Utilisateur\Desktop\Addition.txt
2019-01-21 18:52 - 2019-01-22 17:34 - 000027257 _____ C:\Users\Utilisateur\Desktop\FRST.txt
2019-01-21 18:52 - 2019-01-22 17:32 - 000000000 ____D C:\FRST
 
2019-01-21 18:52 - 2019-01-21 18:52 - 000000000 ____D C:\Users\Utilisateur\Desktop\FRST-OlderVersion
2019-01-21 18:51 - 2019-01-21 18:52 - 002428416 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2019-01-21 18:47 - 2019-01-21 18:46 - 000110968 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2019-01-21 18:46 - 2019-01-21 18:46 - 000110968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-01-21 18:45 - 2019-01-21 18:45 - 000000000 ____D C:\Program Files\Java
2019-01-21 18:40 - 2019-01-21 18:42 - 074907488 _____ (Oracle Corporation) C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe
2019-01-21 18:35 - 2019-01-21 18:36 - 019341880 _____ (Piriform Software Ltd) C:\Users\Utilisateur\Desktop\ccsetup552.exe
2019-01-21 18:33 - 2019-01-21 18:34 - 000000170 _____ C:\Windows\wininit.ini
2019-01-21 18:04 - 2019-01-22 17:13 - 000002814 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-15 10:00 - 2019-01-21 15:30 - 000000000 ____D C:\Users\Utilisateur\Desktop\cd medley
2019-01-14 18:20 - 2019-01-14 18:20 - 000000000 ____D C:\Windows\D2073531CBB04AFDAB89CE167C88B3C5.TMP
2019-01-14 17:47 - 2019-01-14 17:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\_
2019-01-14 17:46 - 2019-01-14 17:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Downloaded Installations
2019-01-14 17:44 - 2019-01-14 17:45 - 037776362 _____ (SelectATrack) C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe
2019-01-14 17:23 - 2019-01-14 18:03 - 000000000 ____D C:\Users\Utilisateur\Desktop\Karaoke
2019-01-14 17:23 - 2019-01-14 18:02 - 000000168 _____ C:\Users\Utilisateur\Desktop\CB40115 - Chartbuster - Full Disc - Michael Jackson - Karaoke CDG.zip
2019-01-14 17:03 - 2019-01-14 17:03 - 000000000 ____D C:\Users\Utilisateur\Documents\Ripped karaoke
2019-01-14 17:03 - 2019-01-14 17:03 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Doblon
2019-01-14 17:03 - 2019-01-14 17:03 - 000000000 ____D C:\Program Files (x86)\Doblon
2019-01-14 14:52 - 2019-01-14 14:52 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\mbam
2019-01-14 11:45 - 2019-01-14 11:45 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-10 16:22 - 2019-01-10 16:22 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\{90DB832A-6C15-484D-8FC8-38DEE0E9573D}
2019-01-09 07:23 - 2019-01-09 07:23 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 07:23 - 2019-01-09 07:23 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 07:23 - 2019-01-09 07:23 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 07:23 - 2019-01-09 07:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 07:23 - 2019-01-09 07:23 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 07:23 - 2019-01-09 07:23 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 07:23 - 2019-01-09 07:23 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 07:23 - 2019-01-09 07:23 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 07:23 - 2019-01-09 07:23 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 07:23 - 2019-01-09 07:23 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 07:23 - 2019-01-09 07:23 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 07:23 - 2018-12-28 13:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 07:23 - 2018-12-28 13:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 07:23 - 2018-12-27 18:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 07:23 - 2018-12-27 18:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 07:23 - 2018-12-27 18:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 07:23 - 2018-12-27 18:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-06 19:45 - 2019-01-06 19:43 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-06 19:45 - 2019-01-06 19:43 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-06 19:45 - 2019-01-06 19:43 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-06 19:45 - 2019-01-06 19:43 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-06 19:44 - 2019-01-06 19:44 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-01-22 17:32 - 2009-07-13 23:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-22 17:32 - 2009-07-13 23:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-22 17:13 - 2018-03-28 14:33 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-22 17:13 - 2018-03-13 07:22 - 000004658 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-22 17:13 - 2015-12-03 07:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-01-22 17:13 - 2015-01-03 13:22 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-01-22 17:13 - 2013-11-04 18:36 - 000003950 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA
2019-01-22 17:13 - 2013-11-04 18:36 - 000003582 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core
2019-01-22 17:13 - 2013-11-04 18:36 - 000000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA.job
2019-01-22 17:13 - 2013-11-04 18:36 - 000000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core.job
2019-01-22 17:13 - 2013-07-11 20:26 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-22 17:13 - 2013-07-11 20:26 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-22 17:13 - 2013-07-11 20:19 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-22 17:13 - 2013-07-11 19:59 - 000003124 _____ C:\Windows\System32\Tasks\{9DA6A169-A2FA-41D8-B1B6-D334CAA3D2F0}
2019-01-22 17:13 - 2012-11-03 16:21 - 000003216 _____ C:\Windows\System32\Tasks\Installation App Launcher
2019-01-22 08:04 - 2018-08-09 18:13 - 000000000 ____D C:\Users\Utilisateur\Desktop\Bureau
2019-01-22 06:49 - 2012-07-28 01:35 - 000000000 ____D C:\ProgramData\clear.fi
2019-01-22 06:43 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-21 21:32 - 2017-04-25 09:18 - 000000000 ____D C:\AdwCleaner
2019-01-21 20:56 - 2016-06-07 21:12 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-01-21 20:44 - 2018-07-26 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-21 20:44 - 2013-05-18 20:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-21 18:49 - 2013-07-10 18:09 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\vlc
2019-01-21 18:47 - 2014-11-26 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-21 18:47 - 2013-07-11 19:51 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-21 18:37 - 2012-09-13 12:08 - 000000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-21 18:37 - 2012-09-13 12:08 - 000000000 ____D C:\Program Files\CCleaner
2019-01-21 18:34 - 2018-07-26 11:26 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Mozilla
2019-01-21 18:07 - 2012-03-25 07:22 - 000914660 _____ C:\Windows\system32\perfh00C.dat
2019-01-21 18:07 - 2012-03-25 07:22 - 000208768 _____ C:\Windows\system32\perfc00C.dat
2019-01-21 18:07 - 2009-07-14 00:13 - 001898642 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-21 18:07 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-01-18 15:43 - 2012-07-28 02:59 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-18 15:43 - 2012-07-28 02:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 15:37 - 2012-07-28 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-18 14:46 - 2012-08-24 19:52 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-18 14:36 - 2018-12-12 20:29 - 000000000 ____D C:\Users\Utilisateur\Desktop\Photos des enfants et cie
2019-01-18 06:57 - 2015-01-06 16:48 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-18 06:55 - 2015-01-06 16:35 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-17 22:46 - 2018-10-18 20:48 - 000101019 _____ C:\Users\Utilisateur\Desktop\Ces souvenirs qui s'envolent. - Copie.odt
2019-01-16 06:50 - 2018-05-22 15:56 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-16 06:50 - 2018-05-22 15:56 - 000002390 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-01-11 10:44 - 2017-03-12 17:42 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-10 08:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 17:46 - 2012-12-07 12:50 - 001873710 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 17:43 - 2013-07-11 20:32 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 17:39 - 2012-07-28 02:05 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-08 11:22 - 2013-07-11 20:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-08 11:22 - 2013-07-11 20:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-08 11:22 - 2012-07-28 02:59 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 11:22 - 2011-10-13 17:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-06 19:56 - 2017-04-13 07:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-06 19:45 - 2018-01-04 14:59 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-06 19:44 - 2018-10-21 20:27 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-06 19:44 - 2017-11-16 17:31 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-06 19:44 - 2014-05-31 22:20 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-06 19:44 - 2014-05-31 22:20 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-06 19:44 - 2013-07-10 18:23 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-06 19:44 - 2013-07-10 18:23 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-06 19:44 - 2012-08-24 19:52 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-06 19:44 - 2012-08-24 19:52 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-06 19:43 - 2012-08-24 19:52 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\dllhost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2019-01-14 07:52

==================== Fin de FRST.txt ============================
 
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Exécuté par Utilisateur (22-01-2019 17:35:27)
Exécuté depuis C:\Users\Utilisateur\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-28 06:02:47)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3561402276-1669811274-1820601791-500 - Administrator - Disabled)
Invité (S-1-5-21-3561402276-1669811274-1820601791-501 - Limited - Disabled)
Utilisateur (S-1-5-21-3561402276-1669811274-1820601791-1000 - Administrator - Enabled) => C:\Users\Utilisateur

