risolto Possibile virus?

[mom26gr8kids]

Da quando ho recentemente acquistato un nuovo computer, mi sto preparando a spostare il mio vecchio laptop con mia figlia. Circa 3 settimane fa l'aggiornamento di Windows ha causato alcuni errori su questo laptop. È rimasto bloccato per 3 o 4 giorni in modalità di riparazione automatica e ha provato molto a riavviarlo. Ero sicuro che non sarebbe successo e poi improvvisamente ha ricominciato a funzionare. Anche se da allora questo laptop ha funzionato lentamente con molti problemi. Le mie scansioni antivirus non mostrano nulla, ma volevo eseguire altre scansioni per vedere se c'era qualcosa che mancava al mio software antivirus. Ecco le scansioni FRST:

Risultato della scansione di Farbar Recovery Scan Tool (FRST) (x64) Versione: 17-09-2017 01
Gestito da songe_000 (amministratore) su MOMSPC (17-09-2017 15:57:08)
Esegui da C: \ Users \ songe_000 \ Downloads
Profili installati: songe_000 (Profili disponibili: songe_000)
Piattaforma: Windows 10 Home versione 1607 (X64) Lingua: inglese (USA)
Internet Explorer Ver.11 (browser predefinito: Edge)
Modalità di avvio: normale
Tutorial sullo strumento di scansione di ripristino Farbar:

==================== Processi (autorizzati) =================

(Se viene aggiunta una voce all'elenco delle correzioni, il processo viene chiuso. Il file non viene spostato.)

(Intel Corporation) C: \ Windows \ System32 \ igfxCUIService.exe
(Intel (R) Corporation) C: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe
(Apple Inc.) C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe
(SUPERAntiSpyware.com) C: \ Programmi \ SUPERAntiSpyware \ DESKTOP.EXE
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Launch Manager \ LMSvc.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ CCDMonitorService.exe
() C: \ Programmi (x86) \ CyberLink \ Shared files \ RichVideo.exe
(Soluto) C: \ Programmi \ Soluto \ SolutoLauncherService.exe
(COMODO) C: \ Programmi (x86) \ COMODO \ Internet Security Essentials \ isesrv.exe
(Acer Incorporated) C: \ Program Dosyaları \ Acer \ Acer Touch Tools \ TouchToolsLaunchSvc.exe
(Apple Inc.) C: \ Programmi \ Bonjour \ mDNSResponder.exe
(Soluto) C: \ Programmi \ Soluto \ SolutoService.exe
(Microsoft Corporation) C: \ Windows \ Microsoft.NET \ Framework64 \ v3.0 \ WPF \ PresentationFontCache.exe
(Soluto) C: \ Programmi \ Soluto \ Soluto.exe
(Microsoft Corporation) C: \ Program Files \ Microsoft Mouse and Keyboard Center \ ipoint.exe
(Microsoft Corporation) C: \ Program Files \ Microsoft Mouse and Keyboard Center \ itype.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxEM.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxHK.exe
() C: \ Windows \ System32 \ igfxTray.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Launch Manager \ LMEvent.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Launch Manager \ LMTray.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Quick Access \ QASvc.exe
(Acer Incorporated) C: \ Programmi \ Acer \ Acer Power Management \ ePowerSvc.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Quick Access \ QAEvent.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Quick Access \ QAMsg.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cis.exe
(Acer Incorporate) C: \ Program Dosyaları \ Acer \ Acer Quick Access \ QuickAccess.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVCpl64.exe
(Apple Inc.) C: \ Programmi \ iTunes \ iTunesHelper.exe
(Spotify Ltd) C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ SpotifyWebHelper.exe
(SUPERAntiSpyware) C: \ Programmi \ SUPERAntiSpyware \ SUPERANTISPYWARE.EXE
(Hewlett-Packard Co.) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ ScanToPCActivationApp.exe
(Apple Inc.) C: \ Programmi (x86) \ Common Files \ Apple \ Internet Services \ iCloudServices.exe
(Apple Inc.) C: \ Programmi (x86) \ Common Files \ Apple \ Internet Services \ ApplePhotoStreams.exe
(Spotify Ltd) C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ Spotify.exe
(Amazon Services LLC) C: \ Kullanıcılar \ songe_000 \ AppData \ Local \ Amazon Music \ Amazon Music Helper.exe
(Apple Inc.) C: \ Program Files \ iPod \ bin \ iPodService.exe
(Hewlett-Packard) C: \ Programmi (x86) \ Hp \ HP Software Update \ hpwuschd2.exe
(CompSoft) C: \ Programmi (x86) \ DoroPDFWriter \ DoroServer.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ BackgroundAgent.exe
() C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoaderMonitor.exe
(COMODO) C: \ Programmi (x86) \ COMODO \ Internet Security Essentials \ vkise.exe
(Tecnologia cloud Acer) C: \ Programmi (x86) \ Acer \ AOP Framework \ acer \ ccd.exe
(Acer) C: \ Programmi (x86) \ Acer \ Acer Portal \ AcerPortal.exe
(Apple Inc.) C: \ Programmi (x86) \ Common Files \ Apple \ Apple Application Support \ APSDaemon.exe
(Spotify Ltd) C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ Spotify.exe
(AZIONI: <Şirket adı>) C: \ Programmi (x86) \ WildTangent Games \ App \ GamesAppIntegrationService.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ LMS.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ GestureDetection.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ Launch Screen Grasp.exe
(Microsoft Corporation) C: \ Windows \ System32 \ rundll32.exe
(Nero AG) C: \ Programmi (x86) \ Nero \ Update \ NASvc.exe
(acer) C: \ Program Files \ Acer \ User Experience Improvement Program \ Framework \ UBTService.exe
(Intel Corporation) C: \ Windows \ SysWOW64 \ IntelCpHeciSvc.exe
(Microsoft Corporation) C: \ Programmi \ File comuni \ microsoft shared \ ClickToRun \ OfficeClickToRun.exe
(Microsoft Corporation) C: \ Programmi \ File comuni \ microsoft shared \ ClickToRun \ AppVShNotify.exe
(Adobe Systems Incorporated) C: \ Program Dosyaları (x86) \ Adobe \ Acrobat Reader DC \ Reader \ AcroRd32.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdagent.exe
(Microsoft Corporation) C: \ Program Dosyaları \ WindowsApps \ Microsoft.Office.OneNote_17.8568.57561.0_x64__8wekyb3d8bbwe \ onenoteim.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cavwp.exe
(Microsoft Corporation) C: \ Windows \ System32 \ smartscreen.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdvirth.exe
(Microsoft Corporation) C: \ Windows \ System32 \ dllhost.exe

==================== Registrazione (whitelist) ====================

(Se una voce viene aggiunta all'elenco delle correzioni, l'elemento del registro viene ripristinato al valore predefinito o rimosso. Il file non viene spostato.)

HKLM \ ... \ Run: [RTHDVCPL] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM \ ... \ Run: [COMODO AutoStart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C: \ Program Files \ COMODO \ COMODO Internet Security \ cistray.exe [1489088 2017-08-28] ( COMODO)
HKLM \ ... \ Run: [iTunesHelper] => C: \ Programmi \ iTunes \ iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32 \ ... \ Run: [HP Software Update] => C: \ Program Files (x86) \ Hp \ HP Software Update \ HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32 \ ... \ Run: [DoroServer] => C: \ Program Files (x86) \ DoroPDFWriter \ DoroServer.exe [204800 2014-12-19] (CompSoft)
HKLM-x32 \ ... \ Run: [abDocsDllLoader] => C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoader.exe [91488 2016-08-15] ()
HKLM-x32 \ ... \ Run: [QuickTime Task] => C: \ Programmi (x86) \ QuickTime \ QTTask.exe [421888 2015-11-18] (Apple Inc.)
HKLM-x32 \ ... \ Run: [Aimersoft Helper Compact.exe] => C: \ Programmi (x86) \ Common Files \ Aimersoft \ Aimersoft Helper Compact \ ASHelper.exe [1667072 2012-02-28] (AimerSoft )
HKLM-x32 \ ... \ Run: [IseUI] => C: \ Program Dosyaları (x86) \ COMODO \ Internet Security Essentials \ vkise.exe [3632848 2017-08-07] (COMODO)
HKLM \ ... \ Winlogon: [Userinit] c: \ windows \ system32 \ userinit.exe, c: \ program files \ soluto \ soluto.exe / userinit
HKLM \ ... \ Policies \ Explorer \ Run: [BtvStack] => C: \ Program Dosyaları (x86) \ Qualcomm Atheros \ Bluetooth Suite \ BtvStack.exe
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [Spotify Web Helper] => C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ SpotifyWebHelper.exe [1444976 2016 -12-21] (Spotify Ltd)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [AviraSpeedup] => "C: \ Programmi (x86) \ Avira \ AviraSpeedup \ avira_system_speedup.exe" -autorun
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [SUPERAntiSpyware] => C: \ Programmi \ SUPERAntiSpyware \ SUPERAntiSpyware.exe [7964064 2017-08-28] (SUPERAntiSpyware .EXE)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [HP Officejet 6700 (NET)] => C: \ Program Files \ HP \ HP Officejet 6700 \ Bin \ ScanToPCActivationApp. exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [iCloudServices] => C: \ Program Files (x86) \ Common Files \ Apple \ Internet Services \ iCloudServices.exe [ 67384 09/05/2017] (Apple Inc.)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [ApplePhotoStreams] => C: \ Program Files (x86) \ Common Files \ Apple \ Internet Services \ ApplePhotoStreams.exe [ 67896 2017/05/09] (Apple Inc.)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [Spotify] => C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ Spotify.exe [7153264 2016-12 -21) (Spotify Ltd)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [Amazon Music] => C: \ Users \ songe_000 \ AppData \ Local \ Amazon Music \ Amazon Music Helper.exe [ 3694056 2017-04-18] (Amazon Services LLC)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Control Panel \ Desktop \ SCRNSAVE.EXE -> C: \ WINDOWS \ system32 \ Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
HKU \ S-1-5-18 \ ... \ RunOnce: [Application Restart # 0] => C: \ Program Files \ Common Files \ microsoft shared \ ink \ TabTip.exe [371928 2016-07-16] (Azienda Microsoft)

==================== Internet (autorizzato) =====================

(Se un elemento è incluso nell'elenco delle correzioni, se è un elemento del registro, viene rimosso o ripristinato all'impostazione predefinita.)

Tcpip \ Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip \ .. \ Interfaces \ {dee13008-c737-4ac5-9444-f2960207d42f}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Internet Explorer:
==================
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = hxxp: //acer13.msn.com/? Pc = ACJB
BHO: Lync Browser Assistant -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C: \ Programmi (x86) \ Microsoft Office \ root \ VFS \ ProgramFilesX64 \ Microsoft Office \ Office16 \ OCHelper.dll (2017-09 -15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Assistant -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C: \ Program Files (x86) \ Microsoft Office \ root \ VFS \ ProgramFilesX64 \ Microsoft Office \ Office16 \ GROOVEEX.DLL (2017 -09-15] (Microsoft Corporation)
Gestore-x32: mso-minsb-roam.16 - (83C25742-A9F7-49FB-9138-434302C88D07) - C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-15] (Azienda Microsoft)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-15] (Microsoft Azienda)
Handler-x32: osf-roam.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-15] (Microsoft Azienda)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C: \ Program Files (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-15] (Microsoft Corporation)

FireFox:
========
FF Profil Yolu: C: \ Users \ songe_000 \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 2lsg6gue.default [2017-09-16]
FF DefaultSearchEngine: Mozilla \ Firefox \ Profiles \ 2lsg6gue.default -> Google
FF DefaultSearchEngine.US: Mozilla \ Firefox \ Profiles \ 2lsg6gue.default -> Google
FF Anahtar Kelime.URL: Mozilla \ Firefox \ Profiles \ 2lsg6gue.default -> hxxps: //search.yahoo.com/search? Fr = mcafee & type = B110US662D20141022 & p =
Estensione FF: (Avira Browser Security) - C: \ Users \ songe_000 \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 2lsg6gue.default \ Extensions \ abs@avira.com.xpi [2017-07-17]
Estensione FF: (WOT) - C: \ Users \ songe_000 \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 2lsg6gue.default \ Extensions \ {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7) [2017-07-14]
FF SearchPlugin: C: \ Program Dosyaları (x86) \ mozilla firefox \ browser \ searchplugins \ McSiteAdvisor.xml [2015-01-04]
Plugin FF: @ adobe.com / FlashPlayer -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ NPSWF64_27_0_0_130.dll [2017-09-14] ()
FF Eklentisi-x32: @ adobe.com / FlashPlayer -> C: \ WINDOWS \ SysWOW64 \ Macromed \ Flash \ NPSWF32_27_0_0_130.dll [2017-09-14] ()
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; versione = 4.0.5 -> C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI updater -> C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIUpdater.dll [2013-12-09] (Intel Foundation)
FF Plugin-x32: @ microsoft.com / SharePoint, versione = 14.0 -> C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ NPSPWRAP.DLL [2017-09-15] (Microsoft Corporation)
FF Plugin-x32: @ tools.google.com / Google Update; versione = 3 -> C: \ Programmi (x86) \ Google \ Update \ 1.3.33.5 \ npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @ tools.google.com / Google Update; versione = 9 -> C: \ Programmi (x86) \ Google \ Update \ 1.3.33.5 \ npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @ WildTangent.com / GamesAppPresenceDetector, versione = 1.0 -> C: \ Program Files (x86) \ WildTangent Games \ App \ BrowserIntegration \ Registered \ 0 \ NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C: \ Programmi (x86) \ Adobe \ Acrobat Reader DC \ Reader \ AIR \ nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU \ S-1-5-21-634217685-3676121620-3412417090-1001: @ citrixonline.com / appdetectorplugin -> C: \ Users \ songe_000 \ AppData \ Local \ Citrix \ Plugins \ 104 \ npappdetector.dll [2016 -05-11) (Citrix Online)
FF Plugin HKU \ S-1-5-21-634217685-3676121620-3412417090-1001: @ unity3d.com / UnityPlayer, versione = 1.0 -> C: \ Users \ songe_000 \ AppData \ LocalLow \ Unity \ WebPlayer \ loader \ npUnity3D32 .dll [03/07/2015] (Unity Technologies ApS)

Eccetto:
=======
Profilo CHR: C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default [2017-09-17]
Estensione CHR: (Presentazioni Google) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
Estensione CHR: (Google Docs) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ aohghmighlieiainnegkcijnfilokake [2015-02-07]
Estensione CHR: (Google Drive) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
Estensione CHR: (WOT: Web of Trust, Website Reputation Ratings) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ bhmmomiinigofkjcapegjjndpbikblnp [2017-07-11]
Estensione CHR: (YouTube) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
Estensione CHR: (Ricerca Google) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
Estensione CHR: (Fogli Google) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
Estensione CHR: (Documenti Google offline) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ ghbmnnjooekpmoecnnilnnbdlolhkhi [18/03/2016]
Estensione CHR: (Pagamenti Chrome Web Store) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
Estensione CHR: (Gmail) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
Estensione CHR: (Chrome Media Redirector) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-16]
CHR HKLM-x32 \ ... \ Chrome \ Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps: //clients2.google.com/service/update2/crx

==================== Servizi (autorizzati) ====================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

