Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivní kontrola logu
Dobrý den, prosím o preventivní kontrolu logu.
- Přílohy
-
- LOG.rar
- (31.77 KiB) Staženo 113 x
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola logu
Před vyčištěním se počítač restartoval. Můžu se zeptat, jestli je nějaká infekce? Přihlašoval jsem se na Steam, tak jen ať vím, že se nemusím bát 
# AdwCleaner v6.000 - Logfile created 18/08/2016 at 23:28:30
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-18.2 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Admin - ZALMANR1
# Running from : C:\Users\Admin\Desktop\adwcleaner_6.000.exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [891 Bytes] - [18/08/2016 23:28:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1109 Bytes] ##########
# AdwCleaner v6.000 - Logfile created 18/08/2016 at 23:28:30
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-18.2 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Admin - ZALMANR1
# Running from : C:\Users\Admin\Desktop\adwcleaner_6.000.exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [891 Bytes] - [18/08/2016 23:28:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1109 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola logu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 efavdrv; \??\C:\WINDOWS\system32\drivers\efavdrv.sys [X]
C:\WINDOWS\system32\F76D.tmp
C:\WINDOWS\system32\2DAB.tmp
C:\WINDOWS\system32\SET660B.tmp
C:\WINDOWS\SysWOW64\SET7FA6.tmp
C:\WINDOWS\SysWOW64\SETBC6F.tmp
C:\WINDOWS\system32\SET98E5.tmp
C:\WINDOWS\SysWOW64\SET7A16.tmp
C:\WINDOWS\SysWOW64\SETBBA2.tmp
C:\WINDOWS\SysWOW64\SET8637.tmp
C:\WINDOWS\system32\SET99D3.tmp
C:\WINDOWS\SysWOW64\SET9BF9.tmp
C:\WINDOWS\system32\SETBE0D.tmp
C:\WINDOWS\system32\Drivers\SET62DA.tmp
C:\WINDOWS\system32\Drivers\SET9884.tmp
C:\WINDOWS\system32\SET788D.tmp
C:\Users\Admin\AppData\Local\Temp
C:\ProgramData\DP45977C.lfl
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\WINDOWS\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmcl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdoclvp9lib64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdvlk64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amfrt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AppXApplicabilityBlob.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CastLaunch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakradiag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Chakrathunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudExperienceHostUser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin95ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin95itp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_16.30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C_G18030.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\c_GSM7.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C_IS2022.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\delegatorprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dgtrayicon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DscCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DscCoreConfProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\encapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GameManager64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\hvax64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvix64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\kdhvcom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MusNotification.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MusUpdateHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NFCProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\provdatastore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provtool.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shutdownux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi_passthru.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usocore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-17-0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wincorlib.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Editing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuuhext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanprotdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aclui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmcl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdvlk32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amfrt32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakrathunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\C_G18030.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\c_GSM7.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\C_IS2022.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\delegatorprovider.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DscCoreConfProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\encapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GameManager32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi_passthru.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-17-0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\win32kfull.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ClipSp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ggflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ggsomc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hvservice.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandbus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lganddiag64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandgps64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetbus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag264.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetgps64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64diag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64gps.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nuidfltr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cr.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016unic.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ebus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ecm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ecmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3emgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3eobex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ewh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ewhnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xinputhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Crysis3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\metro.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe:$CmdZnID [29]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
ResetHosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Admin (12-09-2016 01:22:34) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Baruška)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 efavdrv; \??\C:\WINDOWS\system32\drivers\efavdrv.sys [X]
C:\WINDOWS\system32\F76D.tmp
C:\WINDOWS\system32\2DAB.tmp
C:\WINDOWS\system32\SET660B.tmp
C:\WINDOWS\SysWOW64\SET7FA6.tmp
C:\WINDOWS\SysWOW64\SETBC6F.tmp
C:\WINDOWS\system32\SET98E5.tmp
C:\WINDOWS\SysWOW64\SET7A16.tmp
C:\WINDOWS\SysWOW64\SETBBA2.tmp
C:\WINDOWS\SysWOW64\SET8637.tmp
C:\WINDOWS\system32\SET99D3.tmp
C:\WINDOWS\SysWOW64\SET9BF9.tmp
C:\WINDOWS\system32\SETBE0D.tmp
C:\WINDOWS\system32\Drivers\SET62DA.tmp
C:\WINDOWS\system32\Drivers\SET9884.tmp
C:\WINDOWS\system32\SET788D.tmp
C:\Users\Admin\AppData\Local\Temp
C:\ProgramData\DP45977C.lfl
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\WINDOWS\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmcl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdoclvp9lib64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdvlk64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amfrt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AppXApplicabilityBlob.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CastLaunch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakradiag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Chakrathunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudExperienceHostUser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin95ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin95itp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_16.30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C_G18030.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\c_GSM7.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C_IS2022.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\delegatorprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dgtrayicon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DscCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DscCoreConfProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\encapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GameManager64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\hvax64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvix64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\kdhvcom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MusNotification.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MusUpdateHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NFCProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\provdatastore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provtool.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shutdownux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi_passthru.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usocore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-17-0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wincorlib.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Editing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuuhext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanprotdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aclui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmcl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdvlk32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amfrt32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakrathunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\C_G18030.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\c_GSM7.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\C_IS2022.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\delegatorprovider.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DscCoreConfProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\encapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GameManager32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi_passthru.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-17-0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\win32kfull.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ClipSp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ggflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ggsomc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hvservice.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandbus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lganddiag64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandgps64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetbus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag264.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetgps64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64diag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64gps.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nuidfltr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cr.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016unic.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ebus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ecm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ecmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3emgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3eobex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ewh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ewhnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xinputhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Crysis3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\metro.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe:$CmdZnID [29]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