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-3514dcf7-c85e-40ee-b912-74b9527853e3) (Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\{AB398DDB-0E7B-400B-A940-7E61FB91A531}) (Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.42.68439 - Alcor Micro Corp.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - AVAST Software)
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-c84d156e-e662-46ef-8a12-4ffdb5ee5ac9) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (HKLM-x32\...\WTA-0d4abdc4-0ca4-4606-b90b-9e56a5736747) (Version: 2.2.0.97 - WildTangent) Hidden
Canaux de jeu (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Chronicles of Albian (HKLM-x32\...\WTA-ecedfd0e-6318-44c2-b869-944dbcab2e35) (Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-91f40732-562f-4402-b903-e9381ebddf9b) (Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}) (Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
COMODO Internet Security (HKLM\...\{BCC0552D-76C0-4130-BFBD-49BE49ACC594}) (Version: 6.0.2566.2708 - COMODO Security Solutions Inc.)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Rome 2 (HKLM-x32\...\WTA-474671dd-9ee4-4541-a63f-d0618511f40b) (Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-ef090399-fafd-47a5-8d1d-171cf05fae35) (Version: 2.2.0.95 - WildTangent) Hidden
Elevated Installer (HKLM-x32\...\{93765DFA-8A67-41FB-9FC0-B12341CA65F3}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE: The Cursed King (HKLM-x32\...\WTA-e72e6929-da59-4d6e-81db-e1d7418596d2) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (HKLM-x32\...\WTA-512efe47-2bbf-4ddf-8aaf-3cde77766978) (Version: 2.2.0.95 - WildTangent) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{65135558-F1AE-4B9B-8C0B-180730ACA261}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{C233BCC3-29C4-49C0-B955-0A94509FC4FC}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (HKLM-x32\...\{876AB032-B2A4-41FF-AF87-DBC78454C1B0}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-aea8b8b6-c844-4f67-91d5-3a190bc0f209) (Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-cdc58ee0-1182-43fa-8daa-35ef154b6704) (Version: 2.2.0.97 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Lexmark 3600-4600 Series (HKLM\...\Lexmark 3600-4600 Series) (Version: - Lexmark International, Inc.)
LogiCentre MF-INS (HKLM-x32\...\LOGICENTRE MF-INSLogiCentre MF (32 bits)) (Version: 6.22.5.1 - Programica)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft Office Starter 2010 - Français (HKLM-x32\...\{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 fr)) (Version: 56.0 - Mozilla)
Mozilla Firefox 64.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 64.0.2 (x64 fr)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (HKLM-x32\...\WTA-025c0025-db99-42e3-bd17-ad60ddae02f9) (Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
newsXpresso (HKLM-x32\...\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-040C-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{155C4F2E-7381-4B80-B258-FD0600C9C46B}) (Version: 4.15.9789 - Apache Software Foundation)
Penguins! (HKLM-x32\...\WTA-97944133-03ea-4a96-830e-bd0734efb62e) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-b889508c-e7c6-43f7-b308-17dc6064576e) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-b8cecda9-6f5a-42c1-9b64-f375e38105ab) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-01ed131c-4505-472d-b8c1-f76fc79e44fb) (Version: 2.2.0.95 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Relevé 24 Version 2012-MF (HKLM-x32\...\Relevé 24 Version 2012 Version Milieu Familial_is1) (Version: - )
Relevé 24 Version 2013-MF (HKLM-x32\...\Relevé 24 Version 2013 Version Milieu Familial_is1) (Version: - )
Relevé 24 Version 2014-MF (HKLM-x32\...\Relevé 24 Version 2014 Version Milieu Familial_is1) (Version: - )
RogueKiller version 13.1.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.1.0.0 - Adlice Software)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Torchlight (HKLM-x32\...\WTA-98b87892-683c-4b02-8c54-cd17a7ff2b2c) (Version: 2.2.0.97 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 5 - New Believers (HKLM-x32\...\WTA-a049c27f-dbc1-4791-a44d-e7745cb551ce) (Version: 2.2.0.97 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VTech Download Agent Library (HKLM-x32\...\{DB083AE1-3354-4AAD-BD44-5F2CC4B2ECE6}) (Version: 1.00.0000 - VTech) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.14 - WildTangent) Hidden
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAS 2016 (HKLM-x32\...\WinRAS_2016_is1) (Version: - Revenu Québec)
WinRAS 2016.07 (HKLM-x32\...\WinRAS_2016.07_is1) (Version: - Revenu Québec)
WinRAS 2017.01 (HKLM-x32\...\WinRAS_2017.01_is1) (Version: - Revenu Québec)
Zuma's Revenge (HKLM-x32\...\WTA-b9707395-8342-4661-9cc4-5346db47a18a) (Version: 2.2.0.97 - WildTangent) Hidden

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-04-27] (COMODO)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => -> Pas de fichier
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-04-27] (COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-06-21] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-04-27] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {116BE369-C3E2-4ACF-B16F-D7BB867F6F54} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {18DD8EBF-2FA1-4189-8A03-C1066711FFCE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-21] (Piriform Ltd)
Task: {25EDA95A-4AE4-4E93-8CB4-7AADBD906E7E} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {40CB29A8-6E26-4150-9788-3F04A6CE10D9} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {4DDAC371-2FD8-495A-8842-94BAEF186775} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {4FCFFE6B-A74E-40CC-A847-4EC84036B978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5AC9029A-A5FF-42C8-9F8B-D0E3276CE7C9} - System32\Tasks\{9DA6A169-A2FA-41D8-B1B6-D334CAA3D2F0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Task: {60D3BD08-B159-45B2-AC83-DAC33074E05D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-09-20] (Adobe Systems Incorporated)
Task: {6305C233-F05E-40CD-83D1-779581769D66} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-04] (Facebook Inc.)
Task: {6BD68D2D-863F-4D47-A665-E7F3A68F4746} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-22] (AVAST Software)
Task: {7DD06E53-9549-4331-BB0A-6D6E2C14DEEC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {7E5932C8-FA6F-4D54-A6A9-ADB35FACFAAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {85DB4F51-2494-4B7E-8805-28CDDD0E97C3} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {93331F64-DAF6-4E7E-9026-E66E3A99784F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {98CC6DF4-B4E2-4E06-A24C-9CE23077D375} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-07] (COMODO)
Task: {9D9C3B88-7239-4B0F-A114-EA3E58ED0EEF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-04] (Facebook Inc.)
Task: {9FF465DF-CCE5-4AFD-85D5-9DD6A64A6FCC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2018-02-26] (Microsoft Corporation)
Task: {A23519E5-6B57-4738-AFEF-6C3DB8349AA3} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {B90637F5-62A7-47D7-8B50-23DEA9B08023} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-17] (AVAST Software)
Task: {BD6A3414-CEFA-4208-98CB-0220064E1D65} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-22] (AVAST Software)
Task: {BD859EB9-115C-4380-B15A-12FB54DC88F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2018-02-26] (Microsoft Corporation)
Task: {BDC98A27-4479-4895-87B4-973C59EE3C00} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-06-07] (COMODO)
Task: {D0EC01FD-85E3-42A4-ABDC-6E57C5A14DA7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {E9643065-3623-4705-80E9-7768E8D8B0E6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EC6CD308-5F6E-4ABB-BEE1-67EC45B68F9A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2019-01-18] (Microsoft Corporation)
Task: {F3A01A2B-DFAA-4E71-B3E1-86F0AB1A22CA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)
Task: {F4D8BC0E-7F13-4144-B2C7-A5E5BEB38989} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F7F5F030-281F-47D2-9989-D0998FE3D874} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-06-07] (COMODO)
Task: {F87C9117-EC7E-4B35-AFEE-8D089BD9ADA8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-21] (Piriform Software Ltd)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000Core.job => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3561402276-1669811274-1820601791-1000UA.job => C:\Users\Utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

Shortcut: C:\Users\Public\Desktop\Complete Installation of Lexmark 3600-4600 Series.LNK -> hxxp:\\www.lexmark.com\MD