R2 gpsvc; C: \ WINDOWS \ System32 \ gpsvc.dll [1227264 2017-03-14] (Microsoft Corporation) [File non firmato]
R2 gpsvc; C: \ WINDOWS \ System32 \ gpsvc.dll [1227264 2017-03-14] (Microsoft Corporation) [File non firmato]
R2 è nsi; C: \ WINDOWS \ System32 \ nsisvc.dll [30720 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WinHttpAutoProxySvc; C: \ WINDOWS \ system32 \ winhttp.dll [818176 2017-03-14] (Microsoft Corporation) [Dosya imzalanmadı]
U3 WinHttpAutoProxySvc; C: \ WINDOWS \ SysWOW64 \ winhttp.dll [636928 2017-03-14] (Microsoft Corporation) [Dosya imzalanmadı]
U2! SASCORE; C: \ Programmi \ SUPERAntiSpyware \ SASCORE64.EXE [173472 2017-02-23] (SUPERAntiSpyware.com)
U3 AJRouter; C: \ WINDOWS \ System32 \ AJRouter.dll [24576 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 ALG; C: \ WINDOWS \ System32 \ alg.exe [95744 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 AppIDSvc; C: \ WINDOWS \ System32 \ appidsvc.dll [124416 2017-04-27] (Microsoft Corporation) [File non firmato]
R3 Appinfo; C: \ WINDOWS \ System32 \ appinfo.dll [125952 2017-03-14] (Microsoft Corporation) [File non firmato]
Servizio dispositivi mobili Apple U2; C: \ Programmi \ File comuni \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
U3 AppReadiness; C: \ WINDOWS \ system32 \ AppReadiness.dll [560128 2017-04-27] (Microsoft Corporation) [Dosya imzalanmadı]
U3 AppXSvc; C: \ WINDOWS \ system32 \ appxdeploymentserver.dll [2278400 2017-03-18] (Microsoft Corporation) [File non firmato]
U2 AudioEndpointBuilder; C: \ WINDOWS \ System32 \ AudioEndpointBuilder.dll [337920 2017-04-27] (Microsoft Corporation) [Dosya imzalanmadı]
R2 Audiosrv; C: \ WINDOWS \ System32 \ Audiosrv.dll [942080 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 AxInstSV; C: \ WINDOWS \ System32 \ AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 BDESVC; C: \ WINDOWS \ System32 \ bdesvc.dll [361472 2016-09-29] (Microsoft Corporation) [File non firmato]
U2 BFE; C: \ WINDOWS \ System32 \ bfe.dll [795648 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 BITS; C: \ WINDOWS \ System32 \ qmgr.dll [1054208 2016-10-28] (Microsoft Corporation) [File non firmato]
Infrastruttura broker U2; C: \ WINDOWS \ System32 \ bisrv.dll [770560 2017-04-27] (Microsoft Corporation) [File non firmato]
Browser U3; C: \ WINDOWS \ System32 \ browser.dll [134656 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 BthHFSrv; C: \ WINDOWS \ System32 \ BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 bthserv; C: \ WINDOWS \ system32 \ bthserv.dll [157184 2017-04-27] (Microsoft Corporation) [File non firmato]
U2 CCDMonitorService; C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ CCDMonitorService.exe [2267352 2016-09-20] (Acer Incorporated)
U2 CDPSvc; C: \ WINDOWS \ System32 \ CDPSvc.dll [411648 2016-12-12] (Microsoft Corporation) [File non firmato]
U2 CDPUserSvc; C: \ WINDOWS \ System32 \ CDPUserSvc.dll [339456 2016-12-12] (Microsoft Corporation) [File non firmato]
U3 CertPropSvc; C: \ WINDOWS \ System32 \ certprop.dll [193536 2017-03-14] (Microsoft Corporation) [File non firmato]
U2 ClickToRunSvc; C: \ Programmi \ File comuni \ Microsoft Shared \ ClickToRun \ OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
U2 CmdAgent; C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdagent.exe [10501616 2017-08-28] (COMODO)
U3 cmdvirth; C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdvirth.exe [2876096 2017-08-28] (COMODO)
U2 CoreMessagingRegistrar; C: \ WINDOWS \ SysWOW64 \ coremessaging.dll [483840 2017-06-03] (Microsoft Corporation) [File non firmato]
R2 CryptSvc; C: \ WINDOWS \ system32 \ cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation) [File non firmato]
R2 DcomLaunch; C: \ WINDOWS \ system32 \ rpcss.dll [890368 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 DcpSvc; C: \ WINDOWS \ system32 \ dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 defragsvc; C: \ WINDOWS \ System32 \ defragsvc.dll [511488 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 DeviceAssociationService; C: \ WINDOWS \ system32 \ das.dll [447488 2016-09-20] (Microsoft Corporation) [File non firmato]
U3 DeviceInstall; C: \ WINDOWS \ system32 \ umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 DevQueryBroker; C: \ WINDOWS \ system32 \ DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 Dhcp; C: \ WINDOWS \ system32 \ dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 Dhcp; C: \ WINDOWS \ SysWOW64 \ dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 diagnosticshub.standardcollector.service; C: \ WINDOWS \ system32 \ DiagSvcs \ DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 DiagTrack; C: \ WINDOWS \ system32 \ diagtrack.dll [1984000 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 DmEnrollmentSvc; C: \ WINDOWS \ system32 \ Windows.Internal.Management.dll [407552 2017-04-27] (Microsoft Corporation) [Dosya imzalanmadı]
U3 DmEnrollmentSvc; C: \ WINDOWS \ SysWOW64 \ Windows.Internal.Management.dll [298496 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 dmwappushservice; C: \ WINDOWS \ system32 \ dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 Dnscache; C: \ WINDOWS \ System32 \ dnsrslvr.dll [264704 2017-03-14] (Microsoft Corporation) [File non firmato]
U2 DoSvc; C: \ WINDOWS \ system32 \ dosvc.dll [1231872 2017-03-27] (Microsoft Corporation) [File non firmato]
U3 dot3svc; C: \ WINDOWS \ System32 \ dot3svc.dll [262144 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 DPS; C: \ WINDOWS \ system32 \ dps.dll [172032 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 DsmSvc; C: \ WINDOWS \ System32 \ DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 DsSvc; C: \ WINDOWS \ System32 \ DsSvc.dll [152576 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 EapHost; C: \ WINDOWS \ System32 \ eapsvc.dll [112128 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 EFS; C: \ WINDOWS \ system32 \ efssvc.dll [55296 2016-07-16] (Microsoft Corporation) [File non firmato]
Modalità incorporata U3; C: \ WINDOWS \ System32 \ embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 EntAppSvc; C: \ WINDOWS \ system32 \ EnterpriseAppMgmtSvc.dll [285696 12/12/2016] (Microsoft Corporation) [Dosya imzalanmadı]
U3 ePowerSvc; C: \ Programmi \ Acer \ Acer Power Management \ ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
U2 EventLog; C: \ WINDOWS \ System32 \ wevtsvc.dll [1709056 2016-09-29] (Microsoft Corporation) [File non firmato]
U2 EventSystem; C: \ WINDOWS \ system32 \ es.dll [453632 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 EventSystem; C: \ WINDOWS \ SysWOW64 \ es.dll [347136 2016-07-16] (Microsoft Corporation) [File non firmato]
Fax U3; C: \ WINDOWS \ system32 \ fxssvc.exe [644608 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 fdPHost; C: \ WINDOWS \ system32 \ fdPHost.dll [20992 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 FDResPub; C: \ WINDOWS \ system32 \ fdrespub.dll [35328 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 fhsvc; C: \ WINDOWS \ system32 \ fhsvc.dll [122368 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 FontCache; C: \ WINDOWS \ system32 \ FntCache.dll [1845248 2017-06-03] (Microsoft Corporation) [File non firmato]
U3 FrameServer; C: \ WINDOWS \ system32 \ FrameServer.dll [805888 2017-03-14] (Microsoft Corporation) [File non firmato]
U2 GamesAppIntegrationService; C: \ Program Dosyaları (x86) \ WildTangent Games \ App \ GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Şirket adı>) [File non firmato]
U3 hidserv; C: \ WINDOWS \ system32 \ hidserv.dll [36864 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 hidserv; C: \ WINDOWS \ SysWOW64 \ hidserv.dll [32256 2016-07-16] (Microsoft Corporation) [File non firmato]
Gruppi gruppo home U3; C: \ WINDOWS \ system32 \ ListSvc.dll [274432 12/11/2016] (Microsoft Corporation) [File non firmato]
U3 HomeGroupProvider; C: \ WINDOWS \ system32 \ provsvc.dll [447488 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 HomeGroupProvider; C: \ WINDOWS \ SysWOW64 \ provsvc.dll [385536 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 HPSupportSolutionsFrameworkService; C: \ Program Dosyaları (x86) \ Hp \ Common \ HPSupportSolutionsFrameworkService.exe [89840 2015-06-30] (Hewlett-Packard Company)
U3 HvHost; C: \ WINDOWS \ System32 \ hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 icssvc; C: \ WINDOWS \ System32 \ tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 igfxCUIService2.0.0.0; C: \ WINDOWS \ system32 \ igfxCUIService.exe [370064 2015-11-29] (Intel Corporation)
U2 IKEEXT; C: \ WINDOWS \ System32 \ ikeext.dll [932352 2016-07-16] (Microsoft Corporation) [File non firmato]
Interfaccia del servizio di licenza della competenza Intel® U2; C: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe [747520 2013-08-27] (Intel (R) Corporation) [File non firmato]
U3 Intel (R) Capability Licensing Service Interfaccia TCP IP; C: \ Programmi \ Intel \ iCLS Client \ SocketHeciServer.exe [828376 2013-08-27] (Intel (R) Corporation)
U2 iphlpsvc; C: \ WINDOWS \ System32 \ iphlpsvc.dll [945664 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 irmon; C: \ WINDOWS \ System32 \ irmon.dll [25088 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 izesrv; C: \ Programmi (x86) \ COMODO \ Internet Security Essentials \ isesrv.exe [133840 2017-08-07] (COMODO)
U2 jhi_service; C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe [169432 2013-12-09] (Intel Corporation)
U3 KeyIso; C: \ WINDOWS \ system32 \ keyiso.dll [96768 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 KeyIso; C: \ WINDOWS \ SysWOW64 \ keyiso.dll [70656 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 KtmRm; C: \ WINDOWS \ system32 \ msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 LanmanServer; C: \ WINDOWS \ system32 \ srvsvc.dll [305152 2016-07-16] (Microsoft Corporation) [File non firmato]
R2 LanmanWorkstation; C: \ WINDOWS \ System32 \ wkssvc.dll [283648 12/12/2016] (Microsoft Corporation) [File non firmato]
U3 lfsvc; C: \ WINDOWS \ System32 \ lfsvc.dll [37376 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 LicenseManager; C: \ WINDOWS \ system32 \ LicenseManagerSvc.dll [26112 2016-09-20] (Microsoft Corporation) [File non firmato]
U3 lltdsvc; C: \ WINDOWS \ System32 \ lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation) [File non firmato]
Host host U3; C: \ WINDOWS \ System32 \ lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 LMSvc; C: \ Programmi \ Acer \ Acer Launch Manager \ LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
U2 LSM; C: \ WINDOWS \ System32 \ lsm.dll [691712 12/12/2016] (Microsoft Corporation) [File non firmato]
U2 MapsBroker; C: \ WINDOWS \ System32 \ moshost.dll [82944 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 MessagingService; C: \ WINDOWS \ System32 \ MessagingService.dll [52224 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 MpsSvc; C: \ WINDOWS \ system32 \ mpssvc.dll [893952 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 MSDTC; C: \ WINDOWS \ System32 \ msdtc.exe [147456 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MSiSCSI; C: \ WINDOWS \ system32 \ iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation) [File non firmato]
Msiserver S3; C: \ WINDOWS \ System32 \ msiexec.exe [65024 2016-07-16] (Microsoft Corporation) [File non firmato]
Msiserver S3; C: \ WINDOWS \ SysWOW64 \ msiexec.exe [58368 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 NcaSvc; C: \ WINDOWS \ System32 \ ncasvc.dll [167936 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 NcbService; C: \ WINDOWS \ System32 \ ncbservice.dll [339968 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 NcdAutoSetup; C: \ WINDOWS \ System32 \ NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation) [File non firmato]
Netlogon U3; C: \ WINDOWS \ system32 \ netlogon.dll [827392 2016-07-16] (Microsoft Corporation) [File non firmato]
Netlogon U3; C: \ WINDOWS \ SysWOW64 \ netlogon.dll [670720 2016-07-16] (Microsoft Corporation) [File non firmato]
Netman U3; C: \ WINDOWS \ System32 \ netman.dll [259072 2016-07-16] (Microsoft Corporation) [File non firmato]
Netprofm U3; C: \ WINDOWS \ System32 \ netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 NetSetupSvc; C: \ WINDOWS \ System32 \ NetSetupSvc.dll [266752 2017-06-03] (Microsoft Corporation) [File non firmato]
U3 NgcCtnrSvc; C: \ WINDOWS \ System32 \ NgcCtnrSvc.dll [331264 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 NgcSvc; C: \ WINDOWS \ system32 \ ngcsvc.dll [983040 2017-04-27] (Microsoft Corporation) [File non firmato]
U2 NlaSvc; C: \ WINDOWS \ System32 \ nlasvc.dll [368640 11/10/2016] (Microsoft Corporation) [File non firmato]
U2 OneSyncSvc; C: \ WINDOWS \ System32 \ APHostService.dll [366592 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 p2pimsvc; C: \ WINDOWS \ system32 \ pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 p2psvc; C: \ WINDOWS \ system32 \ p2psvc.dll [425472 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PerfHost; C: \ WINDOWS \ SysWow64 \ perfhost.exe [21504 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PhoneSvc; C: \ WINDOWS \ System32 \ PhoneService.dll [781824 2016-09-20] (Microsoft Corporation) [Dosya imzalanmadı]
U3 PimIndexMaintenanceSvc; C: \ WINDOWS \ System32 \ PimIndexMaintenance.dll [203264 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 pla; C: \ WINDOWS \ system32 \ pla.dll [1457152 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 pla; C: \ WINDOWS \ SysWOW64 \ pla.dll [1536512 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PlugPlay; C: \ WINDOWS \ system32 \ umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PNRPAutoReg; C: \ WINDOWS \ system32 \ pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PNRPsvc; C: \ WINDOWS \ system32 \ pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation) [File non firmato]
PolicyAgent U3; C: \ WINDOWS \ System32 \ ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 Power; C: \ WINDOWS \ system32 \ umpo.dll [123904 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PrintNotify; C: \ WINDOWS \ system32 \ spool \ drivers \ x64 \ 3 \ clr.dll [3318784 2017-04-27] (Microsoft Corporation) [Dosya imzalanmadı]
U2 ProfSvc; C: \ WINDOWS \ system32 \ profsvc.dll [358400 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 QASvc; C: \ Programmi \ Acer \ Acer Quick Access \ QASvc.exe [457960 2014-03-21] (Acer Incorporate)
U3 QWAVE; C: \ WINDOWS \ system32 \ qwave.dll [275456 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 QWAVE; C: \ WINDOWS \ SysWOW64 \ qwave.dll [234496 2016-07-16] (Microsoft Corporation) [File non firmato]
S3 RasAuto; C: \ WINDOWS \ System32 \ rasauto.dll [105472 2016-07-16] (Microsoft Corporation) [File non firmato]
S3 RasMan; C: \ WINDOWS \ System32 \ rasmans.dll [657920 2017-04-27] (Microsoft Corporation) [File non firmato]
S4 RemoteAccess; C: \ WINDOWS \ System32 \ mprdim.dll [496128 2016-09-29] (Microsoft Corporation) [File non firmato]
S4 RemoteAccess; C: \ WINDOWS \ SysWOW64 \ mprdim.dll [431104 2016-09-29] (Microsoft Corporation) [File non firmato]
U4 RemoteRegistry; C: \ WINDOWS \ system32 \ regsvc.dll [155648 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 RetailDemo; C: \ WINDOWS \ system32 \ RDXService.dll [650752 2017-04-27] (Microsoft Corporation) [File non firmato]
U2 RichVideo; C: \ Programmi (x86) \ CyberLink \ File condivisi \ RichVideo.exe [254512 2012-04-24] ()
U3 RmSvc; C: \ WINDOWS \ System32 \ RMapi.dll [140800 2016-09-29] (Microsoft Corporation) [File non firmato]
R2 RpcEptMapper; C: \ WINDOWS \ System32 \ RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 RpcLocator; C: \ WINDOWS \ system32 \ locator.exe [11264 2016-07-16] (Microsoft Corporation) [File non firmato]
R2 RpcSs; C: \ WINDOWS \ system32 \ rpcss.dll [890368 2017-04-27] (Microsoft Corporation) [File non firmato]
U4 SCardSvr; C: \ WINDOWS \ System32 \ SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 ScDeviceEnum; C: \ WINDOWS \ System32 \ ScDeviceEnum.dll [201728 2017-01-16] (Microsoft Corporation) [File non firmato]
Grafico degli U2; C: \ WINDOWS \ system32 \ schedsvc.dll [948224 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 SCPolicySvc; C: \ WINDOWS \ System32 \ certprop.dll [193536 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 SDRSVC; C: \ WINDOWS \ System32 \ SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation) [File non firmato]
Seclogon U3; C: \ WINDOWS \ system32 \ seclogon.dll [31232 2016-07-16] (Microsoft Corporation) [File non firmato]
R2 SENS; C: \ WINDOWS \ System32 \ sens.dll [70656 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 SensorDataService; C: \ WINDOWS \ System32 \ SensorDataService.exe [1312768 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 SensorService; C: \ WINDOWS \ system32 \ SensorService.dll [417792 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 SensrSvc; C: \ WINDOWS \ system32 \ sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 SessionEnv; C: \ WINDOWS \ system32 \ sessenv.dll [387072 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 SessionEnv; C: \ WINDOWS \ SysWOW64 \ sessenv.dll [331776 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 SharedAccess; C: \ WINDOWS \ System32 \ ipnathlp.dll [541696 2017-03-14] (Microsoft Corporation) [File non firmato]
U2 ShellHWDetection; C: \ WINDOWS \ System32 \ shsvcs.dll [617472 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 ShellHWDetection; C: \ WINDOWS \ SysWOW64 \ shsvcs.dll [566784 2016-07-16] (Microsoft Corporation) [File non firmato]
U4 shpamsvc; C: \ WINDOWS \ system32 \ Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation) [File non firmato]
Smphost U3; C: \ WINDOWS \ System32 \ smphost.dll [23552 2016-09-29] (Microsoft Corporation) [File non firmato]
Smphost U3; C: \ WINDOWS \ SysWOW64 \ smphost.dll [20992 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 SmsRouter; C: \ WINDOWS \ system32 \ SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 SNMPTRAP; C: \ WINDOWS \ System32 \ snmptrap.exe [15872 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 SolutoLauncherService; C: \ Programmi \ Soluto \ SolutoLauncherService.exe [221728 2013-12-18] (Soluto)
U3 SolutoRemoteService; C: \ Program Files \ Soluto \ SolutoRemoteService.exe [1942016 2013-12-18] (GlavSoft LLC.) [File non firmato]
R2 Spooler; C: \ WINDOWS \ System32 \ spoolsv.exe [792576 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 SSDPSRV; C: \ WINDOWS \ System32 \ ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 SstpSvc; C: \ WINDOWS \ system32 \ sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 State Depot; C: \ WINDOWS \ system32 \ windows.staterepository.dll [4136448 2016-12-12] (Microsoft Corporation) [File non firmato]
U3 State Depot; C: \ WINDOWS \ SysWOW64 \ windows.staterepository.dll [3370496 12/12/2016] (Microsoft Corporation) [File non firmato]
U2 stisvc; C: \ WINDOWS \ System32 \ wiaservc.dll [646656 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 StorSvc; C: \ WINDOWS \ system32 \ storsvc.dll [396800 2016-12-12] (Microsoft Corporation) [File non firmato]
U3 svsvc; C: \ WINDOWS \ system32 \ svsvc.dll [13824 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 swprv; C: \ WINDOWS \ System32 \ swprv.dll [467456 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 SysMain; C: \ WINDOWS \ system32 \ sysmain.dll [944128 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 SystemEventsBroker; C: \ WINDOWS \ System32 \ SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 TabletInputService; C: \ WINDOWS \ System32 \ TabSvc.dll [148992 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 TapiSrv; C: \ WINDOWS \ System32 \ tapisrv.dll [309248 2016-07-16] (Microsoft Corporation) [File File]
U3 TapiSrv; C: \ WINDOWS \ SysWOW64 \ tapisrv.dll [254976 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
S3 TermService; C: \ WINDOWS \ System32 \ termsrv.dll [987648 2016-07-16] (Microsoft Corporation) [File non firmato]
Temi R2; C: \ WINDOWS \ system32 \ themeservice.dll [70656 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 TieringEngineService; C: \ WINDOWS \ system32 \ TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 tiledatamodelsvc; C: \ WINDOWS \ system32 \ tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 TimeBrokerSvc; C: \ WINDOWS \ System32 \ TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 TouchToolsLaunchService; C: \ Program Dosyaları \ Acer \ Acer Touch Tools \ TouchToolsLaunchSvc.exe [250624 2014-01-08] (Acer Incorporated)
U2 TrkWks; C: \ WINDOWS \ System32 \ trkwks.dll [116736 2016-07-16] (Microsoft Corporation) [File non firmato]
S3 TrustedInstaller; C: \ WINDOWS \ servicing \ TrustedInstaller.exe [122880 2016-12-12] (Microsoft Corporation) [File non firmato]
U4 tzautoupdat; C: \ WINDOWS \ system32 \ tzautoupdate.dll [95232 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 UEIPSvc; C: \ Program Files \ Acer \ User Experience Improvement Program \ Framework \ UBTService.exe [222952 2014-01-25] (acer)
U3 UI0Detect; C: \ WINDOWS \ system32 \ UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UmRdpServis; C: \ WINDOWS \ System32 \ umrdp.dll [273408 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UnistoreSvc; C: \ WINDOWS \ System32 \ unistore.dll [1184256 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 UnistoreSvc; C: \ WINDOWS \ SysWOW64 \ unistore.dll [968704 2017-03-14] (Microsoft Corporation) [File non firmato]
Upnphost U3; C: \ WINDOWS \ System32 \ upnphost.dll [440832 2016-07-16] (Microsoft Corporation) [File non firmato]
Upnphost U3; C: \ WINDOWS \ SysWOW64 \ upnphost.dll [328192 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UserDataSvc; C: \ WINDOWS \ System32 \ userdataservice.dll [1512448 2017-03-14] (Microsoft Corporation) [File non firmato]
U2 UserManager; C: \ WINDOWS \ System32 \ usermgr.dll [1021440 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 UsoSvc; C: \ WINDOWS \ system32 \ usocore.dll [548864 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 VaultSvc; C: \ Windows \ System32 \ vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 vds; C: \ WINDOWS \ System32 \ vds.exe [649216 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 vmicguestinterface; C: \ WINDOWS \ System32 \ icsvc.dll [305152 29/09/2016] (Microsoft Corporation) [File non firmato]
U3 vmicheartbeat; C: \ WINDOWS \ System32 \ icsvc.dll [305152 29/09/2016] (Microsoft Corporation) [File non firmato]
U3 vmickvpexchange; C: \ WINDOWS \ System32 \ icsvc.dll [305152 29/09/2016] (Microsoft Corporation) [File non firmato]
U3 vmicrdv; C: \ WINDOWS \ System32 \ icsvcext.dll [349696 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 vmicshutdown; C: \ WINDOWS \ System32 \ icsvc.dll [305152 29/09/2016] (Microsoft Corporation) [File non firmato]
U3 vmictimesync; C: \ WINDOWS \ System32 \ icsvc.dll [305152 29/09/2016] (Microsoft Corporation) [File non firmato]
U3 vmicvmsession; C: \ WINDOWS \ System32 \ icsvc.dll [305152 29/09/2016] (Microsoft Corporation) [File non firmato]
U3 vmicvss; C: \ WINDOWS \ System32 \ icsvcext.dll [349696 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 VSS; C: \ WINDOWS \ system32 \ vssvc.exe [1443328 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 W32 Time; C: \ WINDOWS \ system32 \ w32time.dll [520192 2016-09-20] (Microsoft Corporation) [File non firmato]
Servizio Portafoglio U3; C: \ WINDOWS \ system32 \ WalletService.dll [436224 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 wbengine; C: \ WINDOWS \ system32 \ wbengine.exe [1547264 2017-04-27] (Microsoft Corporation) [File non firmato]
U2 WbioSrvc; C: \ WINDOWS \ System32 \ wbiosrvc.dll [837632 2017-01-16] (Microsoft Corporation) [File non firmato]
U2 Wcmsvc; C: \ WINDOWS \ System32 \ wcmsvc.dll [715776 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 wcncsvc; C: \ WINDOWS \ System32 \ wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WdiServiceHost; C: \ WINDOWS \ system32 \ wdi.dll [97792 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WdiServiceHost; C: \ WINDOWS \ SysWOW64 \ wdi.dll [89088 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WdiSystemHost; C: \ WINDOWS \ system32 \ wdi.dll [97792 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WdiSystemHost; C: \ WINDOWS \ SysWOW64 \ wdi.dll [89088 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WdNisSvc; C: \ Programmi \ Windows Defender \ NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
U3 WebClient; C: \ WINDOWS \ System32 \ webclnt.dll [227328 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WebClient; C: \ WINDOWS \ SysWOW64 \ webclnt.dll [198656 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 Wecsvc; C: \ WINDOWS \ system32 \ wecsvc.dll [206848 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WEPHOSTSVC; C: \ WINDOWS \ system32 \ wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 wercplsupport; C: \ WINDOWS \ System32 \ wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WerSvc; C: \ WINDOWS \ System32 \ WerSvc.dll [156672 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WiaRpc; C: \ WINDOWS \ System32 \ wiarpc.dll [82944 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WinDefend; C: \ Programmi \ Windows Defender \ MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)
U2 Winmgmt; C: \ WINDOWS \ system32 \ wbem \ WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WinRM; C: \ WINDOWS \ system32 \ WsmSvc.dll [2716672 12/12/2016] (Microsoft Corporation) [File non firmato]
U3 WinRM; C: \ WINDOWS \ SysWOW64 \ WsmSvc.dll [2333184 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 wisvc; C: \ WINDOWS \ system32 \ Flightsettings.dll [635904 2017-04-27] (Microsoft Corporation) [File non firmato]
U2 WlanSvc; C: \ WINDOWS \ System32 \ wlansvc.dll [2370048 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 wlidsvc; C: \ WINDOWS \ system32 \ wlidsvc.dll [2104320 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 wmiApSrv; C: \ WINDOWS \ system32 \ wbem \ WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WMPNetworkSvc; C: \ Programmi \ Windows Media Player \ wmpnetwk.exe [1184256 2016-09-20] (Microsoft Corporation) [File non firmato]
U3 cartelle di lavorovc; C: \ WINDOWS \ system32 \ workfolderssvc.dll [1837056 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 WPDBusEnum; C: \ WINDOWS \ system32 \ wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 WpnService; C: \ WINDOWS \ system32 \ WpnService.dll [234496 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WpnUserService; C: \ WINDOWS \ System32 \ WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 wscsvc; C: \ WINDOWS \ System32 \ wscsvc.dll [184832 2016-12-12] (Microsoft Corporation) [File non firmato]
U2 WSearch; C: \ WINDOWS \ system32 \ SearchIndexer.exe [903680 2017-06-03] (Microsoft Corporation) [File non firmato]
U2 WSearch; C: \ WINDOWS \ SysWOW64 \ SearchIndexer.exe [773120 2017-06-03] (Microsoft Corporation) [File non firmato]
U3 wuauserv; C: \ WINDOWS \ system32 \ wuaueng.dll [2318848 2017-06-03] (Microsoft Corporation) [File non firmato]
U3 wudfsvc; C: \ WINDOWS \ System32 \ WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WwanSvc; C: \ WINDOWS \ System32 \ wwansvc.dll [1282048 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 XblAuthManager; C: \ WINDOWS \ System32 \ XblAuthManager.dll [1016320 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 XblGameSave; C: \ WINDOWS \ System32 \ XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 XboxNetApiSvc; C: \ WINDOWS \ system32 \ XboxNetApiSvc.dll [1025536 2017-03-14] (Microsoft Corporation) [File non firmato]