ResetHosts:
End
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
efavdrv => service removed successfully
C:\WINDOWS\system32\F76D.tmp => moved successfully
C:\WINDOWS\system32\2DAB.tmp => moved successfully
C:\WINDOWS\system32\SET660B.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET7FA6.tmp => moved successfully
C:\WINDOWS\SysWOW64\SETBC6F.tmp => moved successfully
C:\WINDOWS\system32\SET98E5.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET7A16.tmp => moved successfully
C:\WINDOWS\SysWOW64\SETBBA2.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET8637.tmp => moved successfully
C:\WINDOWS\system32\SET99D3.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET9BF9.tmp => moved successfully
C:\WINDOWS\system32\SETBE0D.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET62DA.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET9884.tmp => moved successfully
C:\WINDOWS\system32\SET788D.tmp => moved successfully
"C:\Users\Admin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Admin\AppData\Local\Temp" => Scheduled to move on reboot.
C:\ProgramData\DP45977C.lfl => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\WINDOWS\system32\aclui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdave64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdgfxinfo64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdhcp64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdhdl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdlvr64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmantle64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmcl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmiracast.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmmcl6.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdocl12cl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdoclvp9lib64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdpcom64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdvlk64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdxc64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amfrt64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXApplicabilityBlob.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXDeploymentServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiadlxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiapfxx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticalcl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticaldd64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticalrt64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticfx64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atidemgy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atidxx64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atieah64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atieclxx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiesrxx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atig6pxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atig6txx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiglpxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atimpc64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atimuixx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atio6axx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ATIODCLI.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ATIODE.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atisamu64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atitmm64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiu9p64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiumd64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiumd6a.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiuxp64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AudioSes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\audiosrv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\bcastdvr.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CastLaunch.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\cdd.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Chakra.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Chakradiag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Chakrathunk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\clinfo.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ClipboardServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ClipUp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CloudExperienceHostUser.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\clusapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\coin95ip.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\coin95itp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\coinst_16.30.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\combase.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CredProvDataModel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\C_G18030.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\c_GSM7.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\C_IS2022.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\D3D12.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\delegatorprovider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\detoured.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dgtrayicon.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DscCore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DscCoreConfProv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dwmcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\edgehtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\encapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\facecredentialprovider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\FrameServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\FSClient.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\fveapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\fveapibase.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\GameManager64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\GamePanel.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hsa-thunk64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvax64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvix64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvloader.efi" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvloader.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\indexeddbserver.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\InstallAgent.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\InstallAgentUserBroker.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\kdhvcom.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\KnobsCore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\KnobsCsp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\LicenseManager.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\LicenseManagerSvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mantle64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mantleaxl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MCRecvSrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfksproxy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfnetcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfnetsrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfps.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfsensorgroup.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mispace.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\msctf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mshtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mstsc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MusNotification.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MusUpdateHandlers.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\NetworkMobileSettings.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\NFCProvisioningPlugin.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ntdll.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ntoskrnl.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\OpenCL.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provdatastore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provengine.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provhandlers.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provisioningcsp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provops.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ProvPluginEng.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provtool.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\schannel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SettingsHandlers_nt.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\shell32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\shutdownux.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\smphost.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\storagewmi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\storagewmi_passthru.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\StoreAgent.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\twinui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\updatepolicy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\usocore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\vulkaninfo-1-1-0-17-0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\vulkaninfo.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WdfCoInstaller01009.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WdfCoInstaller01011.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\win32kfull.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wincorlib.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Audio.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Editing.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Speech.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\windows.storage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Logon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Search.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winload.efi" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winload.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winresume.efi" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winresume.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WinTypes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wsp_fs.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wsp_health.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wuauclt.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wuaueng.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wups2.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wuuhext.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WWAHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wwanprotdim.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wwansvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\XblAuthManager.