==================== Modules chargés (Avec liste blanche) ==============

2019-01-06 19:44 - 2019-01-06 19:44 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-06 19:44 - 2019-01-06 19:44 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-06 19:44 - 2019-01-06 19:44 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-06 19:44 - 2019-01-06 19:44 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-22 16:51 - 2019-01-22 16:51 - 006937744 _____ () C:\Program Files\AVAST Software\Avast\defs\19012204\algo64.dll
2012-11-03 16:18 - 2009-10-16 17:12 - 000177664 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdxdrpp.dll
2015-01-06 16:35 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2019-01-21 21:21 - 2019-01-21 21:21 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-21 21:21 - 2019-01-21 21:21 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2009-01-21 18:45 - 2009-01-21 18:45 - 001401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-10-13 17:23 - 2011-03-25 04:28 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-03 16:21 - 2010-02-04 00:27 - 000672424 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
2019-01-06 19:44 - 2019-01-06 19:44 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-12 20:49 - 2015-03-23 12:43 - 000401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2019-01-10 05:01 - 2019-01-10 05:01 - 000107712 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2018-12-14 13:31 - 2018-12-12 00:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 13:31 - 2018-12-12 00:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 001044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 000465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 001081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 000125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 20:03 - 2011-08-24 20:03 - 000206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-11-03 16:21 - 2010-02-04 00:04 - 000380928 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll
2012-11-03 16:21 - 2010-02-03 23:52 - 000589824 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll
2012-11-03 16:21 - 2010-02-03 23:52 - 000073728 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll
2012-11-03 16:21 - 2010-02-04 00:04 - 000782336 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxDRS.dll
2012-11-03 16:21 - 2010-02-04 00:05 - 000081920 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll
2012-11-03 16:21 - 2010-02-03 23:52 - 000069632 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll
2012-11-03 16:21 - 2010-02-04 00:02 - 000364544 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\iptk.dll
2012-11-03 16:21 - 2007-09-06 04:11 - 000151552 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxptp.dll
2014-12-16 16:02 - 2014-10-31 16:40 - 001498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2014-12-16 16:02 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2014-10-12 20:49 - 2014-03-04 06:20 - 000117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-10-12 20:49 - 2014-04-21 21:14 - 000065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll
2014-10-12 20:49 - 2014-05-06 00:39 - 000861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-10-12 20:49 - 2014-05-06 00:58 - 000015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-10-12 20:49 - 2014-05-06 05:44 - 000014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-10-12 20:49 - 2014-05-06 01:31 - 000015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-10-12 20:49 - 2014-05-06 00:38 - 000038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2011-10-13 16:38 - 2010-09-13 20:28 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\HelpPane.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\hh.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BFE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\centel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fdWCN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hhsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
 
AlternateDataStreams: C:\Windows\system32\icfupgd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetpp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetppui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtprio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itircl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\localspl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf3216.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MigAutoPlay.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT-KB890830.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrahc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ndptsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nsisvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\P2P.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\p2psvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pdh.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\plasrv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pnrpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\racpldlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\resmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rtm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rundll32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdchange.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srvsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\streamci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TabSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdc.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\themeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\traffic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wcncsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnEapAuthProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnEapPeerProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winnsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wisptis.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanhlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpnpinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshnetbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshqos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xpsrchvw.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
 
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\cic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fdWCN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hh.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hhsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iprtprio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\itircl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\itss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf3216.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MigAutoPlay.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msexch40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msexcl40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msimg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjet40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjetoledb40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjint40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjter40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjtes40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msltus40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mspbde40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrd2x40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrd3x40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrepl40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstext40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswdat10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswstr10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxbde40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ndptsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\P2P.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\racpldlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\resmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rtm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rundll32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdchange.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdc.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\themeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\traffic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wcncsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnEapAuthProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnEapPeerProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winnsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanhlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshqos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xpsrchvw.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\acpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\AGP440.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdk8.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdppm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswHdsKe.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswTap.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\errdev.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\exfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\farflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\fastfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fltMgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FlyUsb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidparse.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\intelppm.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\isapnp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ks.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\luafv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbae64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\MbamChameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamswissarmy.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\mpsdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msisadrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msrpc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mssmbios.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndistapi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbios.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nsiproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NV_AGP.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nwifi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pacer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\processr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdyboost.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftfslh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftplaylh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftredirlh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftvollh.sys:$CmdTcID [64]
 
AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srvnet.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\swenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\termdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ULIAGPKX.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbehci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbhub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbohci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\vdrvroot.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\videoprt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgr.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgrx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wanarp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wmiacpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\227646_6964024071_4709_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\AdwCleaner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\AdwCleaner.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\ccsetup552.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\ccsetup552.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\DSC_1719.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\HJWPL747-1-iymjto9fpu.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\HJWPL747-3-8tm8gyhmv4.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\JRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\JRT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Lettre-Annie (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\proof (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Service-Cancellation-FR.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Soren.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\TFC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\TFC.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\12227222_10153284249929072_4200517912926609568_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13624983_479999892199363_2003158930_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13633368_480904072108945_152728667_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13644232_480904062108946_1101332071_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13652456_480904082108944_1445790150_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13823433_486234614909224_983713098_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13871825_486234654909220_622643076_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14218480_10153954360549072_274147438_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14225465_10153944668259072_2864217039074824313_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14249075_10153954360434072_2064753517_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14287549_10153954360669072_556457948_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\144715.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\15073567_10154166052729072_5355811588223051121_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\15110898_918666388266228_6336666598917572651_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16466248_10154389269159072_1704001219_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\19- ATTESTATION DES SERVICES DE GARDE FOURNIS.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\20160502_Modif_nombre places subv.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\21078438_10155011744319072_6461025998085219307_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\27858317_10215487831851974_3029451992347559096_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\30092018_COMMANDE_C8E340887O80203.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\300x200_pied-main-bouche.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\4100-019-fr-cession-police.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\43204164_10156036215299072_886390862307655680_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\7. Jackson 5 - I Want You Back.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Annexe 2 Demande de modification.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ATT00006:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\AttestationFormation.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\BellPDF.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\biblio.mid:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Billie Jean.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Blocs_etudes_5227.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bloc_etudes_5357.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bonnie Tyler - I Need a Hero (Lyrics) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bordereau de paiement de la subvention pour la période terminée le 2016-09-04%2c versée le 2016-09-15 - FIPEQ-CSQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cadeau_sans_fin.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou - La chanson des couleurs (avec illustrations).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou - Les dinosaures.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou French Theme Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou- J'ai perdu mon nounours (paroles).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_ (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\carte-de-membre (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\carte-de-membre.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ccsetup545.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ccsetup545.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Certificat (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Certificat.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\CHANSON SOUVENIR paul daraiche les anges du mexique.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\China Girl - David Bowie (with lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\commentaire-ndh.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Contract_27514610.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\David Bowie - Modern Love.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dirty Dancing Soundtrack - I've Had The Time Of My Life.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\doc20170425073850.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\dpliantairmontmagny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_0970.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_1239.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_1242.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dynamite (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dynamite.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Earth, Wind & Fire - September.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\elaws_statutes_91m27_f.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Elton John - Can You Feel The Love Tonight (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\entente_services_dynamique.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Evanescence - My Immortal (Video).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Fiche embauche d%27une assistante.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Fiche suspension reconnaissance - révisé.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Firefox Installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Firefox Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\FORMATION_GENERALE.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Formulaire d%27adhésion - campagneRSG - Français.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Grille 1 an.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\grille 2 ans.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Grille 3 ans.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Générique - Clifford,le gros chien rouge.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Générique - La Maison de Mickey et la chanson -Mickey Dance-.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Harry Potter and the Sorcerer's Stone Soundtrack -19. Hedwig's Theme.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\horloge1_exercices.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\I'll Be There.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ileftmyheartinsanfran.mid:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\il_570xN.715537618_o2kw.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Immortals - Fall Out Boy (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (1).PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (2).PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Invitation Tournée BC avril 2018.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\J'ai adopté un dinosaure - Chansons d'école.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Jackson 5-Blame it on the Boogie.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - Evermore (From Beauty and the Beast) [Lyrics].mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - If I Can´t Love Her Beauty and the Beast 2017.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - When You Say You Love Me.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - You Are Loved [Don't Give Up] Official Music Video.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Justin Rêve - Générique - NICKELODEON JUNIOR.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Justin Timberlake - Can't Stop the Feeling ( Lyrics Video ) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\J`aime sa Jouer Caillou.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\L'amour a pris son temps de La guerre des tuques.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ladjectif.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_boite_aux_lettres_du_pÈre_noel.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_chauve-souris.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\La_Femme-licorne.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole (5).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole (6).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Le Festin- Camille (Ratatouille Soundtrack).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Le Roi Lion - L'histoire de la vie.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lecture_de_mots (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lecture_de_mots.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Les BB - T'es Dans La Lune.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\les_araignées.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\les_araignées.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Let's Dance with lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre de remerciement.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre-Annie (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre-Annie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_calendrier_du_pÈre_noel.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lheure_1_ (1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lheure_1_.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Life is a Highway lyrics - Rascal Flatts.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\loie.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\loie.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\London calling-The clash.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\main_pour_la_phrase (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\main_pour_la_phrase.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Mario Kart DS- Rainbow Road.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante.odt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\messenger_code_905359326236229.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\MIchael Jackson & Paul McCartney Say Say Say Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Give In To Me (lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Human Nature .mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Je Ne Veux Pas La Fin De Nous Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Man In The Mirror.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\michael-jackson-5-medley-at-motown-25-billie-jean-complete-restored.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michel Louvain - 25 ans d'amour.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michel Louvain - Sylvie (1962) [HD].mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Minions Song - YMCA - Despicable me 2.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\num (1).swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\num.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\OFFICIAL DEBUT - Fantastic Beasts and Where to Find Them - Main Titles - James Newton Howard.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\OFFICIAL Somewhere over the Rainbow - Israel IZ Kamakawiwo-ole.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Opening Theme - SPIRIT RIDING FREE.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\order-1311294-single-photos-part1of1.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Pascal DANEL Les neiges du Kilimanjaro.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\PDF_523157694_52_2018-02-19_0000000000.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Peppa Pig French Theme Song.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Petit Papa Noel.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\petit papa noël version Les Minions.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Petula Clark - Je me sens bien auprès de toi - 1963.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\proof (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\proof.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Publicite nuit de Noel.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RelevéNotes.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rl-24(2015-10)dxi.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (3).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (4).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (5).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (6).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (7).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RLZ-1.S(2017-10)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Rockwell - Somebody's Watching Me Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RptPrsNet3263_RecusInscL.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_anglais (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_anglais.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_des_complémentaires.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Shrek 2- Livin la vida loca (Eddie Murphy& Antonio).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\songci 08.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Starship - Nothing's Gonna Stop Us Now.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Surfaris - Wipe Out.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\suspension.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\tableau.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Teenage Mutant Ninja Turtles Theme.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\The Cars - You Might Think (OFFICIAL MUSIC VIDEO).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\The Champs - Tequila HQ.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\the-sound-of-silence-original-version-from-1964.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Tiësto ft. Icona Pop - Let's Go! (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Torture.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Tout à Coup, Histoire de Jouets.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TP-1026(2018-01)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Travail-de-deontologie.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\travail_ou_loisir.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TWISTEDSISTER-2003.jpg-c200:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TwistedSister-LiveAtWackenDVDandCD.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\USA for Africa - We are the World.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (2).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\You Are Not Alone Lyrics (Michael Jackson).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\~he-sound-of-silence-original-version-from-1964.tmp:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Ça va ça va - Claudio Capéo (Paroles).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Documents\Jean-Jacques Goldman - Quand La Musique Est Bonne.mp3:$CmdZnID [26]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\...\localhost -> localhost