[mom26gr8kids]

Prima continuazione

===================== Driver (autorizzati) ======================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

U3 1394ohci; C: \ WINDOWS \ System32 \ drivers \ 1394ohci.sys [235520 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 AcpiDev; C: \ WINDOWS \ System32 \ drivers \ AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 acpipagr; C: \ WINDOWS \ System32 \ drivers \ acpipagr.sys [12288 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 AcpiPmi; C: \ WINDOWS \ System32 \ drivers \ acpipmi.sys [14336 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 akpitim; C: \ WINDOWS \ System32 \ drivers \ acpitime.sys [13312 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 ahcache; C: \ WINDOWS \ System32 \ DRIVERS \ ahcache.sys [227328 2016-10-28] (Microsoft Corporation) [File non firmato]
U3 AmdK8; C: \ WINDOWS \ System32 \ drivers \ amdk8.sys [123392 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 AmdPPM; C: \ WINDOWS \ System32 \ drivers \ amdppm.sys [120832 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 applockerfltr; C: \ WINDOWS \ System32 \ drivers \ applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 AsyncMac; C: \ WINDOWS \ System32 \ drivers \ asyncmac.sys [28160 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 athr; C: \ WINDOWS \ System32 \ drivers \ athw8x.sys [4233728 2016-07-16] (Qualcomm Atheros Communications, Inc.) [Dosya imzalanmadı]
U1 BasicDisplay; C: \ WINDOWS \ System32 \ drivers \ BasicDisplay.sys [56320 2017-03-27] (Microsoft Corporation) [Dosya imzalanmadı]
U1 BasicRender; C: \ WINDOWS \ System32 \ drivers \ BasicRender.sys [41472 2017-06-03] (Microsoft Corporation) [File non firmato]
U3 bcmfn; C: \ WINDOWS \ System32 \ drivers \ bcmfn.sys [9728 2016-07-16] (provider DDK Windows (R) Win 7) [File non firmato]
U3 bcmfn2; C: \ WINDOWS \ System32 \ drivers \ bcmfn2.sys [9728 2016-07-16] (provider DDK Windows (R) Win 7) [File non firmato]
U1 Beep; C: \ Windows \ System32 \ Drivers \ Beep.sys [9728 2016-07-16] (Microsoft Corporation) [File non firmato]
Bowser U3; C: \ WINDOWS \ System32 \ DRIVERS \ bowser.sys [101888 2016-11-12] (Microsoft Corporation) [Dosya imzalanmadı]
U3 BthAvrcpTg; C: \ WINDOWS \ System32 \ drivers \ BthAvrcpTg.sys [43008 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 BthHFEnum; C: \ WINDOWS \ System32 \ drivers \ bthhfenum.sys [65536 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 bthhfhyd; C: \ WINDOWS \ System32 \ drivers \ BthHFHid.sys [31232 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 BTHMODEM; C: \ WINDOWS \ System32 \ drivers \ bthmodem.sys [66048 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 BTHPORT; C: \ WINDOWS \ System32 \ drivers \ BTHport.sys [967680 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 BTHUSB; C: \ WINDOWS \ System32 \ drivers \ BTHUSB.sys [84992 2016-09-20] (Microsoft Corporation) [File non firmato]
Convertitore pulsante U3; C: \ WINDOWS \ System32 \ drivers \ buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 CapImg; C: \ WINDOWS \ System32 \ drivers \ capimg.sys [118272 2016-10-28] (Microsoft Corporation) [File non firmato]
CDF U4; C: \ WINDOWS \ System32 \ DRIVERS \ cdfs.sys [92160 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U1 cdrom; C: \ WINDOWS \ System32 \ drivers \ cdrom.sys [173056 2016-07-16] (Microsoft Corporation) [File non firmato]
Cerchio U3; C: \ WINDOWS \ System32 \ drivers \ circlass.sys [48640 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 clreg; C: \ WINDOWS \ System32 \ drivers \ register.sys [70144 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 CmBatt; C: \ WINDOWS \ System32 \ drivers \ CmBatt.sys [29696 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 cmderd; C: \ WINDOWS \ System32 \ DRIVERS \ cmderd.sys [40968 2017-08-08] (COMODO)
U1 cmdGuard; C: \ WINDOWS \ System32 \ DRIVERS \ cmdguard.sys [827864 2017-08-08] (COMODO)
U1 cmdhlp; C: \ WINDOWS \ system32 \ DRIVERS \ cmdhlp.sys [50808 2017-08-08] (COMODO)
U3 CompositeBus; C: \ WINDOWS \ System32 \ DriverStore \ FileRepository \ compositebus.inf_amd64_a140581a8f8b58b7 \ CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 cpuz136; C: \ WINDOWS \ TEMP \ cpuz136 \ cpuz136_x64.sys [23856 2016-09-20] (CPUID)
U1 Dfsc; C: \ WINDOWS \ System32 \ Drivers \ dfsc.sys [145408 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 dg_ssudbus; C: \ WINDOWS \ system32 \ DRIVERS \ ssudbus.sys [131712 2016-10-12] (Samsung Electronics Co., Ltd.)
U3 dmvsc; C: \ WINDOWS \ System32 \ drivers \ dmvsc.sys [35840 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 ErrDev; C: \ WINDOWS \ System32 \ drivers \ errdev.sys [13312 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 exfat; C: \ Windows \ System32 \ Drivers \ exfat.sys [334848 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 fdc; C: \ WINDOWS \ System32 \ drivers \ fdc.sys [32256 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 FileCrypt; C: \ WINDOWS \ System32 \ drivers \ filecrypt.sys [88576 2016-07-16] (Microsoft Corporation) [File non firmato]
Filetrace U3; C: \ WINDOWS \ System32 \ drivers \ filetrace.sys [35840 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 flpydisk; C: \ WINDOWS \ System32 \ drivers \ flpydisk.sys [26112 2016-07-16] (Microsoft Corporation) [File non firmato]
Contatore del gene U3; C: \ WINDOWS \ System32 \ drivers \ vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 genericusbfn; C: \ WINDOWS \ System32 \ drivers \ genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 GpuEnergyDrv; C: \ WINDOWS \ System32 \ drivers \ gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 HDAudBus; C: \ WINDOWS \ System32 \ drivers \ HDAudBus.sys [83456 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 HidBth; C: \ WINDOWS \ System32 \ drivers \ hidbth.sys [108032 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 hidi2c; C: \ WINDOWS \ System32 \ drivers \ hidi2c.sys [51200 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 idruro; C: \ WINDOWS \ System32 \ drivers \ hidir.sys [46592 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 HidUsb; C: \ WINDOWS \ System32 \ drivers \ hidusb.sys [38400 2016-09-20] (Microsoft Corporation) [File non firmato]
U3 hypercbd; C: \ WINDOWS \ System32 \ drivers \ hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 i8042prt; C: \ WINDOWS \ System32 \ drivers \ i8042prt.sys [114176 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 iagpio; C: \ WINDOWS \ System32 \ drivers \ iagpio.sys [33280 2016-07-16] (Intel (R) Corporation) [File non firmato]
U3 iai2c; C: \ WINDOWS \ System32 \ drivers \ iai2c.sys [81408 2016-07-16] (Intel (R) Corporation) [File non firmato]
U3aLPSS2i_GPIO2; C: \ WINDOWS \ System32 \ drivers \ iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation) [Dosya imzalanmadı]
U3 IndirectKmd; C: \ WINDOWS \ System32 \ drivers \ IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 incelemesi; C: \ WINDOWS \ system32 \ DRIVERS \ inspect.sys [132904 2017-08-08] (COMODO)
U3 intelppm; C: \ WINDOWS \ System32 \ drivers \ intelppm.sys [134144 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 IpFilterDriver; C: \ WINDOWS \ System32 \ DRIVERS \ ipfltdrv.sys [85504 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 IPNAT; C: \ WINDOWS \ System32 \ drivers \ ipnat.sys [212480 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 irda; C: \ WINDOWS \ system32 \ drivers \ irda.sys [120320 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 IRENUM; C: \ WINDOWS \ System32 \ drivers \ irenum.sys [19456 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 izrrv; C: \ WINDOWS \ system32 \ drivers \ isedrv.sys [62208 2017-03-29] (COMODO)
U3 kbdhid; C: \ WINDOWS \ System32 \ drivers \ kbdhid.sys [39424 2016-09-29] (Microsoft Corporation) [File non firmato]
U3 kdnic; C: \ WINDOWS \ System32 \ drivers \ kdnic.sys [25088 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 ksthunk; C: \ WINDOWS \ system32 \ drivers \ ksthunk.sys [26112 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 lltdio; C: \ WINDOWS \ System32 \ drivers \ lltdio.sys [66048 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 LMDriver; C: \ WINDOWS \ System32 \ drivers \ LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
U2 luafv; C: \ WINDOWS \ system32 \ drivers \ luafv.sys [125952 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MEIx64; C: \ WINDOWS \ system32 \ DRIVERS \ TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
U2 MMCSS; C: \ WINDOWS \ system32 \ drivers \ mmcss.sys [48128 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
Modem U3; C: \ WINDOWS \ System32 \ drivers \ modem.sys [42496 2016-12-12] (Microsoft Corporation) [File non firmato]
Monitor U3; C: \ WINDOWS \ System32 \ drivers \ monitor.sys [38400 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 mouhid; C: \ WINDOWS \ System32 \ drivers \ mouhid.sys [32256 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 mpsdrv; C: \ WINDOWS \ System32 \ drivers \ mpsdrv.sys [75776 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MRxDAV; C: \ WINDOWS \ system32 \ drivers \ mrxdav.sys [143872 2016-10-11] (Microsoft Corporation) [File non firmato]
U2 mrxsmb10; C: \ WINDOWS \ System32 \ DRIVERS \ mrxsmb10.sys [282624 12/12/2016] (Microsoft Corporation) [Dosya imzalanmadı]
U3 MsBridge; C: \ WINDOWS \ System32 \ drivers \ bridge.sys [115200 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 mshidkmdf; C: \ WINDOWS \ System32 \ drivers \ mshidkmdf.sys [8704 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 mshidumdf; C: \ WINDOWS \ System32 \ drivers \ mshidumdf.sys [11776 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MSKSSRV; C: \ WINDOWS \ system32 \ DRIVERS \ MSKSSRV.sys [27136 2017-03-14] (Microsoft Corporation) [File non firmato]
U2 MsLldp; C: \ WINDOWS \ System32 \ drivers \ mslldp.sys [78336 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MSPCLOCK; C: \ WINDOWS \ system32 \ DRIVERS \ MSPCLOCK.sys [10752 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MSPQM; C: \ WINDOWS \ system32 \ DRIVERS \ MSPQM.sys [10752 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 MSTEE; C: \ WINDOWS \ system32 \ DRIVERS \ MSTEE.sys [12800 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 MTConfig; C: \ WINDOWS \ System32 \ drivers \ MTConfig.sys [15872 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 NativeWifiP; C: \ WINDOWS \ System32 \ DRIVERS \ nwifi.sys [535552 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 NdisCap; C: \ WINDOWS \ System32 \ drivers \ ndiscap.sys [50176 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 NdisImPlatform; C: \ WINDOWS \ System32 \ drivers \ NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 NdisTapi; C: \ WINDOWS \ System32 \ DRIVERS \ ndistapi.sys [26112 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 Ndisuio; C: \ WINDOWS \ System32 \ drivers \ ndisuio.sys [63488 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 Ben VirtualBus'um; C: \ WINDOWS \ System32 \ drivers \ NdisVirtualBus.sys [20480 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 NdisWan; C: \ WINDOWS \ System32 \ drivers \ ndiswan.sys [189440 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 ndiswanlegacy; C: \ WINDOWS \ System32 \ DRIVERS \ ndiswan.sys [189440 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 ndproxy; C: \ WINDOWS \ System32 \ DRIVERS \ NDProxy.sys [60928 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 Ndu; C: \ WINDOWS \ System32 \ drivers \ Ndu.sys [125440 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 Netaapl; C: \ WINDOWS \ System32 \ drivers \ netaapl64.sys [23040 2014-08-15] (Apple Inc.) [File non firmato]
U3 NetAdapterCx; C: \ WINDOWS \ System32 \ drivers \ NetAdapterCx.sys [90624 2016-07-16] () [File non firmato]
U1 NetBT; C: \ WINDOWS \ System32 \ DRIVERS \ netbt.sys [279040 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 Npfs; C: \ Windows \ System32 \ Drivers \ Npfs.sys [68608 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U1 npsvctrig; C: \ WINDOWS \ System32 \ drivers \ npsvctrig.sys [26624 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 è insiproxy; C: \ WINDOWS \ System32 \ drivers \ nsiproxy.sys [41984 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 è vuoto; C: \ Windows \ System32 \ Drivers \ Null.sys [7168 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 Parport; C: \ WINDOWS \ System32 \ drivers \ parport.sys [96768 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 PEAUTH; C: \ WINDOWS \ System32 \ drivers \ peauth.sys [723968 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 PptpMiniport; C: \ WINDOWS \ System32 \ drivers \ raspptp.sys [96256 2016-07-16] (Microsoft Corporation) [File non firmato]
Processore U3; C: \ WINDOWS \ System32 \ drivers \ processr.sys [119808 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 QWAVEdrv; C: \ WINDOWS \ system32 \ drivers \ qwavedrv.sys [48640 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 RadioShim; C: \ WINDOWS \ System32 \ drivers \ RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
U3 RasAcd; C: \ WINDOWS \ System32 \ DRIVERS \ rasacd.sys [17408 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 RasAgileVpn; C: \ WINDOWS \ System32 \ drivers \ AgileVpn.sys [107520 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 Rasl2tp; C: \ WINDOWS \ System32 \ drivers \ rasl2tp.sys [104960 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 RasPppoe; C: \ WINDOWS \ System32 \ DRIVERS \ raspppoe.sys [81408 2017-04-27] (Microsoft Corporation) [Dosya imzalanmadı]
U3 RasSstp; C: \ WINDOWS \ System32 \ drivers \ rassstp.sys [77824 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 rdpbus; C: \ WINDOWS \ System32 \ drivers \ rdpbus.sys [26112 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 RDPDR; C: \ WINDOWS \ System32 \ drivers \ rdpdr.sys [177152 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 rspndr; C: \ WINDOWS \ System32 \ drivers \ rspndr.sys [81408 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 rt640x64; C: \ WINDOWS \ System32 \ drivers \ rt640x64.sys [886528 2015-07-22] (Realtek)
U3 RTSPER; C: \ WINDOWS \ system32 \ DRIVERS \ RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
U3 s3cap; C: \ WINDOWS \ System32 \ drivers \ vms3cap.sys [9216 2016-07-16] (Microsoft Corporation) [File non firmato]
U1 SASDIFSV; C: \ Programmi \ SUPERAntiSpyware \ SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com e SUPERAntiSpyware.com)
U1 SASKUTIL; C: \ Programmi \ SUPERAntiSpyware \ SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com e SUPERAntiSpyware.com)
U3 scfilter; C: \ WINDOWS \ System32 \ DRIVERS \ scfilter.sys [43008 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 scmdisk0101; C: \ WINDOWS \ System32 \ drivers \ scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation) [File non firmato]
Fiera U3; 100: \ WINDOWS \ system32 \ drivers \ serenum.sys [25088 2016-07-16] (Microsoft Corporation) [File non firmato]
Serie U3; C: \ WINDOWS \ System32 \ drivers \ serial.sys [83968 2016-07-16] (Microsoft Corporation) [File non firmato]
Sermouse U3; C: \ WINDOWS \ System32 \ drivers \ sermouse.sys [27648 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 sfloppy; C: \ WINDOWS \ System32 \ drivers \ sfloppy.sys [18432 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 srv; C: \ WINDOWS \ System32 \ DRIVERS \ srv.sys [409600 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 srv2; C: \ WINDOWS \ System32 \ DRIVERS \ srv2.sys [713216 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 srvnet; C: \ WINDOWS \ System32 \ DRIVERS \ srvnet.sys [248320 2016-09-20] (Microsoft Corporation) [File non firmato]
U3 ssudmdm; C: \ WINDOWS \ system32 \ DRIVERS \ ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U3 StillCam; C: \ WINDOWS \ system32 \ DRIVERS \ serscan.sys [12800 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 storqosflt; C: \ WINDOWS \ System32 \ drivers \ storqosflt.sys [78336 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 SynRMIHID; C: \ WINDOWS \ system32 \ DRIVERS \ SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
U3 Synth3dVsc; C: \ WINDOWS \ System32 \ drivers \ Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U2 tcpipreg; C: \ WINDOWS \ System32 \ drivers \ tcpipreg.sys [52224 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 tsusbflt; C: \ WINDOWS \ System32 \ drivers \ TsUsbFlt.sys [61440 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 TsUsbGD; C: \ WINDOWS \ System32 \ drivers \ TsUsbGD.sys [34304 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
Tunnel U3; C: \ WINDOWS \ System32 \ drivers \ tunnel.sys [158208 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UcmCx0101; C: \ WINDOWS \ System32 \ Drivers \ UcmCx.sys [95744 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 UcmTcpciCx0101; C: \ WINDOWS \ System32 \ Drivers \ UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UcmUcsi; C: \ WINDOWS \ System32 \ drivers \ UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UdeCx; C: \ WINDOWS \ System32 \ drivers \ udecx.sys [45568 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U4 udfs; C: \ WINDOWS \ System32 \ DRIVERS \ udfs.sys [320000 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U3 umbus; C: \ WINDOWS \ System32 \ drivers \ umbus.sys [56832 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 UmPass; C: \ WINDOWS \ System32 \ drivers \ umpass.sys [13824 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 USBAAPL64; C: \ WINDOWS \ System32 \ Drivers \ usbaapl64.sys [54784 2016-04-03] (Apple, Inc.) [Dosya imzalanmadı]
U3 usbcir; C: \ WINDOWS \ System32 \ drivers \ usbcir.sys [102400 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 usbohci; C: \ WINDOWS \ System32 \ drivers \ usbohci.sys [30208 2016-07-16] (Microsoft Corporation) [File non firmato]
Traccia USB U3; C: \ WINDOWS \ System32 \ drivers \ usbprint.sys [27648 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 usbscan; C: \ WINDOWS \ system32 \ DRIVERS \ usbscan.sys [46592 2016-09-22] (Microsoft Corporation) [File non firmato]
U3 usbser; C: \ WINDOWS \ System32 \ drivers \ usbser.sys [69120 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 usbuhci; C: \ WINDOWS \ System32 \ drivers \ usbuhci.sys [35328 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 usbvideo; C: \ WINDOWS \ System32 \ Drivers \ usbvideo.sys [226816 2016-09-20] (Microsoft Corporation) [File non firmato]
U3 vhf; C: \ WINDOWS \ System32 \ drivers \ vhf.sys [32256 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 VMBusHID; C: \ WINDOWS \ System32 \ drivers \ VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 vmgid; C: \ WINDOWS \ System32 \ drivers \ vmgid.sys [10240 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 vwifibus; C: \ WINDOWS \ System32 \ drivers \ vwifibus.sys [26624 2016-07-16] (Microsoft Corporation) [Dosya imzalanmadı]
U1 vwififlt; C: \ WINDOWS \ System32 \ drivers \ vwififlt.sys [73216 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 vwifimp; C: \ WINDOWS \ System32 \ drivers \ vwifimp.sys [40448 2017-04-27] (Microsoft Corporation) [File non firmato]
U3 WacomPen; C: \ WINDOWS \ System32 \ drivers \ wacompen.sys [30208 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 wanarp; C: \ WINDOWS \ System32 \ DRIVERS \ wanarp.sys [79872 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 wanarpv6; C: \ WINDOWS \ System32 \ DRIVERS \ wanarp.sys [79872 2016-07-16] (Microsoft Corporation) [File non firmato]
U2 wcnfs; C: \ WINDOWS \ system32 \ drivers \ wcnfs.sys [66560 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WdBoot; C: \ WINDOWS \ system32 \ drivers \ WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
U3 WdFilter; C: \ WINDOWS \ system32 \ drivers \ WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
U3 wdiwifi; C: \ WINDOWS \ System32 \ DRIVERS \ wdiwifi.sys [719872 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 WdNisDrv; C: \ WINDOWS \ System32 \ Drivers \ WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 WINUSB; C: \ WINDOWS \ System32 \ drivers \ WinUSB.SYS [89088 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WirelessKeyboardFilter; C: \ WINDOWS \ System32 \ drivers \ WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
U3 WmiAcpi; C: \ WINDOWS \ System32 \ drivers \ wmiacpi.sys [18432 2016-07-16] (Microsoft Corporation) [File non firmato]
U4 ws2ifyl; C: \ WINDOWS \ system32 \ drivers \ ws2ifsl.sys [22528 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WsAudio_Device (1); C: \ WINDOWS \ system32 \ drivers \ VirtualAudio1.sys [31080 2016-05-16] (Wondershare)
U3 WSDPrintDevice; C: \ WINDOWS \ System32 \ drivers \ WSDPrint.sys [22528 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WudfPf; C: \ WINDOWS \ System32 \ drivers \ WudfPf.sys [99328 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WUDFRd; C: \ WINDOWS \ System32 \ drivers \ WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WUDFWpdFs; C: \ WINDOWS \ system32 \ DRIVERS \ WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File non firmato]
U3 WUDFWpdMtp; C: \ WINDOWS \ system32 \ DRIVERS \ WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File non firmato]
Xboxgip U3; C: \ WINDOWS \ System32 \ drivers \ xboxgip.sys [258560 2017-03-14] (Microsoft Corporation) [File non firmato]
U3 xinputhid; C: \ WINDOWS \ System32 \ drivers \ xinputhid.sys [43520 2016-09-20] (Microsoft Corporation) [Dosya imzalanmadı]
U3 iaLPSSi_GPIO; \ SystemRoot \ System32 \ drivers \ iaLPSSi_GPIO.sys [X]
U3aLPSSi_I2C; \ SystemRoot \ System32 \ drivers \ iaLPSSi_I2C.sys [X]
U0 iaStorAV; System32 \ drivers \ iaStorAV.sys [X]
U0 iaStorV; System32 \ drivers \ iaStorV.sys [X]