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aclui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdave32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdgfxinfo32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdhcp32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdhdl32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdlvr32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdmantle32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdmcl32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdmmcl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdocl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdocl12cl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdpcom32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdvlk32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdxc32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amfrt32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiadlxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiadlxy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticalcl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticaldd.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticalrt.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticfx32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atidxx32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atieah32.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atigktxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiglpxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atimpc32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atioglxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atisamu32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiu9pag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiumdag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiumdva.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiuxpag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\AudioSes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\bcastdvr.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\BcastDVRHelper.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Chakra.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Chakradiag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Chakrathunk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ClipboardServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\clusapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\combase.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\CredProvDataModel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\C_G18030.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\c_GSM7.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\C_IS2022.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\D3D12.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\delegatorprovider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\detoured.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\DscCoreConfProv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\dwmcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\edgehtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\encapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\FlashPlayerApp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\FSClient.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\GameManager32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\GamePanel.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\hsa-thunk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\indexeddbserver.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\InstallAgent.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\LicenseManager.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mantle32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mantleaxl32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\MCRecvSrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfksproxy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfnetcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfnetsrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfps.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfsensorgroup.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mispace.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\msctf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mshtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mstsc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ntdll.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\OpenCL.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\schannel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\shell32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\smphost.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\storagewmi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\storagewmi_passthru.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\StoreAgent.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\twinui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\updatepolicy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-17-0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\vulkaninfo.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\win32kfull.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wincorlib.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\windows.storage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\WinTypes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wsp_fs.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wsp_health.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\WWAHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\amdacpksd.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ati2erec.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\atikmdag.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\atikmpag.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ClipSp.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\dxgkrnl.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\dxgmms1.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\dxgmms2.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ggflt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ggsomc.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\hvservice.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandbus64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lganddiag64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandgps64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetbus64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetdiag264.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetgps64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgx64bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgx64diag.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgx64gps.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ntfs.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\nuidfltr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\pdc.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ebus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ecm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ecmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3emgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3eobex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ewh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ewhnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ssudbus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\tcpip.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\xinputhid.sys" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\Desktop\Crysis3.exe" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\Desktop\FRST64.exe" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\Desktop\metro.exe" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Desktop\OOSU10.exe => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Desktop\procexp.exe" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Desktop\procexp.exe => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe => ":$CmdZnID" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-09-2016 01:23:57)
C:\Users\Admin\AppData\Local\Temp => moved successfully
==== End of Fixlog 01:23:58 ====
Ran by Admin (12-09-2016 01:22:34) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Baruška)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 efavdrv; \??\C:\WINDOWS\system32\drivers\efavdrv.sys [X]
C:\WINDOWS\system32\F76D.tmp
C:\WINDOWS\system32\2DAB.tmp
C:\WINDOWS\system32\SET660B.tmp
C:\WINDOWS\SysWOW64\SET7FA6.tmp
C:\WINDOWS\SysWOW64\SETBC6F.tmp
C:\WINDOWS\system32\SET98E5.tmp
C:\WINDOWS\SysWOW64\SET7A16.tmp
C:\WINDOWS\SysWOW64\SETBBA2.tmp
C:\WINDOWS\SysWOW64\SET8637.tmp
C:\WINDOWS\system32\SET99D3.tmp
C:\WINDOWS\SysWOW64\SET9BF9.tmp
C:\WINDOWS\system32\SETBE0D.tmp
C:\WINDOWS\system32\Drivers\SET62DA.tmp
C:\WINDOWS\system32\Drivers\SET9884.tmp
C:\WINDOWS\system32\SET788D.tmp
C:\Users\Admin\AppData\Local\Temp
C:\ProgramData\DP45977C.lfl
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\WINDOWS\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmcl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdoclvp9lib64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdvlk64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amfrt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AppXApplicabilityBlob.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CastLaunch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakradiag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Chakrathunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudExperienceHostUser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin95ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin95itp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_16.30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C_G18030.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\c_GSM7.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C_IS2022.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\delegatorprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dgtrayicon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DscCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DscCoreConfProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\encapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GameManager64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\hvax64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvix64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\kdhvcom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MusNotification.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MusUpdateHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NFCProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\provdatastore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provtool.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shutdownux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi_passthru.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usocore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-17-0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wincorlib.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Editing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuuhext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanprotdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aclui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmcl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdvlk32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amfrt32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakrathunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\C_G18030.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\c_GSM7.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\C_IS2022.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\delegatorprovider.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DscCoreConfProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\encapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GameManager32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi_passthru.