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-13 21:34 - 2019-01-06 19:39 - 000000030 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker
HKU\S-1-5-21-3561402276-1669811274-1820601791-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu is disabled.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{70969C10-61F7-42B4-BDC8-917270BE7C33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{B13AA4C6-50D3-420B-9874-6E867BD24A1E}] => (Allow) LPort=2869
FirewallRules: [{30124E73-E94B-4911-83FC-022D4E216A5E}] => (Allow) LPort=1900
FirewallRules: [{8440651C-DF0A-4C6E-8E37-96F8593DD308}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation)
FirewallRules: [{169C2CCE-9D71-4877-AC67-F9C167B8D0F0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (Acer Incorporated)
FirewallRules: [{40568FC8-A3B6-4A37-AA7D-B5C368482A62}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink Corp.)
FirewallRules: [{384BDA83-03FC-4DA2-A2A0-C35753D2F809}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (CyberLink Corp.)
FirewallRules: [{8F3D6905-F581-4331-B6DA-913AEA8DB8F1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink)
FirewallRules: [{B2A22939-E23E-4006-9798-63D77C326712}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink)
FirewallRules: [{54DBB9B5-1C85-4D6B-883D-3563BAFA2B1F}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink)
FirewallRules: [{008DA9DB-506E-4009-B9FF-3908242C07BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{05445CCC-06E2-4E35-AD7F-BCDF5E870CCF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{23D09075-C973-43AA-858B-7A4C17A0781D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{E3DA6737-5D93-46B0-A626-6F413DA73308}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{F8C006C5-BD5A-40FC-98B3-0E3D0F6235EE}] => (Allow) C:\Windows\SysWOW64\lxdxcoms.exe ( )
FirewallRules: [{13F8D7A2-8E77-45DA-A4A7-BCEB2B5627AD}] => (Allow) C:\Windows\SysWOW64\lxdxcoms.exe ( )
FirewallRules: [{91F9A524-CBAB-489D-854F-DAA7FC3B1F86}] => (Allow) C:\Windows\System32\lxdxcoms.exe ( )
FirewallRules: [{CE244355-C11B-48CF-91EE-BC57539E4F1B}] => (Allow) C:\Windows\System32\lxdxcoms.exe ( )
FirewallRules: [{B983845B-2CE1-4F19-8E91-44AC321E0FB4}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdxpswx.exe ()
FirewallRules: [{85B68524-E70B-400E-8F9C-530793C13874}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdxpswx.exe ()
FirewallRules: [{EB0D8EE0-E5B3-4019-B922-FACF62C46601}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
FirewallRules: [{C28C110B-89D1-40A4-BEE2-01EB778D41F6}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
FirewallRules: [{2084BC90-62DF-45F4-B596-67E1BFD5E8E6}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxlscn.exe ()
FirewallRules: [{4AA0E4CD-E65C-4E7B-A5D7-40915FF8D4A3}] => (Allow) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxlscn.exe ()
FirewallRules: [TCP Query User{5AA57B40-3449-49C9-B73D-AA1CFD8C650F}C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe] => (Block) C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe ()
FirewallRules: [UDP Query User{2BF6D17C-CC83-4080-A2CB-98BE2D666B2C}C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe] => (Block) C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe ()
FirewallRules: [{90A44C2F-BADF-4E20-A83D-BA5D4F587800}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{8E1769DB-83BB-46D5-ABCA-B69BF5649CA1}] => (Allow) C:\Users\Utilisateur\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
FirewallRules: [{424DD0A4-874C-43DC-A29B-9205B2E0653C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation)
FirewallRules: [{1BC162E7-C5E3-43F1-9FAE-B174ADA7C96D}] => (Allow) C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
FirewallRules: [{A2A5435F-BB7F-4FA9-8187-41521602B5E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{C0065E6A-649F-46F0-8169-F1501363577E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{2A6962E3-D83B-4C61-B3B3-A0EA0C4A53F8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{AAFCD520-A6ED-48BE-AB7D-5DD22CDB27F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{160675F6-1373-4EAB-BA71-370D61F20663}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{41801634-31A5-44D5-9D83-04BAF777748F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{BDDBE133-5070-41B7-BDFC-61A44D99540B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{6475ED93-1E02-463F-B6DD-E15F58EF0ADA}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
FirewallRules: [{884B845A-A334-4317-A091-C9F952704072}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{CE7036EC-AA2D-454D-B71F-21082EE3F919}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Points de restauration =========================


==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (01/22/2019 04:59:45 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/22/2019 03:59:43 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/22/2019 03:43:05 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/22/2019 03:33:23 PM) (Source: MsiInstaller) (EventID: 11316) (User: AUTORITE NT)
Description: Product: Avast Update Helper -- Error 1316. Le compte spécifié existe déjà.

Error: (01/22/2019 03:32:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6471702

Error: (01/22/2019 03:32:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6471702

Error: (01/22/2019 03:32:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/22/2019 01:45:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045


Erreurs système:
=============
Error: (01/22/2019 06:47:56 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Le serveur {6D1FB6CD-9205-365A-907A-8AB76BC52400} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/22/2019 06:45:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Agent de stratégie IPsec n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (01/22/2019 06:45:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Agent de stratégie IPsec.

Error: (01/22/2019 06:24:41 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Le service Diagnostics Tracking Service ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture.

Error: (01/22/2019 06:24:08 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Le service Client de stratégie de groupe ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture.

Error: (01/21/2019 09:36:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Le serveur {995C996E-D918-4A8C-A302-45719A6F4EA7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/21/2019 09:32:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Application Virtualization Client s’est terminé de façon inattendue pour la 1ème fois.

Error: (01/21/2019 09:32:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Démarrer en clic Microsoft Office s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.