==================== NetSvcs (White List) ==================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).


==================== File e cartelle creati in un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

17/09/2017 15:57 - 17/09/2017 16:00 - 000065016 _____ C: \ Users \ songe_000 \ Downloads \ FRST.txt
17/09/2017 15:54 - 17/09/2017 15:54 - 000000000 ____D C: \ Users \ songe_000 \ Downloads \ FRST-OlderVersion
17/09/2017 15:54 - 17/09/2017 15:54 - 000000000 ____D C: \ FRST
17/09/2017 15:53 ​​- 17/09/2017 15:54 - 002399744 _____ (Farbar) C: \ Users \ songe_000 \ Downloads \ FRST64.exe
15/09/2017 16:53 - 15/09/2017 16:56 - 000741009 _____ C: \ Users \ songe_000 \ Downloads \ Contact List 2017 Final.pdf
12/09/2017 01:33 - 12/09/2017 01:33 - 000000000 ___HD C: \ $ WINDOWS. ~ BT
12/09/2017 01:06 - 12/09/2017 01:06 - 000067293 _____ C: \ Users \ songe_000 \ Documents \ GraceLloyd.pdf
12/09/2017 00:15 - 12/09/2017 00:20 - 000026703 _____ C: \ Users \ songe_000 \ Downloads \ Grace Transcript (1) .xlsx
12/09/2017 00:14 - 12/09/2017 01:26 - 000066365 _____ C: \ Users \ songe_000 \ Documents \ KaeleyEagle.pdf
12/09/2017 00:14 - 12/09/2017 00:19 - 000026703 _____ C: \ Users \ songe_000 \ Downloads \ Grace Transcript.xlsx
30-08-2017 22:42 - 03-08-2017 23:31 - 001564512 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ appraiser.dll
30-08-2017 22:42 - 03-08-2017 23:31 - 001214816 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ aeinv.dll
30-08-2017 22:42 - 03-08-2017 23:31 - 000629088 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ generaltel.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000544096 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ devinv.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000335712 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ dcntel.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000334176 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ invagent.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000233824 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ aepic.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000136032 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ acmigration.dll
30-08-2017 22:42 - 03-08-2017 23:31 - 000096608 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ CompatTelRunner.exe
30-08-2017 22:42 - 03-08-2017 23:31 - 000034656 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ DeviceCensus.exe
30/08/2017 22:42 - 03/08/2017 22:26 - 000192864 _____ (Microsoft Corporation) C: \ WINDOWS \ SysWOW64 \ aepic.dll
29-08-2017 12:07 - 29-08-2017 12:07 - 000063458 _____ C: \ Users \ songe_000 \ Documents \ JacksonSeidler.pdf
29-08-2017 12:00 - 29-08-2017 12:00 - 003816483 _____ C: \ Users \ songe_000 \ Files \ Jackson Seidler Notebook 2016-2017.pdf
28-08-2017 23:41 - 28-08-2017 23:41 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ iCloud
28-08-2017 23:39 - 28-08-2017 23:39 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ iTunes
28/08/2017 23:38 - 28/08/2017 23:39 - 000000000 ____D C: \ Programmi \ iPod
26/08/2017 20:35 - 26/08/2017 20:35 - 000026849 _____ C: \ Users \ songe_000 \ Downloads \ customPage41005 (3) .xlsx
25-08-2017 11:17 - 25-08-2017 11:18 - 001616527 _____ C: \ Users \ songe_000 \ Downloads \ att.pdf
24-08-2017 12:09 - 24-08-2017 12:09 - 000561602 _____ C: \ Users \ songe_000 \ Downloads \ Homeschool-Attendance-Record-2017-2018 (1) .pdf
20/08/2017 21:58 - 20/08/2017 21:58 - 000042834 _____ C: \ Users \ songe_000 \ Downloads \ 000151149 (1) .pdf
20/08/2017 21:57 - 20/08/2017 21:58 - 000042834 _____ C: \ Users \ songe_000 \ Downloads \ 000151149.pdf

==================== File e cartelle modificati per un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

17/09/2017 16:00 - 16/03/2017 23:12 - 001474832 _____ C: \ WINDOWS \ system32 \ Drivers \ sfi.dat
17/09/2017 15:55 - 16/03/2017 23:52 - 000077470 _____ C: \ WINDOWS \ system32 \ Drivers \ fvstore.dat
17/09/2017 15:41 - 20/09/2016 15:17 - 000000000 ____D C: \ WINDOWS \ system32 \ SleepStudy
2017-09-17 02:53 - 2016-07-16 05:36 - 000000000 ____D C: \ WINDOWS \ CbsTemp
17/09/2017 02:53 - 25/10/2014 19:59 - 000000000 ____D C: \ WINDOWS \ system32 \ MRT
2017-09-17 02:34 - 2016-07-16 05:47 - 000000000 ___HD C: \ Programmi \ WindowsApps
2017-09-17 02:34 - 2016-07-16 05:47 - 000000000 ____D C: \ WINDOWS \ AppReadiness
2017-09-17 02:26 - 2014-10-25 19:59 - 138202976 ____C (Microsoft Corporation) C: \ WINDOWS \ system32 \ MRT.exe
16/09/2017 21:10 - 09/02/2016 16:32 - 000066078 _____ C: \ Users \ songe_000 \ Documents \ JustinSonger.pdf
16/09/2017 20:50 - 16/07/2016 05:47 - 000000000 ____D C: \ ProgramData \ regid.1991-06.com.microsoft
16/09/2017 20:41 - 31/07/2014 04:31 - 000000000 ____D C: \ Programmi (x86) \ Microsoft Office
16/09/2017 20:08 - 22/10/2014 23:43 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify
16/09/2017 20:08 - 22/10/2014 22:01 - 000000000 __RDO C: \ Users \ songe_000 \ OneDrive
16/09/2017 20:06 - 22/10/2014 23:43 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Local \ Spotify
16/09/2017 20:03 - 20/09/2016 15:20 - 000000180 _____ C: \ WINDOWS \ system32 \ {A6D608F0-0BDE-491A-97AE-5C4B05D86E01} .bat
16/09/2017 20:03 - 22/10/2014 21:58 - 000000000 __SHD C: \ Users \ songe_000 \ IntelGraphicsProfiles
16/09/2017 20:02 - 20/09/2016 18:54 - 000000006 ____H C: \ WINDOWS \ Tasks \ SA.DAT
2017-09-14 18:45 - 2017-07-19 17:48 - 000003366 _____ C: \ WINDOWS \ System32 \ Tasks \ OneDrive Independent Update Task-S-1-5-21-634217685-3676121620-3412417090-1001
14/09/2017 18:45 - 30/11/2015 02:22 - 000002415 _____ C: \ Users \ songe_000 \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ OneDrive.lnk
14/09/2017 18:42 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ SysWOW64 \ Macromed
14/09/2017 18:42 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ system32 \ Macromed
12/09/2017 01:55 - 20/09/2016 15:25 - 000000000 ____D C: \ Users \ songe_000
12/09/2017 01:33 - 20/09/2016 17:15 - 000000000 ___DC C: \ WINDOWS \ Panther
10/09/2017 14:28 - 16/07/2016 00:04 - 000786432 _____ C: \ WINDOWS \ system32 \ config \ BBI
10/09/2017 13:14 - 16/07/2016 05:45 - 000000000 ____D C: \ WINDOWS \ INF
10/09/2017 13:08 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ LiveKernelRaporları
08/09/2017 19:48 - 16/03/2017 23:12 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programmi \ COMODO
08/09/2017 19:48 - 22/10/2014 23:07 - 000000000 ____D C: \ ProgramData \ Comodo
08/09/2017 16:35 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ system32 \ valuation
07/09/2017 10:44 - 30/11/2015 01:41 - 001445410 _____ C: \ WINDOWS \ system32 \ PerfStringBackup.INI
06/09/2017 18:29 - 09/06/2015 18:43 - 000002457 _____ C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Acrobat Reader DC.lnk
05/09/2017 13:01 - 16/07/2016 05:49 - 000835576 _____ (Adobe Systems Incorporated) C: \ WINDOWS \ SysWOW64 \ FlashPlayerApp.exe
05/09/2017 13:01 - 16/07/2016 05:49 - 000177656 _____ (Adobe Systems Incorporated) C: \ WINDOWS \ SysWOW64 \ FlashPlayerCPLApp.cpl
28/08/2017 23:53 - 21/11/2015 23:02 - 000064724 _____ C: \ Users \ songe_000 \ Documents \ KaitlynCarlson.pdf
28/08/2017 23:39 - 24/06/2017 12:23 - 000000000 ____D C: \ Programmi \ iTunes
28/08/2017 22:59 - 28/12/2016 00:20 - 000051808 _____ (COMODO) C: \ WINDOWS \ system32 \ cmdcsr.dll
28/08/2017 22:59 - 28/12/2016 00:19 - 000939144 _____ (COMODO) C: \ WINDOWS \ system32 \ guard64.dll
28/08/2017 22:59 - 28/12/2016 00:19 - 000731344 _____ (COMODO) C: \ WINDOWS \ SysWOW64 \ guard32.dll
28/08/2017 22:57 - 28/12/2016 00:17 - 000457408 _____ (COMODO) C: \ WINDOWS \ system32 \ cmdvrt64.dll
28/08/2017 22:55 - 28/12/2016 00:15 - 000363712 _____ (COMODO) C: \ WINDOWS \ SysWOW64 \ cmdvrt32.dll
28/08/2017 20:59 - 05/02/2017 18:39 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ LocalLow \ Mozilla
28/08/2017 16:57 - 27/11/2016 21:58 - 000544424 ____N (Microsoft Corporation) C: \ WINDOWS \ system32 \ MpSigStub.exe
28/08/2017 16:57 - 22/10/2014 22:11 - 000002276 _____ C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Google Chrome.lnk
28/08/2017 16:57 - 22/10/2014 22:11 - 000002264 _____ C: \ Users \ Public \ Desktop \ Google Chrome.lnk
28/08/2017 16:57 - 22/10/2014 22:11 - 000002264 _____ C: \ ProgramData \ Desktop \ Google Chrome.lnk
28/08/2017 16:52 - 11/05/2016 16:55 - 000000668 _____ C: \ WINDOWS \ Tasks \ G2MUploadTask-S-1-5-21-634217685-3676121620-3412417090-1001.job
28/08/2017 16:52 - 11/05/2016 16:55 - 000000572 _____ C: \ WINDOWS \ Tasks \ G2MUpdateTask-S-1-5-21-634217685-3676121620-3412417090-1001.job
28/08/2017 16:52 - 09/11/2014 14:57 - 000000000 ____D C: \ Programmi \ SUPERAntiSpyware
28/08/2017 09:39 - 09/02/2016 22:06 - 000064246 _____ C: \ Users \ songe_000 \ Documents \ DoranLee.pdf
28/08/2017 09:20 - 13/07/2017 23:44 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Local \ GoToMeeting
25/08/2017 11:33 - 22/10/2014 21:58 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Local \ Packages

==================== File nella radice di alcune directory =======

14/03/2017 13:58 - 14/03/2017 13:58 - 000000098 _____ () C: \ ProgramData \ Microsoft.SqlServer.Compact.351.64.bc

Alcuni file in TEMP:
====================
30/03/2017 23:58 - 14/07/2017 18:52 - 004113960 _____ (COMODO) C: \ Users \ songe_000 \ AppData \ Local \ Temp \ if_installer.exe

==================== Bamital e volsnap ====================

(Non esiste una correzione automatica per i file che non superano la convalida.)