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\StoreAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\updatepolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-17-0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\win32kfull.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinTypes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\a016whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ClipSp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ggflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ggsomc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hvservice.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandbus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lganddiag64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandgps64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetbus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag264.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetgps64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64diag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgx64gps.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nuidfltr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016cr.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016unic.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0016whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s0017whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1018whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1029whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039cr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039unic.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s1039whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916bus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916cm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916cmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916mgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916obex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916wh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\s916whnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ebus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ecm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ecmnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3emgmt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3eobex.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ewh.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\se3ewhnt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpip.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xinputhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Crysis3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\metro.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe:$CmdZnID [29]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
ResetHosts:
End
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
efavdrv => service removed successfully
C:\WINDOWS\system32\F76D.tmp => moved successfully
C:\WINDOWS\system32\2DAB.tmp => moved successfully
C:\WINDOWS\system32\SET660B.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET7FA6.tmp => moved successfully
C:\WINDOWS\SysWOW64\SETBC6F.tmp => moved successfully
C:\WINDOWS\system32\SET98E5.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET7A16.tmp => moved successfully
C:\WINDOWS\SysWOW64\SETBBA2.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET8637.tmp => moved successfully
C:\WINDOWS\system32\SET99D3.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET9BF9.tmp => moved successfully
C:\WINDOWS\system32\SETBE0D.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET62DA.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET9884.tmp => moved successfully
C:\WINDOWS\system32\SET788D.tmp => moved successfully
"C:\Users\Admin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Admin\AppData\Local\Temp" => Scheduled to move on reboot.
C:\ProgramData\DP45977C.lfl => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\WINDOWS\system32\aclui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdave64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdgfxinfo64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdhcp64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdhdl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdlvr64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmantle64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmcl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmiracast.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdmmcl6.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdocl12cl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdoclvp9lib64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdpcom64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdvlk64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amdxc64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\amfrt64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXApplicabilityBlob.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AppXDeploymentServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiadlxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiapfxx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticalcl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticaldd64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticalrt64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\aticfx64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atidemgy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atidxx64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atieah64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atieclxx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiesrxx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atig6pxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atig6txx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiglpxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atimpc64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atimuixx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atio6axx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ATIODCLI.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ATIODE.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atisamu64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atitmm64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiu9p64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiumd64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiumd6a.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\atiuxp64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AudioSes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\audiosrv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\bcastdvr.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CastLaunch.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\cdd.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Chakra.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Chakradiag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Chakrathunk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\clinfo.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ClipboardServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ClipUp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CloudExperienceHostUser.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\clusapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\coin95ip.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\coin95itp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\coinst_16.30.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\combase.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CredProvDataModel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\C_G18030.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\c_GSM7.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\C_IS2022.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\D3D12.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\delegatorprovider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\detoured.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dgtrayicon.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DscCore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DscCoreConfProv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dwmcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\edgehtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\encapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\facecredentialprovider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\FrameServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\FSClient.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\fveapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\fveapibase.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\GameManager64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\GamePanel.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hsa-thunk64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvax64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvix64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvloader.efi" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\hvloader.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\indexeddbserver.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\InstallAgent.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\InstallAgentUserBroker.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\kdhvcom.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\KnobsCore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\KnobsCsp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\LicenseManager.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\LicenseManagerSvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mantle64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mantleaxl64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MCRecvSrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfksproxy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfnetcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfnetsrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfps.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfsensorgroup.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mispace.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\msctf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mshtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mstsc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MusNotification.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MusUpdateHandlers.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\NetworkMobileSettings.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\NFCProvisioningPlugin.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ntdll.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ntoskrnl.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\OpenCL.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provdatastore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provengine.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provhandlers.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provisioningcsp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provops.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ProvPluginEng.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\provtool.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\schannel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SettingsHandlers_nt.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\shell32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\shutdownux.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\smphost.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\storagewmi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\storagewmi_passthru.