Windows Defender:
===================================
Date: 2012-09-02 20:08:03.975
Description:
L’analyse Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {CBD8C7D7-727C-4CBF-8515-C904BB8141EB}
Type de l’analyse : Logiciel anti-espion
Paramètres de l’analyse : Analyse rapide
Utilisateur : Utilisateur-PC\Utilisateur

Date: 2014-05-30 12:39:28.304
Description:
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070002
Description de l’erreur : Le fichier spécifié est introuvable.
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

Date: 2014-05-30 10:14:49.751
Description:
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070002
Description de l’erreur : Le fichier spécifié est introuvable.
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

Date: 2013-08-04 17:40:41.536
Description:
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070002
Description de l’erreur : Le fichier spécifié est introuvable.
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

CodeIntegrity:
===================================

Date: 2016-06-08 21:52:29.638
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\ComboFix\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

Date: 2016-06-08 21:52:29.466
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\ComboFix\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

Date: 2014-05-31 23:08:13.611
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Your_name\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

Date: 2014-05-31 23:08:13.502
Description:
Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Your_name\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 41%
Mémoire physique - RAM - totale: 5995.86 MB
Mémoire physique - RAM - disponible: 3536.38 MB
Mémoire virtuelle totale: 11989.86 MB
Mémoire virtuelle disponible: 7994.81 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:451.66 GB) (Free:345.53 GB) NTFS

\\?\Volume{1cd41745-766d-11e1-bfdb-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{1cd41744-766d-11e1-bfdb-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:1.79 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 37E1A04C)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.7 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    89 KB · Views: 1
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Exécuté par Utilisateur (22-01-2019 18:17:19) Run:1
Exécuté depuis C:\Users\Utilisateur\Desktop
Profils chargés: Utilisateur (Profils disponibles: Utilisateur)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Handler: WSISVCUchrome - Pas de valeur CLSID
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => -> Pas de fichier
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\HelpPane.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\hh.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BFE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\centel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fdWCN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hhsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icfupgd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetpp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetppui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtprio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itircl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\itss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\localspl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf3216.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MigAutoPlay.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mmcshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT-KB890830.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrahc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ndptsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nsisvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\P2P.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\p2psvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pdh.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\plasrv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pnrpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\racpldlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\resmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rtm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rundll32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdchange.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srvsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\streamci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TabSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdc.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\themeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\traffic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wcncsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnEapAuthProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcnEapPeerProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winnsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wisptis.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanhlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpnpinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshnetbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshqos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xpsrchvw.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\actxprxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\cic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cscdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dnscacheugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DXPTaskRingtone.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fdWCN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hh.exe:$CmdTcID [64]
 
AlternateDataStreams: C:\Windows\SysWOW64\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hhsetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iprtprio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\itircl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\itss.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf3216.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MigAutoPlay.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcndmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mmcshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msexch40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msexcl40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msimg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjet40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjetoledb40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjint40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjter40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjtes40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msltus40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mspbde40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrd2x40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrd3x40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrepl40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstext40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswdat10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswstr10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxbde40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ndptsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netbtugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\netevent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntprint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntprint.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\P2P.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pdhui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\perfmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pla.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Query.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\racpldlg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\resmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpchttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rtm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rundll32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdchange.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sscore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sysmon.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\t2embed.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\taskcomp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdc.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\themeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\traffic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wcncsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnEapAuthProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcnEapPeerProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webservices.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winnsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanhlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Wldap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshqos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsnmp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xpsrchvw.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\acpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\AGP440.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdk8.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\amdppm.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswHdsKe.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswTap.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\errdev.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\exfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\farflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\fastfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fltMgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FlyUsb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidparse.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hidusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\intelppm.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\isapnp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ks.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\luafv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbae64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\MbamChameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamswissarmy.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\mpsdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msisadrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msrpc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mssmbios.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndistapi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbios.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\netio.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nsiproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NV_AGP.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nwifi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pacer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\processr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdyboost.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftfslh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftplaylh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftredirlh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Sftvollh.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srvnet.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\swenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\termdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ULIAGPKX.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbehci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbhub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbohci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\vdrvroot.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\videoprt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgr.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\volmgrx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wanarp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wmiacpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\227646_6964024071_4709_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\AdwCleaner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\AdwCleaner.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\ccsetup552.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\ccsetup552.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\DSC_1719.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\HJWPL747-1-iymjto9fpu.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\HJWPL747-3-8tm8gyhmv4.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\JRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\JRT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Lettre-Annie (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\proof (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Service-Cancellation-FR.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\Soren.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\TFC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\TFC.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\12227222_10153284249929072_4200517912926609568_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13624983_479999892199363_2003158930_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13633368_480904072108945_152728667_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13644232_480904062108946_1101332071_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13652456_480904082108944_1445790150_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13823433_486234614909224_983713098_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\13871825_486234654909220_622643076_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14218480_10153954360549072_274147438_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14225465_10153944668259072_2864217039074824313_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14249075_10153954360434072_2064753517_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\14287549_10153954360669072_556457948_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\144715.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\15073567_10154166052729072_5355811588223051121_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\15110898_918666388266228_6336666598917572651_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\16466248_10154389269159072_1704001219_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\19- ATTESTATION DES SERVICES DE GARDE FOURNIS.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\20160502_Modif_nombre places subv.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\21078438_10155011744319072_6461025998085219307_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\27858317_10215487831851974_3029451992347559096_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\30092018_COMMANDE_C8E340887O80203.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\300x200_pied-main-bouche.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\4100-019-fr-cession-police.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\43204164_10156036215299072_886390862307655680_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\7. Jackson 5 - I Want You Back.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Annexe 2 Demande de modification.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ATT00006:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\AttestationFormation.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\BellPDF.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\biblio.mid:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Billie Jean.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Blocs_etudes_5227.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bloc_etudes_5357.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bonnie Tyler - I Need a Hero (Lyrics) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Bordereau de paiement de la subvention pour la période terminée le 2016-09-04%2c versée le 2016-09-15 - FIPEQ-CSQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cadeau_sans_fin.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou - La chanson des couleurs (avec illustrations).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou - Les dinosaures.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou French Theme Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Caillou- J'ai perdu mon nounours (paroles).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_ (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\carte-de-membre (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\carte-de-membre.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ccsetup545.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ccsetup545.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Certificat (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Certificat.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\CHANSON SOUVENIR paul daraiche les anges du mexique.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\China Girl - David Bowie (with lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\commentaire-ndh.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Contract_27514610.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\David Bowie - Modern Love.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dirty Dancing Soundtrack - I've Had The Time Of My Life.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\doc20170425073850.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\dpliantairmontmagny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_0970.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_1239.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\DSC_1242.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dynamite (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Dynamite.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Earth, Wind & Fire - September.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\elaws_statutes_91m27_f.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Elton John - Can You Feel The Love Tonight (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\entente_services_dynamique.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Evanescence - My Immortal (Video).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Fiche embauche d%27une assistante.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Fiche suspension reconnaissance - révisé.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Firefox Installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Firefox Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\FORMATION_GENERALE.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Formulaire d%27adhésion - campagneRSG - Français.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Grille 1 an.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\grille 2 ans.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Grille 3 ans.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Générique - Clifford,le gros chien rouge.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Générique - La Maison de Mickey et la chanson -Mickey Dance-.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Harry Potter and the Sorcerer's Stone Soundtrack -19. Hedwig's Theme.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\horloge1_exercices.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\I'll Be There.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ileftmyheartinsanfran.mid:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\il_570xN.715537618_o2kw.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Immortals - Fall Out Boy (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (1).PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (2).PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Invitation Tournée BC avril 2018.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\J'ai adopté un dinosaure - Chansons d'école.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Jackson 5-Blame it on the Boogie.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - Evermore (From Beauty and the Beast) [Lyrics].mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - If I Can´t Love Her Beauty and the Beast 2017.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - When You Say You Love Me.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Josh Groban - You Are Loved [Don't Give Up] Official Music Video.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Justin Rêve - Générique - NICKELODEON JUNIOR.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Justin Timberlake - Can't Stop the Feeling ( Lyrics Video ) (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\J`aime sa Jouer Caillou.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\L'amour a pris son temps de La guerre des tuques.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ladjectif.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_boite_aux_lettres_du_pÈre_noel.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_chauve-souris.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\La_Femme-licorne.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole (5).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole (6).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\la_perdriole.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Le Festin- Camille (Ratatouille Soundtrack).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Le Roi Lion - L'histoire de la vie.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lecture_de_mots (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lecture_de_mots.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Les BB - T'es Dans La Lune.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\les_araignées.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\les_araignées.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Let's Dance with lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre de remerciement.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre-Annie (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Lettre-Annie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_calendrier_du_pÈre_noel.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\le_nom_commun.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lheure_1_ (1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\lheure_1_.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Life is a Highway lyrics - Rascal Flatts.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\loie.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\loie.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\London calling-The clash.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\main_pour_la_phrase (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\main_pour_la_phrase.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Mario Kart DS- Rainbow Road.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante.odt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Message-ensignante.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\messenger_code_905359326236229.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\MIchael Jackson & Paul McCartney Say Say Say Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Give In To Me (lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Human Nature .mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Je Ne Veux Pas La Fin De Nous Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michael Jackson - Man In The Mirror.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\michael-jackson-5-medley-at-motown-25-billie-jean-complete-restored.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michel Louvain - 25 ans d'amour.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Michel Louvain - Sylvie (1962) [HD].mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Minions Song - YMCA - Despicable me 2.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\num (1).swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\num.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\OFFICIAL DEBUT - Fantastic Beasts and Where to Find Them - Main Titles - James Newton Howard.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\OFFICIAL Somewhere over the Rainbow - Israel IZ Kamakawiwo-ole.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Opening Theme - SPIRIT RIDING FREE.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\order-1311294-single-photos-part1of1.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Pascal DANEL Les neiges du Kilimanjaro.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\PDF_523157694_52_2018-02-19_0000000000.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Peppa Pig French Theme Song.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Petit Papa Noel.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\petit papa noël version Les Minions.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Petula Clark - Je me sens bien auprès de toi - 1963.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\proof (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\proof.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Publicite nuit de Noel.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RelevéNotes.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rl-24(2015-10)dxi.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (3).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (4).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (5).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (6).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (7).pdf:$CmdZnID [2
 