C: \ WINDOWS \ system32 \ winlogon.exe
[09/05/2017 20:25] - [27/04/2017 17:39] - 000673792 _____ (Microsoft Corporation) B2151FE002A8D3F41E2DF935F260E3A8

C: \ WINDOWS \ system32 \ wininit.exe => File con firma digitale
C: \ WINDOWS \ explorer.exe => File con firma digitale
C: \ WINDOWS \ SysWOW64 \ explorer.exe => File con firma digitale
C: \ WINDOWS \ system32 \ svchost.exe => File firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ svchost.exe => File firmato digitalmente
C: \ WINDOWS \ system32 \ services.exe => File firmato digitalmente
C: \ WINDOWS \ system32 \ User32.dll => Il file è firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ User32.dll => File firmato digitalmente
C: \ WINDOWS \ system32 \ userinit.exe
[2016-07-16 05:42] - [2016-07-16 05:42] - 000033280 _____ (Microsoft Corporation) C1B1FFC800BE2F31EB2CF8CB40629C69

C: \ WINDOWS \ SysWOW64 \ userinit.exe
[2016-07-16 05:42] - [2016-07-16 05:42] - 000027648 _____ (Microsoft Corporation) FA900E6CCCF0A429D5B720C6F0E2274B

C: \ WINDOWS \ system32 \ Rpcss.dll
[2017-05-09 20:03] - [2017-04-27 17:41] - 000890368 _____ (Microsoft Corporation) 4A7015195E49A3BA7DB967B277B21E9D

C: \ WINDOWS \ system32 \ dnsapi.dll => Il file è firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ dnsapi.dll => File firmato digitalmente
C: \ WINDOWS \ system32 \ Drivers \ volsnap.sys => File firmato digitalmente

SonKaynak: 08/09/2017 17:04

==================== FRST.txt sonu ========================= = ==

[mom26gr8kids]

Ek metin
Risultato della scansione aggiuntiva di Farbar Recovery Scan Tool (x64) Versione: 17-09-2017 01
Gestito da Songe_000 (17-09-2017 16:03:34)
Download da C: \ Users \ songe_000 \ Downloads
Windows 10 Home versione 1607 (X64) (21/09/2016 02:13:46)
Modalità di avvio: normale
==========================================================


==================== Account: ============================ =


==================== Centro sicurezza PC ========================

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa.)


==================== Programmi installati ======================

(Solo i programmi adware con il flag "Nascosto" possono essere aggiunti all'elenco delle correzioni per mostrarli. I programmi adware devono essere rimossi manualmente.)

abDocs (HKLM-x32 \ ... \ (CA4FE8B0-298C-4E5D-A486-F33B126D6A0A)) (Versione: 1.10.2001 - Acer Incorporated)
abDocs Office Add-in (HKLM-x32 \ ... \ (DCBF3379-246B-47E1-8173-639B63940838)) (Versione: 3.02.2001 - Acer Incorporated)
Ableton Live 9 Lite (HKLM-x32 \ ... \ {81C44E70-0F73-4BE5-B646-3C4F54C4F32A}) (Sürüm: 9.0.0.0 - Ableton)
Ableton Live 9 Trial Version (HKLM-x32 \ ... \ (300E84D8-F6D1-4B58-906F-7E41F34E6D42)) (Versione: 9.0.0.0 - Ableton)
abMusic (HKLM-x32 \ ... \ {E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Sürüm: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32 \ ... \ {B5AD89F2-03D3-4206-8487-018298007DD0}) (Sürüm: 3.08.2003.3 - Acer Incorporated)
Acer Explorer Agent (HKLM \ ... \ {4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Sürüm: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM \ ... \ {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Sürüm: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32 \ ... \ (A5AD0B17-F34D-49BE-A157-C8B3D52ACD13)) (Versione: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM \ ... \ (91F52DE4-B789-42B0-9311-A349F10E5479)) (Versione: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM \ ... \ (C1FA525F-D701-4B31-9D32-504FC0CF0B98)) (Versione: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM \ ... \ (07F2005A-8CAC-4A4B-83A2-DA98A722CA61)) (Versione: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM \ ... \ (13885028-098C-4799-9B71-27DAC96502D5)) (Versione: 1.02.2003 - Acer Incorporated)
Acer Display Grasp (HKLM-x32 \ ... \ (84443E5D-0767-438B-B1C8-6A52FAB2101B)) (Versione: 1.02.3002 - Acer Incorporated)
Acer Touch Tools (HKLM \ ... \ {BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Sürüm: 1.01.3001 - Acer Incorporated)
Componente aggiuntivo Monitor dell'applicazione Programma di miglioramento dell'esperienza utente Acer (HKLM \ ... \ (978724F6-1863-4DD5-9E66-FB77F5AB5613)) (Versione: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM \ ... \ (12A718F2-2357-4D41-9E1F-18583A4745F7)) (Versione: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32 \ ... \ (B6846F20-4821-11E3-8F96-0800200C9A66)) (Versione: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32 \ ... \ {AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Sürüm: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32 \ ... \ Adobe Flash Player NPAPI) (Sürüm: 27.0.0.130 - Adobe Systems Incorporated)
Aimersoft DRM Media Converter (Build 1.6.0.0) (HKLM-x32 \ ... \ Aimersoft DRM Media Converter_is1) (Versione: - Aimersoft Software)
Alice Greenfingers 2 (HKLM-x32 \ ... \ BFG-Alice Greenfingers 2) (Sürüm: -)
Aloha TriPeaks (HKLM-x32 \ ... \ WTA-a0c80ba3-d5c9-49c0-8d1e-2df82fa89bd3) (Versione: 2.2.0.98 - WildTangent) Nascosto
Amazon Music (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Amazon Amazon Music) (Versione: 5.4.2.1801 - Amazon Services LLC)
AOP Framework (HKLM-x32 \ ... \ (4A37A114-702F-4055-A4B6-16571D4A5353)) (Versione: 3.22.2001.0 - Acer Incorporated)
Supporto per applicazioni Apple (32 bit) (HKLM-x32 \ ... \ (D2FE6376-E549-4F63-A2C5-CA24DA035DE4)) (Versione: 5.6 - Apple Inc.)
Supporto per applicazioni Apple (64 bit) (HKLM \ ... \ (BB109E24-EE90-485B-A28B-ADDEFB40540B)) (Versione: 5.6 - Apple Inc.)
Supporto per dispositivi mobili Apple (HKLM \ ... \ (0A596141-97D5-45FA-9281-98DFAF48D579)) (Versione: 10.3.2.3 - Apple Inc.)
Aggiornamento software Apple (HKLM-x32 \ ... \ (52D87F32-70E4-4348-8148-C0B9F35B1314)) (Versione: 2.3.0.177 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32 \ ... \ BFGC) (Versione: 3.3.0.2 -)
Bonjour (HKLM \ ... \ (56DDDFB8-7F79-4480-89D5-25E1F52AB28F)) (Versione: 3.1.0.1 - Apple Inc.)
Build-lot 2: Town of the Year (HKLM-x32 \ ... \ BFG-Yap-lot 2 - Town of the Year) (Versione: -)
Citrix Online Launcher (HKLM-x32 \ ... \ (09DA5EE2-7E46-4DC4-96F9-BFEE50D40659)) (Versione: 1.0.408 - Citrix)
COMODO Internet Security Premium (HKLM \ ... \ {67DA4459-33A8-4E69-9C7B-FB5CBADA60AB}) (Sürüm: 10.0.1.6294 - COMODO Security Solutions Inc.) Gizli
COMODO Internet Security Premium (HKLM \ ... \ COMODO Internet Security) (Sürüm: 10.0.1.6294 - COMODO Security Solutions Inc.)
Corn Cradle Collector's Edition (HKLM-x32 \ ... \ WTA-66cb0f17-50fb-49ff-8924-bad585a1895e) (Versione: 2.2.0.110 - WildTangent) Nascosto
CyberLink PhotoDirector 3 (HKLM-x32 \ ... \ InstallShield_ {39337565-330E-4ab6-A9AE-AC81E0720B10}) (Sürüm: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32 \ ... \ InstallShield_ {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Sürüm: 10.0.0.3721 - CyberLink Corp.)
Doro 1.94 (HKLM-x32 \ ... \ Doro_is1) (Versione: -CompSoft)
Fishdom 3 (HKLM-x32 \ ... \ BFG-Fishdom 3) (Sürüm: -)
Google Chrome (HKLM-x32 \ ... \ Google Chrome) (Sürüm: 60.0.3112.113 - Google Inc.)
Google Update Assistant (HKLM-x32 \ ... \ (60EC980A-BDA2-4CB6-A427-B07A5498B4CA)) (Versione: 1.3.33.5 - Google Inc.) Riservato
Assistente aggiornamento Google (HKLM-x32 \ ... \ (A92DAB39-4E2C-4304-9AB6-BC44E68B55E2)) (Versione: 1.3.25.11 - Google Inc.) Nascosto
GoToMeeting 8.10.0.7495 (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ GoToMeeting) (Sürüm: 8.10.0.7495 - LogMeIn, Inc.)
Governor of Poker 2 Premium Edition (HKLM-x32 \ ... \ WTA-068bedf7-38fc-4849-bcd3-6ca159b577c0) (Sürüm: 2.2.0.110 - WildTangent) Gizli
HP FWUpdateEDO2 (HKLM-x32 \ ... \ (415FA9AD-DA10-4ABE-97B6-5051D4795C90)) (Versione: 1.2.0.0 - Hewlett-Packard)
Firmware di base HP Officejet 6700 (HKLM \ ... \ {A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (versione: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32 \ ... \ (FC3C2B77-6800-48C6-A15D-9D1031130C16)) (Versione: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32 \ ... \ (912D30CF-F39E-4B31-AD9A-123C6B794EE2)) (Versione: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32 \ ... \ (B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D)) (Versione: 1.00.0001 - Microsoft) Riservato
IRIS. OCR (HKLM-x32 \ ... \ {CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Sürüm: 12.3.4.0 - HP)
iCloud (HKLM \ ... \ (5B1A59DA-D1EC-4C3A-A996-DF011A0A9668)) (Versione: 6.2.2.39 - Apple Inc.)
Carta d'identità (HKLM-x32 \ ... \ (3D9CB654-99AD-4301-89C6-0D12A790767C)) (Versione: 2.00.8101 - Acer Incorporated)
Intel (R) Management Engine Components (HKLM-x32 \ ... \ (65153EA5-8B6E-43B6-857B-C6E4FC25798A)) (Versione: 9.5.23.1766 - Intel Corporation)
Grafica del processore Intel (R) (HKLM-x32 \ ... \ (F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA)) (Versione: 10.18.10.3496 - Intel Corporation)
Intel (R) Serial IO (HKLM \ ... \ (9FD91C5C-44AE-4D9D-85BE-AE52816B0294)) (Versione: 1.1.165.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32 \ ... \ ComodoIse) (Sürüm: 1.2.424651.94 - Comodo)
iTunes (HKLM \ ... \ {F0C7385A-9D20-45F3-8101-05D383885180}) (Sürüm: 12.6.1.25 - Apple Inc.)
Jojo Fashion Show: World Tour (HKLM-x32 \ ... \ BFG-Jojo Fashion Show - World Tour) (Versione: -)
Live Updater (HKLM-x32 \ ... \ (EE26E302-876A-48D9-9058-3129E5B99999)) (Versione: 2.00.8100 - Acer Incorporated)
Locklizard Protection - PDF Viewer (HKLM-x32 \ ... \ Locklizard Protection - PDF Viewer_sf) (Versione: 2.6.41 - Locklizard Ltd.)
Luxor Evolved (HKLM-x32 \ ... \ WTA-3cb536ee-0c52-4c62-96d1-745290a647db) (Sürüm: 2.2.0.98 - WildTangent) Gizli
Magic Academy (HKLM-x32 \ ... \ WTA-1ae77067-327d-44ce-8e91-ed114ced669a) (Versione: 2.2.0.98 - WildTangent) Riservato
Malwarebytes Anti-Malware sürüm 2.2.1.1043 (HKLM-x32 \ ... \ Malwarebytes Anti-Malware_is1) (Sürüm: 2.2.1.1043 - Malwarebytes)
Centro gestione Mouse e Tastiere Microsoft (HKLM \ ... \ Centro Mouse e Tastiere Microsoft) (Versione: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-tr (HKLM \ ... \ O365HomePremRetail - en-tr) (Versione: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ OneDriveSetup.exe) (Versione: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (HKLM-x32 \ ... \ (837b34e3-7c30-493c-8f6a-2b0f04e2912c)) (Versione: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.17 (HKLM \ ... \ (8220EEFE-38CD-377E-8595-13398D740ACE)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32 \ ... \ (9A25302D-30C0-39D9-BD6F-21E6EC160475)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32 \ ... \ (1F1C2DFC-2D24-3E06-BCB8-725134ADF989)) (Versione: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable - 10.0.40219 (HKLM \ ... \ (1D8E6291-B0D5-35EC-8441-6616F567A0F7)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32 \ ... \ (F0C3E5D1-1ADE-321E-8167-68EF0DE699A5)) (Versione: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 tr-ABD) (HKLM-x32 \ ... \ Mozilla Firefox 54.0.1 (x86 tr-ABD)) (Sürüm: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32 \ ... \ MozillaMaintenanceService) (Versione: 54.0.1.6388 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32 \ ... \ {551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Sürüm: 12.5.01200 - Nero AG)
NoteBurner M4V Converter 4.0.2 (HKLM-x32 \ ... \ NoteBurner M4V Converter_is1) (Sürüm: - NoteBurner Inc.)
Componente di estensibilità a portata di clic di Office 16 (HKLM-x32 \ ... \ (90160000-008C-0000-0000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Record a 64 bit del componente di estensibilità a portata di clic di Office 16 (HKLM \ ... \ (90160000-00DD-0000-1000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Componente licenza a portata di clic di Office 16 (HKLM \ ... \ (90160000-008F-0000-1000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Componente di localizzazione a portata di clic di Office 16 (HKLM-x32 \ ... \ (90160000-008C-0409-0000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Peggle Nights (HKLM-x32 \ ... \ WTA-b8cce2f1-44d8-43e4-a1cd-08dd51375bc1) (Versione: 2.2.0.98 - WildTangent) Nascosto
Plants and Zombies - Gioco dell'anno (HKLM-x32 \ ... \ WTA-98f57e61-1788-4aad-8a81-305491c5a4cf) (Versione: 2.2.0.98 - WildTangent) Segreto
Prerequisiti programma di installazione (HKLM-x32 \ ... \ (3AAB08A3-F129-4BD5-B409-AE674F93759D)) (Versione: 12.0.0003 - Nero AG) Nascosto
Qualcomm Atheros Bluetooth Suite (64) (HKLM \ ... \ {A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Sürüm: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installer (HKLM-x32 \ ... \ (28006915-2739-4EBE-B5E8-49B25D32EB33)) (Versione: 12.29 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32 \ ... \ {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Sürüm: 7.78.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32 \ ... \ (5BC2B5AB-80DE-4E83-B8CF-426902051D0A)) (Versione: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Driver del controller Ethernet Realtek (HKLM-x32 \ ... \ (8833FFB6-5B0C-4764-81AA-06DFEED9A476)) (Versione: 8.25.108.2014 - Realtek)
Driver audio ad alta definizione Realtek (HKLM-x32 \ ... \ (F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versione: 6.0.1.7203 - Realtek Semiconductor Corp.)
RogueKiller versione 12.9.9.0 (HKLM \ ... \ 8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Versione: 12.9.9.0 - Adlice Software)
Shop-N-Spree: Family Fortune (HKLM-x32 \ ... \ BFG-Shop-N-Spree Family Fortune) (Versione: -)
Solubile (HKLM \ ... \ (AD78441D-E016-4119-A0AE-9ECB763B6A3D)) (Versione: 1.3.1500.2 - Risolvi)
Spotify (HKLM-x32 \ ... \ Spotify) (Siero: 0.9.6.81.gd359a796 - Spotify AB)
SUPERAntiSpyware (HKLM \ ... \ (CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA)) (Versione: 6.0.1158 - SUPERAntiSpyware.com)
Arazzo con stampa digitale anno 2 di grazia (HKLM-x32 \ ... \ Arazzo con stampa digitale anno 2 di grazia) (Versione: 2016.0325 - Pressa per candelabro)
Tapestry Year 3 (HKLM-x32 \ ... \ Tapestry Year 3) (Versione: 2016.0325 - Lampstand Press)
Tapestry Year 4 (HKLM-x32 \ ... \ Tapestry Year 4) (Versione: 2016.0328 - Lampstand Press)
Emerland Solitaire Logs (HKLM-x32 \ ... \ WTA-59102d9c-31c7-4943-bf3b-0e338ee507d7) (Versione: 3.0.2.32 - WildTangent) Nascosto
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 10 (HKLM-x32 \ ... \ ST6UNST # 10) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 11 (HKLM-x32 \ ... \ ST6UNST # 11) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 12 (HKLM-x32 \ ... \ ST6UNST # 12) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 3 (HKLM-x32 \ ... \ ST6UNST # 3) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 4 (HKLM-x32 \ ... \ ST6UNST # 4) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 5 (HKLM-x32 \ ... \ ST6UNST # 5) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 6 (HKLM-x32 \ ... \ ST6UNST # 6) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 7 (HKLM-x32 \ ... \ ST6UNST # 7) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 8 (HKLM-x32 \ ... \ ST6UNST # 8) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 9 (HKLM-x32 \ ... \ ST6UNST # 9) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) (HKLM-x32 \ ... \ ST6UNST # 2) (Versione: -)
TranscriptPro for Umbrella Schools (HKLM-x32 \ ... \ ST6UNST # 1) (Versione: -)
Trinklit Supreme (HKLM-x32 \ ... \ WTA-021203c5-41b1-47d6-8e5e-24191ded62f1) (Versione: 2.2.0.98 - WildTangent) Nascosto
Unity Web Player (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ UnityWebPlayer) (Sürüm: 4.5.5f1 - Unity Technologies ApS)
Programma di installazione aggiornamento per l'app WildTangent Games (HKLM-x32 \ ... \ (2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2) .WildTangent Games App) (Versione: - WildTangent) Nascosto
WildTangent Games (HKLM-x32 \ ... \ WildTangent wildgames Master Removal) (Versione: 1.0.4.0 - WildTangent)
App WildTangent Games (HKLM-x32 \ ... \ (70B446D1-E03B-4ab0-9B3C-0832142C9AA8) .WildTangent Games App-acer) (Versione: 4.0.10.20 - WildTangent) Nascosto
Impostazioni di aggiornamento e privacy di Windows 10 (HKLM \ ... \ (4DFCD818-036A-4229-A67D-CF17DC461D92)) (Versione: 1.0.14.0 - Microsoft Corporation)