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\StoreAgent.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\twinui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\updatepolicy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\usocore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\vulkaninfo-1-1-0-17-0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\vulkaninfo.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WdfCoInstaller01009.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WdfCoInstaller01011.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\win32kfull.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wincorlib.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Audio.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Editing.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Speech.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\windows.storage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Logon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Search.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winload.efi" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winload.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winresume.efi" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winresume.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WinTypes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wsp_fs.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wsp_health.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wuauclt.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wuaueng.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wups2.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wuuhext.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WWAHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wwanprotdim.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wwansvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\XblAuthManager.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aclui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdave32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdgfxinfo32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdhcp32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdhdl32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdlvr32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdmantle32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdmcl32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdmmcl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdocl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdocl12cl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdpcom32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdvlk32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amdxc32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\amfrt32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiadlxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiadlxy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticalcl.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticaldd.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticalrt.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\aticfx32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atidxx32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atieah32.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atigktxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiglpxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atimpc32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atioglxx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atisamu32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiu9pag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiumdag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiumdva.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\atiuxpag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\AudioSes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\bcastdvr.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\BcastDVRHelper.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Chakra.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Chakradiag.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Chakrathunk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ClipboardServer.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\clusapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\combase.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\CredProvDataModel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\C_G18030.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\c_GSM7.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\C_IS2022.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\D3D12.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\delegatorprovider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\detoured.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\DscCoreConfProv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\dwmcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\edgehtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\encapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\FlashPlayerApp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\FSClient.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\GameManager32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\GamePanel.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\hsa-thunk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\indexeddbserver.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\InstallAgent.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\LicenseManager.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mantle32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mantleaxl32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\MCRecvSrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfksproxy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfnetcore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfnetsrc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfps.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfsensorgroup.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mispace.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\msctf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mshtml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mstsc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ntdll.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\OpenCL.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\schannel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\shell32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\smphost.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\storagewmi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\storagewmi_passthru.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\StoreAgent.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\twinui.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\updatepolicy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-17-0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\vulkaninfo.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\win32kfull.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wincorlib.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\windows.storage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\WinTypes.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wsp_fs.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wsp_health.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\WWAHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\a016whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\amdacpksd.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ati2erec.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\atikmdag.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\atikmpag.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ClipSp.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\dxgkrnl.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\dxgmms1.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\dxgmms2.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ggflt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ggsomc.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\hvservice.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandbus64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lganddiag64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandgps64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetbus64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetdiag264.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgandnetgps64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgx64bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgx64diag.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\lgx64gps.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ntfs.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\nuidfltr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\pdc.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0016whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s0017whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1018whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1029whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039cr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039unic.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s1039whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916bus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916cm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916cmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916mgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916obex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916wh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\s916whnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ebus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ecm.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ecmnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3emgmt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3eobex.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ewh.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\se3ewhnt.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ssudbus.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\tcpip.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\xinputhid.sys" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\Desktop\Crysis3.exe" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\Desktop\FRST64.exe" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\Desktop\metro.exe" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Desktop\OOSU10.exe => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Desktop\procexp.exe" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Desktop\procexp.exe => ":$CmdZnID" ADS removed successfully.
"C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe" => ":$CmdTcID" ADS not found.
C:\Users\Admin\Desktop\Zemana.AntiMalware.Portable.exe => ":$CmdZnID" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-09-2016 01:23:57)
C:\Users\Admin\AppData\Local\Temp => moved successfully
==== End of Fixlog 01:23:58 ====
Re: Preventivní kontrola logu
Všiml jsem si, že nálezů bylo více, může se zeptat, o co se jednalo ? Infekce?
? Infekce?-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola logu
ADW smazal AdWary a dočištění FRST převážně zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola logu
Děkuji. Takže nic "hrozného," jestli to chápu dobřeRudy píše:ADW smazal AdWary a dočištění FRST převážně zbytečnosti.
Je to všechno, nebo je ještě něco potřeba?-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola logu
Není zač! Běžné šmejdíky. Pokud není jiný problém, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?