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RLZ-1.S(2017-10)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Rockwell - Somebody's Watching Me Lyrics.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\RptPrsNet3263_RecusInscL.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_anglais (1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_anglais.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\révision_des_complémentaires.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Shrek 2- Livin la vida loca (Eddie Murphy& Antonio).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\songci 08.swf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Starship - Nothing's Gonna Stop Us Now.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Surfaris - Wipe Out.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\suspension.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\tableau.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Teenage Mutant Ninja Turtles Theme.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\The Cars - You Might Think (OFFICIAL MUSIC VIDEO).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\The Champs - Tequila HQ.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\the-sound-of-silence-original-version-from-1964.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Tiësto ft. Icona Pop - Let's Go! (Lyrics).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Torture.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Tout à Coup, Histoire de Jouets.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TP-1026(2018-01)DXI.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Travail-de-deontologie.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\travail_ou_loisir.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TWISTEDSISTER-2003.jpg-c200:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\TwistedSister-LiveAtWackenDVDandCD.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\USA for Africa - We are the World.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (2).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\verbe_et_nom_commun.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\You Are Not Alone Lyrics (Michael Jackson).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\~he-sound-of-silence-original-version-from-1964.tmp:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Downloads\Ça va ça va - Claudio Capéo (Paroles).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Utilisateur\Documents\Jean-Jacques Goldman - Quand La Musique Est Bonne.mp3:$CmdZnID [26]

*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => supprimé(es) avec succès
HKLM\Software\Classes\PROTOCOLS\Handler\WSISVCUchrome => supprimé(es) avec succès
HKLM\System\CurrentControlSet\Services\AppMgmt => supprimé(es) avec succès
AppMgmt => service supprimé(es) avec succès
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\iSkysoftVideoConverterFileOpreation => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => non trouvé(e)
C:\Windows\avastSS.scr => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\HelpPane.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\hh.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\acmigration.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\actxprxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\adsmsext.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\adtschema.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\advapi32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\aeinv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\aelupsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\aepic.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\aitstatic.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\apisetschema.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\apphelp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\appidapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\appidcertstorecheck.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\appidpolicyconverter.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\appidsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\appinfo.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\appraiser.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\asycfilt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\atmfd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\atmlib.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\audiodg.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\AudioEng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\AUDIOKSE.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\AudioSes.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\audiosrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\auditpol.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\authui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\basecsp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\basesrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\bcdedit.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\bcrypt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\bcryptprimitives.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\BFE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\blackbox.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\catsrvut.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cdd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cdosys.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\centel.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\certcli.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\chajei.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ci.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cic.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\clfs.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\COLORCNV.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\comctl32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\CompatTelRunner.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\comsvcs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\conhost.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\consent.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\CPFilters.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\credssp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\crypt32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cryptbase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cryptnet.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cryptsp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cryptsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cryptui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cscapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\cscdll.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\csrsrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\davclnt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dciman32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\devenum.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\devinv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\diagtrack.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\diskperf.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dnsapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dnscacheugc.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dnsrslvr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\drmmgrtn.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\drmv2clt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dwmapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dwmcore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dxmasf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\DXPTaskRingtone.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dxtmsft.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\dxtrans.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\EncDec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\EncDump.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\evr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ExplorerFrame.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\fdWCN.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\FirewallAPI.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\fontsub.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\FWPUCLNT.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\FwRemoteSvr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\gdi32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\generaltel.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\gpedit.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\hal.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\hhctrl.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\hhsetup.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\hlink.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\icaapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\icfupgd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\icm32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ie4uinit.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieapfltr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\iedkcs32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieetwcollector.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieetwcollectorres.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieetwproxystub.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieframe.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\iernonce.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\iertutil.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\iesetup.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ieUnatt.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\IKEEXT.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\IMJP10.IME => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\IMJP10K.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\imkr80.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\inetcomm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\inetcpl.cpl => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\inetpp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\inetppui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\INETRES.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\input.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\inseng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\invagent.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\iprtprio.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\iprtrmgr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\itircl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\itss.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\JavaScriptCollectionAgent.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\jscript.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\jscript9.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\jscript9diag.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\jsproxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\KBDAZE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\KBDAZEL.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\kbdgeoqw.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\kerberos.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\kernel32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\KernelBase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\kmddsp.tsp => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ksproxy.ax => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ksuser.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\localspl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\logman.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\lpk.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\lsasrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\lsass.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mcmde.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mf3216.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mfds.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mferror.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mfmjpegdec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mfplat.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mfpmp.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mfps.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mfvdsp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MFWMAAEC.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MigAutoPlay.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mmc.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mmcbase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mmcndmgr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mmcshext.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MP3DMOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MP43DECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MP4SDECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MPG4DECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mprdim.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MpSigStub.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MPSSVC.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MRT-KB890830.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msaudite.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mscms.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msctf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msdxm.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msfeeds.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mshtml.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MshtmlDac.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mshtmled.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mshtmlmedia.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msiexec.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msihnd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msimg32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msimsg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msinfo32.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msmpeg2adec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MSMPEG2ENC.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msmpeg2vdec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msnetobj.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msobjs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msra.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msrahc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msrating.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msscp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MsSpellCheckingFacility.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mstscax.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msv1_0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\MSVidCtl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\mswsock.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msxml3.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msxml3r.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msxml6.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\msxml6r.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ncrypt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ncsi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ndptsp.tsp => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\netbtugc.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\netevent.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\nlaapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\nlasvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\nlsbres.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\nshwfp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\nsi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\nsisvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ntdll.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ntoskrnl.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ntprint.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ntprint.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ntvdm64.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\occache.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\oleaut32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\P2P.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\p2psvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pcadm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pcaevts.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pcalua.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pcasvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pcawrk.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pdh.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pdhui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\perfmon.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\phon.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pla.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\plasrv.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\pnrpsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\poqexec.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\profsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\qasf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\qdvd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\qintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\quartz.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Query.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\quick.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\racpldlg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rascfg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rasdiag.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rasmxs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rasser.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rdpcore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rdpcorets.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\RdpGroupPolicyExtension.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rdpudd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rdvidcrl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\relog.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\RESAMPLEDMO.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\resmon.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rpchttp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rpcrt4.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rrinstaller.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rstrui.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rtm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\rundll32.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\samlib.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\samsrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\scavengeui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\scesrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\schannel.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\schedsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\scksp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sdbinst.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sdchange.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sechost.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\seclogon.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\secur32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\services.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\setbcdlocale.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\shdocvw.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\shell32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\shimeng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\smss.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\spoolsv.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\spwmp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\srclient.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\srcore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\srvsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sscore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sspicli.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sspisrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\streamci.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\StructuredQuery.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\SysFxUI.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sysmain.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\sysmon.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\t2embed.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\TabSvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\taskcomp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\tdc.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\termsrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\themeui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\tintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\tracerpt.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\traffic.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\tsgqec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\TSpkg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\TSWbPrxy.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\typeperf.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\tzres.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ubpm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ucrtbase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\UIAnimation.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\urlmon.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\user32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\usp10.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\UtcResources.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\vbscript.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\VIDRESZR.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WcnApi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wcncsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WcnEapAuthProxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WcnEapPeerProxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WcsPlugInService.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wdc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wdi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wdigest.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\webcheck.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WebClnt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\webio.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\webservices.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wer.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\werdiagcontroller.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wermgr.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wfapigp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\win32spl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WindowsCodecs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winhttp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wininet.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winipsec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winload.efi => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winload.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winlogon.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winnsi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winresume.efi => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winresume.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WinSCard.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WinSetupUI.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\winsrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wintrust.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wisptis.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wksprt.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wkssvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wlanapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wlanhlp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wlanmsm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wlansec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wlansvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Wldap32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMADMOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMADMOE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMALFXGFXDSP.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wmdrmsdk.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wmp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMPhoto.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wmploc.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wmpmde.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMSPDMOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMSPDMOE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMVDECOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMVENCOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMVSDECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMVSENCD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WMVXENCD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wow64.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wow64cpu.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wow64win.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wpdshext.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wpnpinst.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\ws2_32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wshnetbs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wshqos.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WSManHTTPConfig.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WSManMigrationPlugin.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WsmAuto.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wsmplpxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wsmprovhost.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WsmRes.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WsmSvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\WsmWmiPl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wsnmp32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wuapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wuapp.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wuauclt.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wuaueng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wucltux.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wudriver.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wups.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wups2.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wuwebv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\wvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\xpsrchvw.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\zipfldr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\actxprxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\adsmsext.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\adtschema.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\advapi32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\apisetschema.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\apphelp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\appidapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\asycfilt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\atmfd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\atmlib.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\AudioEng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\AUDIOKSE.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\AudioSes.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\auditpol.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\authui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\basecsp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\bcrypt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\bcryptprimitives.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\blackbox.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\catsrvut.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cdosys.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\certcli.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cewmdm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\chajei.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cic.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\COLORCNV.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\comctl32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\comsvcs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\CPFilters.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\credssp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\crypt32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cryptbase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cryptnet.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cryptsp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cryptsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cryptui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cscapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\cscdll.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\davclnt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dciman32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\devenum.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\diskperf.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dnsapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dnscacheugc.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\drmmgrtn.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\drmv2clt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dwmapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dwmcore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dxmasf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\DXPTaskRingtone.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dxtmsft.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\dxtrans.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\EncDec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\evr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ExplorerFrame.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\fdWCN.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\FirewallAPI.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\FlashPlayerApp.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\fontsub.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\FWPUCLNT.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\FwRemoteSvr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\gdi32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\gpedit.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\hh.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\hhctrl.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\hhsetup.dll => ":$CmdTcID" ADS impossible à supprimer.
 