==================== CLSID personalizzato (White List): ======================= = ==

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

ÖzelCLSID: HKU \ S-1-5-21-634217685-3676121620-3412417090-1001_Classes \ CLSID \ {84B5A313-CD5D-4904-8BA2-AFDC81C1B309} \ InprocServer32 -> C: \ Kullanıcıcı \ songee00 \ 48 Local \ G2MOutlookAddin64.dll (Citrix Systems, Inc. 'in bir bölümü olan Citrix Online)
ShellIconOverlayIdentifiers: [ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated )
ShellIconOverlayIdentifiers-x32: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated )
ShellIconOverlayIdentifiers-x32: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated )
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cavshell.dll [2017-08-28] (COMODO)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C: \ Program Files \ Common Files \ Apple \ Internet Services \ ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cavshell.dll [2017-08-28] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C: \ Program Dosyaları (x86) \ Malwarebytes Anti-Malware \ mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nessun file
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C: \ WINDOWS \ system32 \ igfxDTCM.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C: \ WINDOWS \ system32 \ igfxOSP.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cavshell.dll [2017-08-28] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C: \ Program Dosyaları (x86) \ Malwarebytes Anti-Malware \ mbamext.dll [2016-03-10] (Malwarebytes)

==================== Attività pianificate (Whitelist) =============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Görev: {031368AD-69FA-42F5-9836-00FC1C7A6873} - System32 \ Tasks \ Power Management => C: \ Program Dosyaları \ Acer \ Acer Power Management \ ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Görev: {036CC33F-9545-4394-9159-58C1BDED1546} - System32 \ Tasks \ BacKGroundAgent => C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ BackgroundAgent.exe [2016-09-20] (Acer Incorporated)
Görev: {08FB1CFF-406B-4377-9C10-0364DEFA1615} - System32 \ Tasks \ GoogleUpdateTaskMachineCore => C: \ Program Dosyaları (x86) \ Google \ Update \ GoogleUpdate.exe [2015-08-30] (Google Inc.)
Attività: {0D6B97AC-F2D2-4B8F-AB58-80CAC6B358AF} - System32 \ Tasks \ G2MUpdateTask-S-1-5-21-634217685-3676121620-3412417090-1001 => C: \ Users \ songe_000 \ App \ CitData \ Local \ CitData GoToMeeting \ 5573 \ g2mupdate.exe [18/09/2016] (Citrix Online, una divisione di Citrix Systems, Inc.)
Görev: {0EE31A40-E7F5-4430-9CF1-4F70BF3FFC88} - System32 \ Tasks \ Recovery Management \ Notification => C: \ Program Dosyaları \ Acer \ Acer Recovery Management \ Notification \ Notification.exe [2014-03-18] (Acer Anonim)
Attività: {16E0EE90-DC55-4921-99FD-69262DB1C64A} - System32 \ Tasks \ ALU => C: \ Programmi (x86) \ Acer \ Live Updater \ updater.exe [2013-07-08] ()
Görev: {1BA8203E-D888-4C65-87EC-ECDC370FE4C7} - System32 \ Tasks \ Prelauncher => C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ InputTask.exe [2013-12-19] (Acer Incorporated)
Attività: {1C73E622-8FD6-4270-B5CF-4102D8871ADF} - System32 \ Tasks \ Apple \ AppleSoftwareUpdate => C: \ Program Files (x86) \ Apple Software Update \ SoftwareUpdate.exe [2017-02-14] (Apple Inc. )
Attività: {1CEFCF95-37A5-4291-9AC6-4E6FCCF21D9C} - System32 \ Tasks \ abDocsDllLoader => C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoaderMonitor.exe [2016-08-15] ()
Attività: {1FD632AE-52AF-4024-B8A6-3BF3BC89FD46} - System32 \ Tasks \ Quick Access Quick Launcher => C: \ Program Files \ Acer \ Acer Quick Access \ QALauncher.exe [2014-03-21] (Acer Incorporate)
Attività: {267662B5-1367-4E02-9FC6-99CD0B27701E} - System32 \ Tasks \ UbtFrameworkService => C: \ Program Files \ Acer \ User Experience Improvement Program \ Framework \ TriggerFramework.exe [2014-01-25] (TODO: < Şirket adı>)
Görev: {2E83424C-07B1-4CCF-A360-627134EE6F72} - System32 \ Tasks \ GoogleUpdateTaskMachineUA => C: \ Program Dosyaları (x86) \ Google \ Update \ GoogleUpdate.exe [2015-08-30] (Google Inc.)
Görev: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32 \ Tasks \ Microsoft \ Windows \ Workplace Join \ Automatic-Workplace-Join => C: \ WINDOWS \ System32 \ AutoWorkplace.exe
Attività: {3546FB58-3758-4717-9B11-3E15CF872BA5} - System32 \ Tasks \ Microsoft_MKC_Logon_Task_itype.exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ itype.exe [2015-07-21] (Microsoft Corporation)
Görev: {36B9251B-FEA5-419D-977E-0EA4F839545B} - System32 \ Tasks \ Microsoft \ Office \ OfficeBackgroundTaskHandlerRegistration => C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ Office16 \ officebackgroundtaskhandler.exe [2017-09-15 ] ()
Görev: {3B68FC16-40AF-4A9F-BB31-4339A32D20DD} - System32 \ Tasks \ CreateExplorerShellUnelevatedTask => C: \ WINDOWS \ explorer.exe / NOUACCHECK
Attività: {475470D8-E6D8-4501-9B94-AD2F3077BA98} - System32 \ Tasks \ COMODO \ COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C: \ Program Files \ COMODO \ COMfcon c. exe (28/08/2017) (COMODO)
Attività: {4D9A1146-9D5C-4B0D-9FCD-06BD35763CBB} - System32 \ Tasks \ COMODO \ COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C: \ Program Files \ COMODO \ COMODp.exe Internet Security \ c [28/08/2017] (COMODO)
Görev: {555A5627-076E-40FC-8957-D0FECA9D6473} - System32 \ Tasks \ Microsoft \ Windows \ RemovalTools \ MRT_HB => C: \ WINDOWS \ system32 \ MRT.exe [2017 Corporation)
Görev: {56F5CB9E-9FFD-4AC7-9CC5-52A809E8A239} - System32 \ Tasks \ Screen Grasp GestureDetection => C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ GestureDetection.exe [2013-12-19] (Acer Incorporated )
Görev: {575997F7-92DC-4DF0-B93A-8B443BA4BA4C} - System32 \ Tasks \ ALUAgent => C: \ Program Dosyaları (x86) \ Acer \ Live Updater \ liveupdater_agent.exe [2013-01-22] ()
Görev: {5C73D677-93C1-4193-AEC4-C4A920B0BB9B} - System32 \ Tasks \ {31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cistray.exe [2017-08 -28] (COMODO)
Attività: (5DE19AE0-A353-4BEB-A50D-83D2898D0D47} - System32 \ Tasks \ OneDrive Independent Update Task => C: \ Users \ songe_000 \ AppData \ Local \ Microsoft \ OneDrive \ 17.3.6517.0809 \ OneDriveStandaloneUpdater.exe
Görev: {65CB0CBC-62D9-46E8-AC63-0E1828D6EE45} - System32 \ Tasks \ Launch Manager => C: \ Program Dosyaları \ Acer \ Acer Launch Manager \ LMLauncher.exe [2014-03-17] (Acer Incorporate)
Attività: {6940B4D4-539C-4B45-A9EE-54B4DA9C94B9} - System32 \ Tasks \ Microsoft_MKC_Logon_Task_ipoint.exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ ipoint.exe [2015-07-21] (Microsoft Corporation)
Attività: {78D748B5-11E1-4D10-8558-6156ABB6A2EF} - System32 \ Tasks \ COMODO \ COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C: \ Program Files \ COMODO \ COMODO Internet Security \ cfconf.exe [28/08/2017] (COMODO)
Attività: {7C799672-89F0-48FE-A7DC-A297D3138ED9} - System32 \ Tasks \ Microsoft \ Office \ Office Subscription Maintenance => C: \ Program Files (x86) \ Microsoft Office \ root \ vfs \ ProgramFilesCommonx86 \ Microsoft Shared \ Office16 \ OLicenseHeartbeat.exe [15/09/2017] (Microsoft Corporation)
Görev: {7DB3C51D-D6F0-4E26-8ECF-96AA4CCC4620} - System32 \ Tasks \ prelauncher_First => C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ InputTask.exe [2013-12-19] (Acer Incorporated)
Görev: {82327D8E-CE75-415E-82FC-6E8D6690898E} - System32 \ Tasks \ Adobe Flash Player Güncelleyici => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashPlayerUpdateService.exe [2017-09-14] (Adobe Systems Incorporated)
Attività: {9062A850-12C3-4B78-A7DB-D427C0C60BF2} - System32 \ Tasks \ Microsoft_Hardware_Launch_ipoint_exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ ipoint.exe [2015-07-21] (Microsoft Corporation)
Attività: {90CA2CA8-84FB-4D37-A3A9-214BFD9DE150} - Aggiornamenti automatici System32 \ Tasks \ Microsoft \ Office \ Office => C: \ Program Files \ Common Files \ Microsoft Shared \ ClickToRun \ OfficeC2RClient.exe [2017-09-08 ] (Azienda Microsoft)
Attività: {9876CF94-3A85-4133-AD1A-8B3CF2130063} - System32 \ Tasks \ Launch Screen Grasp_First => C: \ Program Files (x86) \ Acer \ Screen Grasp \ Launch Screen Grasp.exe [2013-12-19] ( Acer Incorporated)
Attività: {9EA36F30-FFFE-41AC-B3AB-EB24FE697E7E} - System32 \ Tasks \ Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ mousekeyboardcenter.exe [2015-07-21] (Microsoft)
Attività: {B580204D-33E3-49C4-8293-31890B0C45A8} - System32 \ Tasks \ G2MUploadTask-S-1-5-21-634217685-3676121620-3412417090-1001 => C: \ Users \ songe_000 \ AppData \ Local \ Citrix Go \ 5573 \ g2mupload.exe [18/09/2016] (Citrix Online, una divisione di Citrix Systems, Inc.)
Attività: {C1CFA249-4E02-41A9-8FA5-F7389F095C90} - System32 \ Tasks \ COMODO \ COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C: \ Programmi \ COMODO \ COMray c Internet.exe Security 28/08/2017) (COMODO)
Attività: {C2BA6F5F-9916-4677-A62B-57CADF6CEC06} - System32 \ Tasks \ COMODO \ COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C: \ Programmi \ COMODO \ COMODOg.exe Internet Security [2017 -08-28) (COMODO)
Attività: {C7C30F43-94AF-4101-BA90-E6E7A4A132F4} - System32 \ Tasks \ Quick Access => C: \ Program Files \ Acer \ Acer Quick Access \ QALauncher.exe [2014-03-21] (Acer Incorporate)
Attività: {C9E84E55-7241-4BEC-B7E3-8D0E123A207B} - System32 \ Tasks \ Microsoft \ Office \ Office ClickToRun Service Monitor => C: \ Program Files \ Common Files \ Microsoft Shared \ ClickToRun \ OfficeC2RClient.exe [2017-09- 08) (Microsoft Corporation)
Attività: {D8E0E458-1F44-4E78-B1BF-AFF9AEB4786F} - System32 \ Tasks \ Adobe Acrobat Update Task => C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe [2017-07- 19) (Adobe Systems Incorporated)
Attività: {D980A4CB-AA1C-4A00-BD09-85C5066B5BB0} - System32 \ Tasks \ Microsoft_Hardware_Launch_itype_exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ itype.exe [2015-07-21] (Microsoft Corporation)
Görev: {DAF6F28D-397E-4D0C-AD0B-31F5D75362D1} - System32 \ Tasks \ COMODO \ COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C: \ Program Dosyaları \ COMODO \ COMODOpg -28] (COMODO)
Attività: {DFC1478C-747E-4EAD-94AB-66815E81BAA2} - System32 \ Tasks \ AcerCloud => C: \ Program Files (x86) \ Acer \ Acer Portal \ AcerPortal.exe [2016-09-20] (Acer)
Görev: {FB487CC6-A508-4614-B10E-067760D50382} - System32 \ Tasks \ Microsoft \ Office \ OfficeBackgroundTaskHandlerLogon => C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ Office16 \ officebackgroundtaskhandler.exe [2017-09-15 ] ()

(Se viene aggiunta una voce all'elenco delle correzioni, il file dell'attività (.job) verrà spostato. Il file eseguito dall'attività non verrà spostato.)

Attività: C: \ WINDOWS \ Tasks \ G2MUpdateTask-S-1-5-21-634217685-3676121620-3412417090-1001.job => C: \ Users \ songe_000 \ AppData \ Local \ GoToMeeting \ 7495 \ g2mupdate.exe
Attività: C: \ WINDOWS \ Tasks \ G2MUploadTask-S-1-5-21-634217685-3676121620-3412417090-1001.job => C: \ Users \ songe_000 \ AppData \ Local \ GoToMeeting \ 7495 \ g2mupload.exe

==================== Scorciatoie e WMI ========================

(Le voci possono essere elencate per il ripristino o la rimozione.)


==================== Moduli installati (whitelist) ==============

2016-07-16 05:42 - 2016-07-16 05:42 - 000231424 _____ () C: \ WINDOWS \ SYSTEM32 \ ism32k.dll
07/07/2017 18:00 - 03/06/2017 04:01 - 002681200 _____ () C: \ WINDOWS \ system32 \ CoreUIComponents.dll
26/11/2014 23:53 - 26/06/2014 20:10 - 000595456 _____ () C: \ Programmi (x86) \ DoroPDFWriter \ Doro.dll
05-10-2016 18:17 - 05-10-2016 18:17 - 000092472 _____ () C: \ Programmi \ File comuni \ Apple \ Apple Application Support \ zlib1.dll
13/07/2017 20:50 - 13/07/2017 20:50 - 001354040 _____ () C: \ Programmi \ File comuni \ Apple \ Supporto applicazioni Apple \ libxml2.dll
31/07/2014 04:27 - 24/04/2012 04:43 - 000254512 ____N () C: \ Programmi (x86) \ CyberLink \ File condivisi \ RichVideo.exe
18/12/2013 17:02 - 18/12/2013 17:02 - 000124480 _____ () C: \ Programmi \ Soluto \ PCGDllExportInspector.dll
18/12/2013 17:02 - 18/12/2013 17:02 - 000054848 ____R () C: \ Programmi \ Soluto \ PCGDeviceScanLib.dll
30/09/2015 21:39 - 29/11/2015 22:32 - 000415128 _____ () C: \ WINDOWS \ system32 \ igfxTray.exe
31/07/2014 04:34 - 03/01/2014 15:13 - 000111872 _____ () C: \ Programmi (x86) \ Acer \ clear.fi plugin \ Clearfishellext_x64.dll
28/12/2016 00:16 - 28/08/2017 22:56 - 000244928 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdcomps.dll
28/12/2016 00:17 - 28/08/2017 22:57 - 000156352 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdwrhlp.dll
28/08/2017 23:34 - 09/05/2017 03:05 - 000092472 _____ () C: \ Programmi \ iTunes \ zlib1.dll
28/08/2017 23:34 - 09/05/2017 03:05 - 001354040 _____ () C: \ Programmi \ iTunes \ libxml2.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 001769312 _____ () C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoaderMonitor.exe
2016-10-24 09:24 - 2017-09-16 16:37 - 008929480 _____ () C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ VFS \ ProgramFilesX64 \ Microsoft Office \ Office16 \ 1033 \ GrooveIntlResource.dll
20/09/2016 17:11 - 20/09/2016 17:11 - 000134656 _____ () C: \ Windows \ ShellExperiences \ Windows.UI.Shell.SharedUtilities.dll
14/03/2017 23:50 - 14/03/2017 23:50 - 000474112 _____ () C: \ Windows \ ShellExperiences \ QuickActions.dll
14/03/2017 23:51 - 14/03/2017 23:51 - 009760768 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ CortanaApi.dll
14/03/2017 23:51 - 14/03/2017 23:51 - 001401856 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ Cortana.Core.dll
14/03/2017 23:51 - 14/03/2017 23:51 - 000757248 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ CSGSuggestLib.dll
07/07/2017 18:00 - 03/06/2017 02:47 - 001033216 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ Cortana.Actions.dll
07/07/2017 18:00 - 03/06/2017 02:47 - 002424320 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ Cortana.BackgroundTask.dll
07/07/2017 18:00 - 03/06/2017 02:51 - 004853760 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ RemindersUI.dll
28/12/2016 00:16 - 28/08/2017 22:55 - 000107200 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ cavwpps.dll
10-04-2017 17:01 - 10-04-2017 17:01 - 001695440 _____ () C: \ Program Dosyaları \ WindowsApps \ Microsoft.Office.OneNote_17.8568.57561.0_x64__8wekyb3d8bbwe \ Microsoft.Applications.Telemetry.Windows.dll
28/08/2017 16:57 - 23/08/2017 02:48 - 003824472 _____ () C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ 60.0.3112.113 \ libglesv2.dll
28/08/2017 16:57 - 23/08/2017 02:48 - 000100184 _____ () C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ 60.0.3112.113 \ libegl.dll
16/03/2016 10:25 - 20/07/2017 09:03 - 000073920 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ scanners \ smart.cav
13/07/2017 20:51 - 13/07/2017 20:51 - 001041720 _____ () C: \ Programmi (x86) \ File comuni \ Apple \ Supporto applicazioni Apple \ libxml2.dll
13/07/2017 20:50 - 13/07/2017 20:50 - 000189752 _____ () C: \ Programmi (x86) \ File comuni \ Apple \ Supporto applicazioni Apple \ libxslt.dll
05-10-2016 18:18 - 05-10-2016 18:18 - 000080184 _____ () C: \ Programmi (x86) \ Common Files \ Apple \ Apple Application Support \ zlib1.dll
23/09/2015 16:42 - 21/12/2016 14:22 - 051777648 _____ () C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ libcef.dll
28/10/2016 21:18 - 21/12/2016 14:22 - 000110192 _____ () C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ SpotifyWinRT.dll
2016-08-15 18:03 - 2016-08-15 18:03 - 000202456 _____ () C: \ Programmi (x86) \ Acer \ abPhoto \ curllib.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 000654000 _____ () C: \ Programmi (x86) \ Acer \ abPhoto \ sqlite3.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 000641240 _____ () C: \ Programmi (x86) \ Acer \ abPhoto \ tag.dll
2016-08-15 18:04 - 2016-08-15 18:04 - 000119000 _____ () C: \ Programmi (x86) \ Acer \ abPhoto \ OpenLDAP.dll
20/09/2016 20:48 - 20/09/2016 20:48 - 000015064 _____ () C: \ WINDOWS \ assembly \ GAC_MSIL \ MyService \ 1.0.0.1__2dfa3f50f0bed57d \ MyService.dll
2016-08-30 15:09 - 2016-08-30 15:09 - 000013016 _____ () C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ ServiceInterface.dll
2016-08-30 15:05 - 2016-08-30 15:05 - 000277856 _____ () C: \ Programmi (x86) \ Acer \ AOP Framework \ libcurl.dll
09/09/2016 10:51 - 09/09/2016 10:51 - 000202456 _____ () C: \ Programmi (x86) \ Acer \ Acer Portal \ curllib.dll
09/09/2016 10:51 - 09/09/2016 10:51 - 000119000 _____ () C: \ Programmi (x86) \ Acer \ Acer Portal \ OpenLDAP.dll
23/09/2015 16:42 - 21/12/2016 14:22 - 001803888 _____ () C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ libglesv2.dll
23/09/2015 16:42 - 21/12/2016 14:22 - 000086128 _____ () C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ libegl.dll
31/07/2014 04:06 - 09/12/2013 17:27 - 001242584 _____ () C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ ACE.dll

[mom26gr8kids]

==================== Flussi di dati alternativi (whitelist) =========

(Se viene aggiunta una voce all'elenco delle correzioni, verrà rimosso solo l'ADS.)

AlternateDataStreams: C: \ WINDOWS \ regedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ splwow64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ accountaccessor.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ aclui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ACPBackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActionCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActionCenterCPL.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActivationManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActiveSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ adsmsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ aitstatic.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-convert-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-environment-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-dosya sistemi-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-heap-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-locale-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-math-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-multibyte-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-private-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-process-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-runtime-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-stdio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-string-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-time-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-utility-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppCapture.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ appinfo.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ApplicationFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppointmentApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppXApplicabilityBlob.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioEng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AUDIOKSE.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioSes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioSrvPolicyManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AuthHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ autoplay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BackgroundMediaPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ basecsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcastdvr.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BcastDVRHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcdedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcrypt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdesvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdeui.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdeunlock.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BingMaps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BitLockerDeviceEncryption.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ biwinrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BluetoothDesktopHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BootMenuUX.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bootux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BrowserSettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BthRadioMedia.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CbtBackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdd.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpreference.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpusersvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cemapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ certprop.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CfgSPCellular.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ chartv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ChatApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ci.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ClipUp.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CloudBackupSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CloudStorageWizard.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ clusapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cmifw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cmintegrator.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ coin97ip.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ coin99ip.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ comdlg32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ comsvcs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ConsoleLogon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ContactApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CredProvDataModel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ credprovs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ credprovslegacy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cryptngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CspCellularSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d10warp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d11.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ D3D12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d9.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dab.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DafPrintProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DataExchange.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DataSenseHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DavSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ daxexec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dbgeng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ddraw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ddrawex.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ devenum.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceEnroller.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DevicePairingFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceReactivation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dfp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DfpCommon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dhcpcore6.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dialserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ difx64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ scan.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Display.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dmenrollengine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DMRServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dns-sd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dnsapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dnsrslvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DolbyDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ domgmt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DPTopologyApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DPTopologyAppv2_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ drvstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dsreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dsregcmd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DuCsps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dui70.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dwmapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dxgi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DXP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EAMProgressHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ easwrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditBufferTestHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditionUpgradeHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditionUpgradeManagerObj.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EDPCleanup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ efsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EncDec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ energy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseAPNCsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseAppMgmtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseModernAppMgmtCSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ErrorDetailsUpdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ esent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ esentutl.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ evr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ExplorerFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ExSMime.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ facecredentialprovider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Family.Authentication.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ffbroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhcfg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhsettingsprovider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fontext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ FrameServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ FSClient.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveapibase.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fvenotify.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GamePanelExternalHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gameux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gdi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GdiPlus.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GEARAspi64.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GfxUIEx.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Gfxv2_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Gfxv4_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GlobCollationHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gpapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hal.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hevcdecoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hgcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hpinkcoi5C12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hpinkins5C12.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ HttpsDataSource.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hvloader.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hvloader.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icfupgd.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icm32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icsvcext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IdCtrls.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ igfxSDK.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ imapi2fs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ inetcomm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ InputLocaleManager.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ InputService.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IntelCpHDCPSvc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IntelWiDiUMS64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ internetmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IPHLPAPI.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iphlpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ipnathlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iprtrmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iscsiwmi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ JpMapControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ KnobsCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ KnobsCsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LaunchWinApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ListSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LockAppBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LockAppHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ lpremove.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ lsm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ main.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ manage-bde.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapConfiguration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapControlCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapGeocoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapRouter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapsBtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapsStore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MCCSEngineShared.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MDMAppInstaller.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mdmregistration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MediaFoundation.DefaultPerceptionProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfaudiocnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MFCaptureEngine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfds.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfksproxy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfmkvsrcsnk.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfnetsrc.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfplat.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MFPlay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfreadwrite.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfsensorgroup.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfsvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ microsoft-windows-system-events.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ migisol.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mmc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ modernexecserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ moshost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ moshostcore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MosStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mprapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mprdim.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MPSSVC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MrmCoreR.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSAC3ENC.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSAudDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mscandui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctfui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msdtcprx.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msdtcuiu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msftedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msinfo32.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msmpeg2vdec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mspaint.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSPhotography.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssitlb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssph.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssphtb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssvp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msutb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msvcp120.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVidCtl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVideoDSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msvproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVPXENC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msxml3.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MultiDigiMon.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ncsi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetCfgNotifyObjectHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netiohlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netiougc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netplwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nettrace.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkCollectionAgent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkDesktopSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkUXBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NfcRadioMedia.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ngccredprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NgcCtnr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NgcCtnrGidsHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nlasvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nltest.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NMAA.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NotificationController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NPSM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nshwfp.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ntshrui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ offlinesam.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ offreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ OnDemandConnRouteHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ OneDriveSettingSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pcasvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PCPTpm12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PhotoScreensaver.scr: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PimIndexMaintenance.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Pimstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pnidui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ policymanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ poqexec.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ powercfg.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PrintRenderAPIHost.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ profsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ provengine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ provops.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ProvPluginEng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ProvSysprep.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PsmServiceExtHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ puiapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pwrshplugin.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ qmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RADCUI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rasapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rascustom.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rasgcw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ReAgentc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RelPost.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ remoteaudioendpoint.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RemoteNaturalLanguage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ReportingCSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ reseteng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RjvMDMConfig.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RMapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rshx32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RTWorkQ.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ samsrv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ScDeviceEnum.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ schannel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ scksp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sdengin2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sdshext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Search.ProtocolHandler.MAPI2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchFilterHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchProtocolHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SecConfig.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sendmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sens.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SensorDataService.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SensorService.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SessEnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_Bluetooth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_Flights.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_StorageSense.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_WorkAccess.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ setupugc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SHCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ shdocvw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ skci.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ smphost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SndVolSSO.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SpeechPal.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ spoolsv.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppcext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppnp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppsvc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppwinob.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SRH.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SRHInproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sspicli.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ stobject.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ StorSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sud.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SyncCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ systemreset.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SystemSettings.UserAccountsHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SystemSettingsThresholdAdminFlowUI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Tabbtn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tabcal.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TabletPC.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ taskbarcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tbauth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TextInputFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ themecpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ timedate.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TokenBrokerCookies.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TpmCoreProvisioning.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TpmTasks.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TSpkg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ twinapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ twinui.pcshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tzautoupdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ubpm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ uDWM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIAnimation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIAutomationCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIRibbon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ umpoext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usbaaplrc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usbmon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ user32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UserDataService.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UserLanguagesCpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usoapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UtcResources.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VCardParser.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VEStoreEventHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vmrdvcore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vpnike.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VPNv2CSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vssapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wbiosrvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wcmsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wcnwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wc_storage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ webio.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ werconcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ weretw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ werui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wevtsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wfdprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wifinetworkmanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wifitask.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ win32k.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wincorlib.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Background.SystemEventsBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Store.TestingFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Cortana.Desktop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Cortana.OneCore.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Gaming.UI.GameBar.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Internal.UI.Logon.ProxyStub.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.BackgroundMediaPlayback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Playback.BackgroundMediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Playback.MediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Speech.UXRes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.HostName.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.Vpn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Security.Credentials.UI.UserConsentVerifier.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Shell.Search.UriHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.StateRepository.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Storage.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.BioFeedback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Core.TextInput.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.CredDialogController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Immersive.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Shell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winhttp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wininetlui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winload.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winload.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winresume.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winresume.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WinSCard.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wintrust.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wkssvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlanapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlancfg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WlanMediaManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlansec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlansvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlanui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlidprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WMPDMC.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpdxm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpeffects.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WMVDECOD.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WordBreakers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFolders.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkfoldersControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFoldersGPExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFoldersShell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ workfolderssvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wow64.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Wpc.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcMon.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcRefreshTask.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcTok.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wpnprv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wpx.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ws2_32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wscinterop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wscsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wsecedit.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WSManHTTPConfig.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WsmSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WsmWmiPl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wu.upgrade.ps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wups.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WWanAPI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwanconn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwanmm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwansvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XblAuthManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XblGameSaveExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XboxNetApiSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XInputUap.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ zipfldr.dll: $ CmdTcID [64]

[mom26gr8kids]

AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ac3filter.ax: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ accountaccessor.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ aclui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActionCenterCPL.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActivationManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActiveSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ adsmsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-convert-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-environment-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-filesystem-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-heap-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-locale-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-math-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-multibyte-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-private-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-runtime-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-stdio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-string-l1-1-0.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-time-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-utility-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AppCapture.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AppointmentApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ appwiz.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AUDIOKSE.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AuthExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ autoplay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ azroleui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BackgroundMediaPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ basecsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BcastDVRHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ bcrypt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BingMaps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ biwinrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BrowserSettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cemapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ chartv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ChatApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ClipboardServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ CloudBackupSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ CloudStorageWizard.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ clusapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cmifw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comctl32.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comdlg32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comsvcs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ConfigureExpandedStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ContactApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ credprovs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ credprovslegacy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cryptngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cryptui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d2d1.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d10warp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d11.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ D3D12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d8.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d9.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DafPrintProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DataExchange.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DavSyncProvider.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dbgeng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ddraw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ddrawex.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ devenum.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dhcpcore6.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dns-sd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dnsapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DolbyDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ drvstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dtdump.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dwmapi.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dxgi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ EditBufferTestHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ efsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ErrorDetailsUpdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ esent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ esentutl.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ evr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ExplorerFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ findnetprinters.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ fontext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ FSClient.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GamePanelExternalHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gameux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gdi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GdiPlus.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GEARAspi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GlobCollationHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gpapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ hevcdecoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ hgcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ icm32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iconv.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ imapi2fs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ indexeddbserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ inetcomm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ InputLocaleManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ IPHLPAPI.DLL: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iprtrmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iscsiwmi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ JpMapControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LaunchWinApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LicenseManagerApi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LockAppBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LockAppHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ main.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapConfiguration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapControlCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapGeocoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapRouter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapsBtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MCCSEngineShared.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mdmregistration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfaudiocnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfds.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfksproxy.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfmkvsrcsnk.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfplat.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MFPlay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfreadwrite.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfsensorgroup.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfsvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ migisol.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mmc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MosStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mprapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mprdim.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MrmCoreR.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSAC3ENC.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mscandui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mscms.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctfui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msdtcuiu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msftedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msinfo32.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msmpeg2vdec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSPhotography.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssitlb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssph.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssphtb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssvp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msutb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVidCtl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVP9DEC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msvproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVPXENC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msxml3.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mtxclu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NetCfgNotifyObjectHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ netiohlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ netiougc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NetworkCollectionAgent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ngccredprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NMAA.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NPSM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ nshwfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ntshrui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ offlinesam.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ offreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ OneDriveSettingSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ OneDriveSetup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ PCPTpm12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ pdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ PhotoScreensaver.scr: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Pimstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ policymanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ poqexec.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ powercfg.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ProximityCommon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ puiapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ pwrshplugin.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rasapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rasgcw.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rdpencom.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ReAgentc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ regedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ remoteaudioendpoint.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ RemoteNaturalLanguage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ resutils.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ RTWorkQ.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ schannel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ scksp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Search.ProtocolHandler.MAPI2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchFilterHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchProtocolHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sendmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SessEnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SHCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ smphost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SndVolSSO.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sppcext.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sspicli.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ stobject.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sud.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ systemcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tbauth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TempSignedLicenseExchangeTask.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TextInputFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ themecpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TokenBrokerCookies.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TpmCoreProvisioning.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TSpkg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ twinapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIAnimation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIAutomationCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIRibbon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Unistore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ user32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UserDeviceRegistration.Ngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UserLanguagesCpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ VCardParser.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ vssapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wcnwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ webio.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ weretw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wfdprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ win32k.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wincorlib.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.ApplicationModel.Store.TestingFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Gaming.UI.GameBar.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Internal.UI.Logon.ProxyStub.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.BackgroundMediaPlayback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.BackgroundMediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.MediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Speech.UXRes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Security.Authentication.OnlineId.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Shell.Search.UriHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Speech.Pal.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.StateRepository.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Storage.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.BioFeedback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Core.TextInput.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Cred.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.CredDialogController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Immersive.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winhttp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wininetlui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WinSCard.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winspool.drv: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wintrust.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlanapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlancfg.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlanui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlidprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WMPDMC.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpdxm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpeffects.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpmde.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WMVSENCD.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WordBreakers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Wpc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WPDShServiceObj.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ws2_32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wscinterop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wsecedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WSManHTTPConfig.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WsmWmiPl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WWanAPI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ XInputUap.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ xolehlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ xvid.ax: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ zipfldr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ afd.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ahcache.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ bowser.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ capimg.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ Classpnp.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ clfs.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ cmimcext.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ crashdmp.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dam.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dfsc.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dxgmms2.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ fastfat.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ fvevol.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ FWPKCLNT.SYS: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ hidclass.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ http.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ hvsocket.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ iorate.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ IPMIDrv.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ kbdhid.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ks.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ MegaSas2i.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ modem.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ mrxdav.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb10.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb20.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ mskssrv.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ nwifi.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ partmgr.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ pci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ pdc.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ point64.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ssudbus.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ storahci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ stornvme.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ tcpipreg.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ tpm.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ usbaapl64.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ usbscan.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ VirtualAudio1.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ vmbkmcl.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ vmbkmclr.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ vpci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ wcifs.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ WdiWiFi.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ winhvr.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ xboxgip.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ ProgramData \ Temp: 2CB9631F [0]
AlternateDataStreams: C: \ ProgramData \ Temp: 7A2101AB [0]
AlternateDataStreams: C: \ ProgramData \ Temp: BAC2F271 [0]
AlternateDataStreams: C: \ ProgramData \ TempDEB08FD [0]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ 10566-halfadozenkids-tags (1) .pdf: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ 10566-halfadozenkids-tags.pdf: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ 2.-3. Piccolo gruppo-12 marzo. Fai: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ AdwCleaner.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ almedia-converter_full351.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ cispremium_installer.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ Install_Y2 (1) .exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ JRT.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup (1) .exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ mbam-setup-2.0.4.1028.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ mbar-1.08.3.1004.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter-plus.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ RS TEXAS Rsources.docx: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ setup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Kullanıcılar \ songe_000 \ Downloads \ Setup.X86.tr-US_O365HomePremRetail_0c7d5447-a8b2-4030-b6eb-1526a3c73fb2_TX_PR_.exe: $ CmdTcID [64]

==================== Modalità provvisoria (White List) ===================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. "AlternateShell" viene ripristinato.)


==================== Association (White List) ===============

(Se una voce viene aggiunta all'elenco delle correzioni, l'elemento del registro verrà ripristinato al valore predefinito o rimosso.)


==================== Internet Explorer è attendibile / limitato ===============

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa dal registro.)

Sito attendibile di IE: HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ sharepoint.com -> hxxps: //studentcccsedu-files.sharepoint.com

==================== Contenuto ospitato: =========================== ====

(Se necessario, la direttiva Hosts: può essere aggiunta all'elenco delle correzioni per reimpostare gli host.)

22/08/2013 07:25 - 22/08/2013 07:25 - 000000824 _____ C: \ WINDOWS \ system32 \ Drivers \ etc \ hosts


==================== Altre aree ============================

(Al momento non esiste una correzione automatica per questa sezione.)

HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Pannello di controllo \ Desktop \ Wallpaper -> C: \ Users \ songe_000 \ Images \ desktop wallpaper \ spring flowers flower-growth-1366x768-13141629. jpg
Server DNS: 192.168.0.1 - 205.171.2.25
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer => (SmartScreenEnabled: RequireAdmin)
mpsdrv => Il servizio firewall non è in esecuzione.
MpsSvc => Il servizio firewall non è in esecuzione.
bfe => Il servizio firewall non è in esecuzione.