C:\Windows\SysWOW64\hlink.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\icm32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ieapfltr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\iedkcs32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ieetwproxystub.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ieframe.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\iernonce.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\iertutil.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\iesetup.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ieui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ieUnatt.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\IMJP10.IME => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\IMJP10K.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\imkr80.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\inetcomm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\inetcpl.cpl => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\INETRES.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\input.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\inseng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\instnm.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\iprtprio.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\iprtrmgr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\itircl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\itss.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\javaws.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\jscript.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\jscript9.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\jscript9diag.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\jsproxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\KBDAZE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\KBDAZEL.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\kbdgeoqw.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\kerberos.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\kernel32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\KernelBase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\kmddsp.tsp => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ksproxy.ax => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ksuser.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\logman.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\lpk.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mf3216.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mfds.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mferror.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mfmjpegdec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mfplat.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mfpmp.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mfps.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mfvdsp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MFWMAAEC.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MigAutoPlay.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mmc.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mmcbase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mmcndmgr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mmcshext.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MP3DMOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MP43DECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MP4SDECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MPG4DECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mprdim.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msaudite.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mscms.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msctf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msdxm.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msexch40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msexcl40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msfeeds.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mshtml.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MshtmlDac.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mshtmled.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mshtmlmedia.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msiexec.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msihnd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msimg32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msimsg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msinfo32.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msjet40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msjetoledb40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msjint40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msjter40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msjtes40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msltus40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msmpeg2adec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MSMPEG2ENC.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msmpeg2vdec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msnetobj.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msobjs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mspbde40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msra.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msrating.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msrd2x40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msrd3x40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msrepl40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msscp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mstext40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mstscax.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msv1_0.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\MSVidCtl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mswdat10.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mswsock.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\mswstr10.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msxbde40.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msxml3.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msxml3r.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msxml6.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\msxml6r.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ncrypt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ncsi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ndptsp.tsp => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\netbtugc.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\netevent.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\nlaapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\nlsbres.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\notepad.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\nshwfp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\nsi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ntdll.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ntkrnlpa.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ntoskrnl.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ntprint.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ntprint.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ntvdm64.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\occache.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\oleaut32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\olepro32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\P2P.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\pdh.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\pdhui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\perfmon.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\phon.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\pintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\pla.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\poqexec.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\qasf.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\qdvd.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\qedit.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\qintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\quartz.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\Query.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\quick.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\racpldlg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rascfg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rasdiag.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rasmxs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rasser.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rdpcore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rdvidcrl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\relog.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\RESAMPLEDMO.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\resmon.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rpchttp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rpcrt4.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rrinstaller.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rtm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\rundll32.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\samlib.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\scesrv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\schannel.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\scksp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\sdbinst.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\sdchange.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\sechost.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\secur32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\setup16.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\shdocvw.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\shell32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\shimeng.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\spwmp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\srclient.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\sscore.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\sspicli.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\StructuredQuery.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\sysmon.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\t2embed.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\taskcomp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\tdc.ocx => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\themeui.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\tintlgnt.ime => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\tracerpt.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\traffic.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\tsgqec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\TSpkg.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\typeperf.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\tzres.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ubpm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ucrtbase.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\UIAnimation.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\urlmon.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\user.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\user32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\usp10.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\vbscript.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\VIDRESZR.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WcnApi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wcncsvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WcnEapAuthProxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WcnEapPeerProxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WcsPlugInService.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wdc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wdi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wdigest.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\webcheck.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WebClnt.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\webio.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\webservices.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wer.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\werdiagcontroller.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wermgr.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wfapigp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\win32spl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WindowsCodecs.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\winhttp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wininet.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\winipsec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\winnsi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WinSCard.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wintrust.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wlanapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wlanhlp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wlanmsm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wlansec.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\Wldap32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMADMOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMADMOE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wmdrmsdk.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wmp.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMPhoto.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wmploc.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wmpmde.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMSPDMOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMSPDMOE.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMVDECOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMVENCOD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMVSDECD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMVSENCD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WMVXENCD.DLL => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wow32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wpdshext.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\ws2_32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wshqos.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wshrm.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WSManHTTPConfig.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WSManMigrationPlugin.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WsmAuto.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wsmplpxy.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wsmprovhost.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WsmRes.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WsmSvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\WsmWmiPl.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wsnmp32.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wuapi.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wuapp.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wudriver.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wups.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wuwebv.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\wvc.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\xpsrchvw.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\SysWOW64\zipfldr.dll => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\acpi.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\AGP440.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\amdk8.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\amdppm.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\appid.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\aswHdsKe.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\aswTap.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\bowser.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\dfsc.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\drmk.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\drmkaud.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\dxgkrnl.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\dxgmms1.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\errdev.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\exfat.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\farflt.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\fastfat.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\fltMgr.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\FlyUsb.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\FWPKCLNT.SYS => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\hidclass.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\hidparse.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\hidusb.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\http.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\intelppm.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\isapnp.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ks.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ksecdd.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ksecpkg.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\luafv.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mbae64.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mbam.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\MbamChameleon.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mbamswissarmy.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mpsdrv.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mrxdav.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mrxsmb.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mrxsmb10.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mrxsmb20.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\msisadrv.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\msrpc.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mssmbios.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\mwac.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ndis.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ndistapi.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ndproxy.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\netbios.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\netbt.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\netio.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\nsiproxy.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ntfs.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\NV_AGP.SYS => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\nwifi.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\pacer.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\pci.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\PEAuth.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\portcls.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\processr.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\rdyboost.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\Sftfslh.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\Sftplaylh.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\Sftredirlh.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\Sftvollh.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\srv.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\srv2.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\srvnet.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\swenum.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\tcpip.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\tcpipreg.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\tdx.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\termdd.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\tssecsrv.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\ULIAGPKX.SYS => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\usbehci.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\usbhub.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\usbohci.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\usbport.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\USBSTOR.SYS => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\vdrvroot.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\videoprt.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\volmgr.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\volmgrx.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\wanarp.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\wdcsam64.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Windows\system32\Drivers\wmiacpi.sys => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\227646_6964024071_4709_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\AdwCleaner.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\AdwCleaner.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\ccsetup552.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\ccsetup552.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\DSC_1719.JPG => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\FRST64.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\HJWPL747-1-iymjto9fpu.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\HJWPL747-3-8tm8gyhmv4.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\InstallSelectatrackBurner.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\jre-8u201-windows-x64.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\JRT.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\JRT.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\Lettre-Annie (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\proof (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
 
C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\RogueKiller_setup_ref3.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\Service-Cancellation-FR.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\Soren.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\TFC.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\TFC.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\WinRAS_2016.07.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Desktop\WinRAS_2016.07vf(1).zip => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\12227222_10153284249929072_4200517912926609568_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\13624983_479999892199363_2003158930_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\13633368_480904072108945_152728667_o.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\13644232_480904062108946_1101332071_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\13652456_480904082108944_1445790150_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\13823433_486234614909224_983713098_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\13871825_486234654909220_622643076_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\14218480_10153954360549072_274147438_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\14225465_10153944668259072_2864217039074824313_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\14249075_10153954360434072_2064753517_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\14287549_10153954360669072_556457948_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\144715.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\15073567_10154166052729072_5355811588223051121_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\15110898_918666388266228_6336666598917572651_o.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London) (1).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\16 Michael Jackson - The Jackson 5 Medley (Live at London).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\16466248_10154389269159072_1704001219_o.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\19- ATTESTATION DES SERVICES DE GARDE FOURNIS.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\20160502_Modif_nombre places subv.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\21078438_10155011744319072_6461025998085219307_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\27858317_10215487831851974_3029451992347559096_n.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\30092018_COMMANDE_C8E340887O80203.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\300x200_pied-main-bouche.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\4100-019-fr-cession-police.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\43204164_10156036215299072_886390862307655680_o.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\7. Jackson 5 - I Want You Back.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\adwcleaner_6.046.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Annexe 2 Demande de modification.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\ATT00006 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\AttestationFormation.JPG => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\BellPDF.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\biblio.mid => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Billie Jean.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Blocs_etudes_5227.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Bloc_etudes_5357.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Bonnie Tyler - I Need a Hero (Lyrics) (1).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Bordereau de paiement de la subvention pour la période terminée le 2016-09-04%2c versée le 2016-09-15 - FIPEQ-CSQ.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\cadeau_sans_fin.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Caillou - La chanson des couleurs (avec illustrations).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Caillou - Les dinosaures.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Caillou French Theme Lyrics.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Caillou- J'ai perdu mon nounours (paroles).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_ (1).doc => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\calou_la_tête_vide__images_.doc => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\carte-de-membre (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\carte-de-membre.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\ccsetup545.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\ccsetup545.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Certificat (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Certificat.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
"C:\Users\Utilisateur\Downloads\CHANSON SOUVENIR paul daraiche les anges du mexique.mp3" => ":$CmdZnID" ADS non trouvé(e).
C:\Users\Utilisateur\Downloads\China Girl - David Bowie (with lyrics).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\cmd_fw_installer_6113_c7.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\commentaire-ndh.doc => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Contract_27514610.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\David Bowie - Modern Love.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Dirty Dancing Soundtrack - I've Had The Time Of My Life.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\doc20170425073850.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\dpliantairmontmagny.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\DSC_0970.JPG => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\DSC_1239.JPG => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\DSC_1242.JPG => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Dynamite (1).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Dynamite.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
"C:\Users\Utilisateur\Downloads\Earth, Wind & Fire - September.mp3" => ":$CmdZnID" ADS non trouvé(e).
C:\Users\Utilisateur\Downloads\elaws_statutes_91m27_f.doc => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Elton John - Can You Feel The Love Tonight (Lyrics).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\entente_services_dynamique.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Evanescence - My Immortal (Video).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Fiche embauche d%27une assistante.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Fiche suspension reconnaissance - révisé.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Firefox Installer.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\Firefox Installer.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\FORMATION_GENERALE.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Formulaire d%27adhésion - campagneRSG - Français.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Grille 1 an.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\grille 2 ans.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Grille 3 ans.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Générique - Clifford,le gros chien rouge.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Générique - La Maison de Mickey et la chanson -Mickey Dance-.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Harry Potter and the Sorcerer's Stone Soundtrack -19. Hedwig's Theme.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\horloge1_exercices.swf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\I'll Be There.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\ileftmyheartinsanfran.mid => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\il_570xN.715537618_o2kw.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Immortals - Fall Out Boy (Lyrics).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (1).PDF => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F (2).PDF => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\IN-327-11-14_-_F.PDF => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Invitation Tournée BC avril 2018.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\J'ai adopté un dinosaure - Chansons d'école.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Jackson 5-Blame it on the Boogie.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Josh Groban - Evermore (From Beauty and the Beast) [Lyrics].mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
"C:\Users\Utilisateur\Downloads\Josh Groban - If I Can´t Love Her Beauty and the Beast 2017.mp3" => ":$CmdZnID" ADS non trouvé(e).
C:\Users\Utilisateur\Downloads\Josh Groban - When You Say You Love Me.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Josh Groban - You Are Loved [Don't Give Up] Official Music Video.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Justin Rêve - Générique - NICKELODEON JUNIOR.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Justin Timberlake - Can't Stop the Feeling ( Lyrics Video ) (1).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\J`aime sa Jouer Caillou.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\L'amour a pris son temps de La guerre des tuques.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\ladjectif.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\la_boite_aux_lettres_du_pÈre_noel.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\la_chauve-souris.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\la_création_des_oiseaux__ordre_.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\La_Femme-licorne.png => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\la_perdriole (5).docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\la_perdriole (6).docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\la_perdriole.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Le Festin- Camille (Ratatouille Soundtrack).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Le Roi Lion - L'histoire de la vie.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\lecture_de_mots (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\lecture_de_mots.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Les BB - T'es Dans La Lune.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\les_araignées.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\les_araignées.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Let's Dance with lyrics.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Lettre de remerciement.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Lettre-Annie (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Lettre-Annie.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\le_calendrier_du_pÈre_noel.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\le_nom_commun(1).docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\le_nom_commun.docx => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\le_nom_commun.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\lheure_1_ (1).docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\lheure_1_.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Life is a Highway lyrics - Rascal Flatts.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\LogiCentreMFInstall.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\loie.docx => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\loie.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\London calling-The clash.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\main_pour_la_phrase (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\main_pour_la_phrase.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Mario Kart DS- Rainbow Road.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Message-ensignante (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Message-ensignante.odt => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Message-ensignante.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\messenger_code_905359326236229.png => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\MIchael Jackson & Paul McCartney Say Say Say Lyrics.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Michael Jackson - Give In To Me (lyrics).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Michael Jackson - Human Nature .mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Michael Jackson - Je Ne Veux Pas La Fin De Nous Lyrics.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Michael Jackson - Man In The Mirror.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\michael-jackson-5-medley-at-motown-25-billie-jean-complete-restored.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Michel Louvain - 25 ans d'amour.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Michel Louvain - Sylvie (1962) [HD].mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Minions Song - YMCA - Despicable me 2.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\num (1).swf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\num.swf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\OFFICIAL DEBUT - Fantastic Beasts and Where to Find Them - Main Titles - James Newton Howard.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\OFFICIAL Somewhere over the Rainbow - Israel IZ Kamakawiwo-ole.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Opening Theme - SPIRIT RIDING FREE.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\order-1311294-single-photos-part1of1.zip => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Pascal DANEL Les neiges du Kilimanjaro.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\PDF_523157694_52_2018-02-19_0000000000.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Peppa Pig French Theme Song.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Petit Papa Noel.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\petit papa noël version Les Minions.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Petula Clark - Je me sens bien auprès de toi - 1963.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\proof (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\proof.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Publicite nuit de Noel.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RelevéNotes.JPG => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\rl-24(2015-10)dxi.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (2).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (3).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (4).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (5).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (6).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI (7).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RL-24(2017-10)DXI.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\rlz-1.s(2016-10)dxi.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RLZ-1.S(2017-10)DXI.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Rockwell - Somebody's Watching Me Lyrics.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\RptPrsNet3263_RecusInscL.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\révision_anglais (1).pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\révision_anglais.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\révision_des_complémentaires.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\ScreenConnect.Client.exe => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Shrek 2- Livin la vida loca (Eddie Murphy& Antonio).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\songci 08.swf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Starship - Nothing's Gonna Stop Us Now.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Surfaris - Wipe Out.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\suspension.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\tableau.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Teenage Mutant Ninja Turtles Theme.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\The Cars - You Might Think (OFFICIAL MUSIC VIDEO).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\The Champs - Tequila HQ.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\the-sound-of-silence-original-version-from-1964.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Tiësto ft. Icona Pop - Let's Go! (Lyrics).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Torture.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Tout à Coup, Histoire de Jouets.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\TP-1026(2018-01)DXI.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Travail-de-deontologie.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\travail_ou_loisir.pdf => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\TWISTEDSISTER-2003.jpg-c200 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\TwistedSister-LiveAtWackenDVDandCD.jpg => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\USA for Africa - We are the World.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (1).docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\verbe_et_nom_commun (2).docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\verbe_et_nom_commun.docx => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip => ":$CmdTcID" ADS impossible à supprimer.
C:\Users\Utilisateur\Downloads\WinRAS_2017.01vf.zip => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\You Are Not Alone Lyrics (Michael Jackson).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\~he-sound-of-silence-original-version-from-1964.tmp => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Downloads\Ça va ça va - Claudio Capéo (Paroles).mp3 => ":$CmdZnID" ADS supprimé(es) avec succès
C:\Users\Utilisateur\Documents\Jean-Jacques Goldman - Quand La Musique Est Bonne.mp3 => ":$CmdZnID" ADS supprimé(es) avec succès

==== Fin de Fixlog 18:17:29 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avast Antivirus
Malwarebytes
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 32.0.0.114
Mozilla Firefox (56.0)
Google Chrome (71.0.3578.98)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Comodo Firewall cmdagent.exe
Malwarebytes Anti-Malware mbamtray.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Browser Update 1.4.136.333\AvastBrowserCrashHandler.exe
AVAST Software Avast aswidsagent.exe
AVAST Software Browser Update 1.4.136.333\AvastBrowserCrashHandler64.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
796
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back