==================== MSCONFIG / TASK MANAGER elementi disabilitati ==

[mom26gr8kids]

==================== Regole del firewall (autorizzate) ===============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Regole del firewall: [{00236EC4-B65A-40A4-A24F-F3E873934C15}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ WindowsUpnpMV.exe
Regole del firewall: [{2024B434-269F-4F96-8A9E-BC29D2116955}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ WindowsUpnpMV.exe
Regole del firewall: [{57AE1212-BECB-49B5-9031-5B746C6A1619}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ DMCDaemon.exe
Regole del firewall: [{D1A9301C-E3E4-434A-8082-E052D833D6D7}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ DMCDaemon.exe
Regole firewall: [{11BFEBD7-9DE0-4224-B213-631A3ACCDE70}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{ABA8D62E-80BA-4575-B8C1-5EE854EEE873}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{C2DF89AD-13A8-46C2-B844-4DCD20ADFA9F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{C126C04E-B406-446D-AE77-BB740DBCD0E0}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{3AB8CC6A-C717-46B7-B02F-04EC2D30F3D0}] => (Consenti) C: \ Programmi (x86) \ Acer \ AOP Framework \ acer \ ccd.exe
Regole del firewall: [{DEB2B719-34B1-4048-978D-DAD7C684F6CF}] => (Consenti) C: \ Programmi (x86) \ Acer \ AOP Framework \ acer \ ccd.exe
Regole firewall: [{6205C4D2-344D-4018-91EC-FAF3F248C18A}] => (Consenti) C: \ Programmi (x86) \ Nero \ Nero 12 \ Nero BackItUp \ BackItUp.exe
Regole firewall: [{A444437B-4F85-4F41-82F0-BC52DFE26483}] => (Consenti) C: \ Programmi (x86) \ Nero \ Nero 12 \ Nero BackItUp \ BackItUp.exe
Regole firewall: [{C4246184-B078-4136-AEC0-71242368BFE7}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [{AF759300-2CFA-4E92-AD98-B0387D63750E}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [{83EAA9C5-13AE-4379-8A7A-1A451DE149F1}] => (Consenti) C: \ Programmi (x86) \ CyberLink \ PowerDirector10 \ PDR10.EXE
Regole firewall: [(0CDEF45C-EBCE-40DD-A906-4D8A19357239}] => (Consenti) C: \ Program Files \ Soluto \ SolutoRemoteDirect.exe
Regole firewall: [{27BC92BA-C0DF-4F0A-B402-803DE4B8C650}] => (Consenti) C: \ Program Files \ Soluto \ Soluto.exe
Regole firewall: [{A86C510D-1FBE-4A07-B7D3-6688972260BF}] => (Consenti) C: \ Program Files \ Soluto \ SolutoCleanup.exe
Regole firewall: [{F06DBE26-DCDC-43DB-923B-84922C3D7501}] => (Consenti) C: \ Program Files \ Soluto \ SolutoConsole.exe
Regole firewall: [(0F557B47-74C5-41DD-A6DF-EC7019C28C0A}] => (Consenti) C: \ Program Files \ Soluto \ SolutoUpdateService.exe
Regole firewall: [{622F8DA1-E917-4525-82F4-95CE89573A91}] => (Consenti) C: \ Program Files \ Soluto \ SolutoService.exe
Regole firewall: [{8583C492-5FAC-4950-B27D-85673B8A59F1}] => (Consenti) C: \ Programmi (x86) \ Spotify \ spotify.exe
Regole firewall: [{C0A50D40-4FBC-4225-A75A-0F9FD9A3A385}] => (Consenti) C: \ Programmi (x86) \ Spotify \ spotify.exe
Regole del firewall: [(5B845775-762B-40A0-BB1D-F61FDF22BB8A}] => (Consenti) C: \ Programmi (x86) \ Spotify \ Data \ SpotifyWebHelper.exe
Regole firewall: [{34912F3A-F2D0-4438-9420-CC762555A183}] => (Consenti) C: \ Program Files (x86) \ Spotify \ Data \ SpotifyWebHelper.exe
Regole firewall: [{CEFCBC5D-294D-48FD-B250-9584842DE192}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{AB0F8975-BA91-45AA-8389-E538AF6033F3}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{79E8EE5B-0B90-4ED6-B332-9F3DFF41F7AF}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{E0F07D32-362A-42ED-97E1-2A1D3865FFDD}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{057DC14D-EFDB-4A07-A145-AA644A742B2D}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{3DD3649E-E7D5-4AED-9E4A-6833D37AFBD6}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{53C87CE3-47A8-4F93-B0BD-520F1A21B2B1}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{4BF74386-68AA-4104-ABA6-8F7D80142BB0}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{0861019B-875B-4A10-9D3B-213164B67BA9}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{C243A41F-FBA1-4674-84FE-ECFDD2CBA840}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{81AD1F53-D770-4C1D-BA7A-4F2DCBA344FA}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole del firewall: [{A8CC1775-D679-4C99-85EA-324560AA6292}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole firewall: [{CBE73F58-AB6C-4FF7-A5AA-CB1EE0114910}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{B2CB0BF9-8ABF-4098-896C-D1D77F1FB73A}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{8B489C99-EFED-4EA5-A3E4-669318A95753}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole del firewall: [{D47B7414-60D1-4252-931D-6DE0E3B83698}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole firewall: [{CA212984-C696-49A8-AE50-B087954C39EE}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole del firewall: [{A8573D83-3F62-4B63-8F72-25BC95DE1FE3}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole firewall: [{69446298-6357-443B-8251-DCABB696B4AB}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ Sdd.exe
Regole firewall: [(1D67F0DF-34D4-447D-9440-263584BA3932)] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ Sdd.exe
Regole del firewall: [{D9555367-7BFA-4AA6-982F-8B42357225FD}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ virtualdrive.exe
Regole del firewall: [{CBCD7F61-1B35-46F6-97EA-815F9F82BA58}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ virtualdrive.exe
Regole firewall: [{83B83E5C-AAB5-4A6C-97F9-5164F9ED193C}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole firewall: [{8AAED861-7B16-459D-8ED6-13A33C8600CF}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole firewall: [(1F685178-EA4D-4AA3-BBF8-C4C8E20932B5}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [(88E207CF-08D8-4A64-8C9A-0D51CF4F3333}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [{C6A1C400-85F1-4DC5-A059-AE2F3DF325DE}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [{F1DD69A2-519A-4BB1-9F12-F578B2F4AA42}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [{5B16D34A-BDE4-4761-B960-83F3A988E93E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{087C7601-8720-45BD-8447-AD5254C91DAC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{F64A059C-30FF-41AD-A425-189CE24C68F4}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{487A07D8-3374-4DFD-AC5B-753AF1596829}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{292AC2E5-5F18-4EAD-AC73-EC05D8D2695C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{0797C174-7686-488C-A944-2D4C77F4FC79}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{862EF299-342E-4255-98EC-89B02044CF19}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{DAB56AD2-B2EA-4BFB-8CCB-217F67022528}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{AAC31940-E5C7-468A-9E3F-65F4F9845731}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{C03B7854-7BAD-486C-A091-8C8C8997D418}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{4E897D40-E6AC-4B6E-BA94-1DAE00C4E192}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{B049E71A-59E5-42B7-AD7D-2F1F556BD488}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{6ED28BD2-A969-4B35-8E12-BB80B9605C17}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{6F633001-09A5-4859-8FA0-D6D5803D4DA5}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{A5F43AA4-DD7B-429A-9C28-5A4193D66627}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{42D6CA32-D9D2-41D9-B7CE-4F2FC9D9A83C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{318CECFA-D32D-48AB-8A81-CE985D8CE539}] => (Consenti) C: \ Programmi \ File comuni \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [(2BB3DBE6-91AB-46E8-AF0C-BF4A7B0CA04B}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole del firewall: [TCP Query User {5B522B84-DF1F-4CE2-B113-8C1F69F32FE5} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole del firewall: [Utente query UDP {D5F409BF-8A9F-47D0-802D-116B76665B69} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole firewall: [{D9ADAFBA-88C9-4225-BE10-12F894082EFA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{1ABA8D1C-3966-42E8-9FD7-438F94A46FA1}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{D3C689FC-2F31-43D7-BC1D-23548AC10842}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{646F6972-AA14-4723-8192-E52D82C4F992}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{1343D175-4BF6-4E90-90AB-E56BA1F2311C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [(99C2F080-43BB-4DF9-81E5-219381284ACE}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{1B3683A4-B449-4D6C-9252-72E7DA494F9E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{BAF9A487-642E-4D99-A217-EF9A8052C634}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{1624C5C2-8284-447E-8853-6712189171CC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{EC87B11F-1667-4B5F-BA70-4048A7E23BF8}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{814D7CDE-92D7-45B9-8016-26E503FEB4F2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{24DD4180-2FF4-4489-BECC-A0B75990A875}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{9AA4F94A-35B8-46DA-8F3C-D4D3CA2B97E6}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{3ED60866-5EE2-4382-A788-2648A03216E7}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{2AC5E4CE-DF7B-48F4-AB50-B0E882C3BD2D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{01E8A7C1-B69E-4D61-B528-95F1933452BF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [TCP Query User {5C24F2A6-8FB8-4736-A723-D9091A00F642} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole del firewall: [Utente query UDP {F3EBBBFF-1560-466C-991B-B6B05B6CDD37} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole firewall: [{43A9D858-8EB2-4D2C-B546-D9A8C65688BC}] => (Consenti) C: \ Users \ songe_000 \ AppData \ Local \ Microsoft \ SkyDrive \ SkyDrive.exe
Regole firewall: [(9C81E31D-1FB0-4BB3-9824-BD5F22CC185D}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ bin \ FaxApplications.exe
Regole firewall: [{F056919F-1BA2-40C4-A168-9935E4BB2796}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ bin \ DigitalWizards.exe
Regole firewall: [{1B6E200F-3865-4F73-BBD8-DEC53F29D2E3}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ bin \ SendAFax.exe
Regole firewall: [{98B2DFB3-C03F-4223-BE51-B86487471B09}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ DeviceSetup.exe
Regole firewall: [{138FFF1D-F20C-4F6A-86D9-1307290C51AD}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ HPNetworkCommunicator.exe
Regole firewall: [{DFCEACDA-092A-4A55-9942-549F974C3D65}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ HPNetworkCommunicatorCom.exe
Regole firewall: [{31741EF3-A886-45A4-B92A-4CF5E85C1670}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{678003C3-8AF4-4AB3-B4FC-93EBC73AE2C2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{C8098A4A-FD4B-4EA1-85EA-A2F49F0CA64A}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{B31AB466-2234-4560-B053-C049F02D302C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{F8993880-EC36-42EF-9B25-80ADAD21190D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{F4C2A124-642A-4F35-8FBF-A47FC3A87F11}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{7507D646-3A42-48AC-9AFF-82492AAD5A86}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{0C13D7C8-AF0F-4385-AA5D-BD2CA1E2FA91}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{D704FC1F-E959-4AA0-8E68-4026A5E9CBC2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{4A00C396-E7AA-4FAD-A457-08B98729E84F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{70ED23CC-346C-4872-AEF6-379805B432EC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{AB86E766-0963-44A5-8C40-26722B898A2A}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{2519A1DF-B16D-4C73-BC42-254711584A0E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{B59ECFBB-80F4-42E6-B9DF-E44F03F2A553}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{B8011E13-D5D2-4555-8605-4B1478491DB1}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{40C74F0B-5914-4B66-B921-060B7B04F9DD}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{4EF4DADA-E14F-4EE5-905B-AAD1F2E946BE}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{0383FCA1-B573-4107-81E6-C5289D3B30B8}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{C8B6E443-CE15-4E1B-A9BB-FBE5A40CA136}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{FFC80977-D188-4634-9A80-E942AFA506BF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{5689A824-1CDF-4C15-A3DD-E844711E7A04}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ DMCDaemon.exe
Regole firewall: [{D58E4BCB-4548-4680-BD8B-511FC992C02E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ DMCDaemon.exe
Regole del firewall: [{E86F153E-1082-4DF0-A826-22F276BA7A61}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ WindowsUpnp.exe
Regole del firewall: [{0A490A81-03F1-429D-BFAE-F890253976EB}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ WindowsUpnp.exe
Regole firewall: [{F90A2635-C6AE-4489-86E2-A6CEEC3EB240}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ DMCDaemon.exe
Regole firewall: [{83F4D3FF-0047-4F0E-95F6-7F059EBF6C23}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ DMCDaemon.exe
Regole firewall: [{A21E2346-4210-4911-A270-F994A7970F37}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ WindowsUpnp.exe
Regole firewall: [{202E60DA-C480-48FA-8BEE-9D749454ADFA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ WindowsUpnp.exe
Regole firewall: [{42EFD9D8-A1F5-4E06-BF93-EDD086F877BF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{B2D43925-0DB1-4E26-BA48-4FA49613FEC6}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{00812894-7509-42B8-80BA-90B1A5436DB4}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{50C116BE-F057-435A-AB21-2AAAA556FD90}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{502BD199-955F-40B5-B834-8751A00D075E}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole firewall: [{1A72FBB1-2786-417C-B83E-37F759C34E73}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [Utente query TCP {970CE1B8-1AD2-461B-AF8E-C33665CBEEE5} C: \ programmi (x86) \ mozilla firefox \ firefox.exe] => (Consenti) C: \ programmi (x86) \ mozilla firefox \ firefox.exe
Regole del firewall: [Utente query UDP {8F81D309-ED55-470A-9D8C-465E9F3DD7C1} C: \ programmi (x86) \ mozilla firefox \ firefox.exe] => (Consenti) C: \ file di programma (x86) \ mozilla firefox \ firefox.exe
Regole firewall: [{8C9111E4-07A7-4DAF-9098-BE8D8531E712}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{7C18D753-D319-40DB-88DF-FC30211EFE99}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{52B38A9A-D8E1-46FD-A5C1-2DED45F967ED}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{0A5D90D3-4F76-481B-81BE-3A291F5B0B4B}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{1FC0E619-31F8-428F-AD1A-930CC31C717F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{5717E7B9-B007-4D32-8AD8-1E2E19BFD452}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{06F41FA4-6B70-4D01-9E36-7C35D035D955}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{B69D2AA8-482F-4F43-90BF-298A5C6FB808}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{C6B1CE5F-0453-4F16-B4B7-BC8689D26F72}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{D87CA709-90E4-48BF-9F19-B220C41E2014}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{B653A0BE-8BE3-4045-A586-0D322D749C06}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{0046F486-9951-45ED-AEB5-922FDA7EBC97}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{1BA4D898-8827-4D69-A194-2D34845A922D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{F0A48ABC-ABC8-4A8C-99A3-72E673F17979}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{ABC073FC-B542-4D13-B674-C3BD30616FEF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{834784A6-B596-4244-A361-92BF06F7F38E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{60027485-8FB9-453D-ADD5-50165E3FB923}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{11BAD5E6-E6DD-462B-83E9-07787B02D14D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{79E280B7-CC71-4947-B446-A56CF06FF8B6}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{22BF4FE2-81AB-44F7-83B1-A4298744F4DC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{AD96EC36-0882-4125-8E38-86BA094E515D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{893EC21B-B9C3-43B4-9F6F-BB9AC9D30E17}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{C1082CBF-EEED-42D7-B1BF-AC353933445F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{1A4C59F0-9084-4B6E-BD77-C7ED087523B9}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [(4C0CEC6D-A1C1-4793-B02B-71549A0D12DA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{050B935D-809B-4699-87B2-C2522F3BE30E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{D57E921A-2B52-4030-873A-ED24230B865C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{C2925A1C-1A29-49CB-8809-DA8BAAC86911}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{1BACC9CB-EF38-47D7-B0B8-8E14E4D5C752}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{F9A050DB-DC5C-475F-8A1F-BE4A9F0A2CCA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{108F4A87-3C16-4038-80FB-69A54E83F113}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{16695FC9-695C-43E3-90AD-8634B496298C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{EF7E8372-6421-4F28-9BF8-4846F7D4ACBC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{EF253CD6-7D3E-4BFA-AEE1-7809108E9827}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{302E624F-1143-4E7F-9EB5-AB3ABA4788D2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{A2B33C06-38FB-4CAE-840E-20986BD50D95}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [Utente query TCP {FCAF4C16-D0DA-4F62-B702-7C460D5FE5CC} C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe] => (Blocca) C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe
Regole del firewall: [UDP Query User {B2CCB2C9-DAF0-4B4B-A71D-B8A362388FF7} C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe] => (Blocca) C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe
Regole del firewall: [{FD83F711-2701-4CA0-80D7-96FF5464703B}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [{FD620598-A759-44CA-9F40-3840505D211F}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole firewall: [{2AD03CDC-6E28-4FC5-AA47-DEF3236D1BF1}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [{5988247A-E212-4CA2-A798-E72008A3661F}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [{F726D270-20BF-4F90-A84B-87299766F45C}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [{D969EFD3-1DA9-4081-B160-E4EE6F6D9B16}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [Utente query TCP {5A1F0B58-0956-4365-8ABA-97AEF8041598} C: \ windows \ system32 \ settingsynchost.exe] => (Blocca) C: \ windows \ system32 \ settingsynchost.exe
Regole firewall: [Utente query UDP {832D7CE9-F140-4072-8A22-5517DAC1C879} C: \ windows \ system32 \ settingsynchost.exe] => (Blocca) C: \ windows \ system32 \ settingsynchost.exe
Regole firewall: [TCP Query User {0B520AD6-4A9C-4619-B0A6-AECFD6CE652E} C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe] => (Consenti) C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe
Regole del firewall: [Utente query UDP {B63B0D33-97C9-402C-9395-8BA9EBB66E26} C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe] => (Consenti) C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe
Regole firewall: [{35B83626-70B2-411E-8DCD-04A7B6921CA2}] => (Consenti) C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ outlook.exe
Regole del firewall: [{E75D9322-35DF-4C9A-9DB1-94C84FC49572}] => (Consenti) C: \ Programmi (x86) \ Google \ Chrome \ Application \ chrome.exe
Regole firewall: [{35E260E3-96CC-4439-80B7-0B0B46F1AFF4}] => (Consenti) C: \ Program Files \ iTunes \ iTunes.exe

==================== Punti di ripristino =========================

Impossibile elencare i punti di ripristino
Controllare il servizio "winmgmt" o riparare WMI.


==================== Dispositivi di gestione dispositivi difettosi =============

Non è stato possibile elencare i dispositivi. Controllare il servizio "winmgmt" o riparare WMI.


==================== Errori del registro eventi: =========================

Il servizio di registrazione eventi non è stato avviato, gli eventi non possono essere letti.

Si è verificato un errore di sistema 123.

La sintassi del nome file, della directory o dell'etichetta del volume non è corretta.


==================== Informazioni sulla memoria ===========================

Processore: CPU Intel (R) Core (TM) i5-4210U a 1,70 GHz
Percentuale di memoria utilizzata: 75%
RAM fisica totale: 4019,27 MB
RAM fisica disponibile: 973,28 MB
Totale virtuale: 7091,27 MB
Virtuale disponibile: 3092,34 MB

==================== Driver ============================= ===

Unità c: (Acer) (fisso) (totale: 448,4 GB) (gratuito: 237,85 GB) NTFS

==================== MBR e tabella delle divisioni ==================

========================================================
Disco: 0 (dimensione: 465,8 GB) (ID disco: CEE1CD6E)

Categoria: GPT.

==================== Addition End.txt ========================= = ==

[arma]

Si prega di seguire le regole seguenti:

• Leggi tutte le mie istruzioni con molta attenzione. I tuoi errori durante il processo di pulizia possono avere conseguenze molto gravi, come un computer non avviabile.
• Se sei bloccato o non sei sicuro di un passaggio specifico, chiedi sempre prima di fare qualsiasi altra cosa.
• Evita di applicare strumenti, correzioni o modifiche al tuo computer diversi da quelli che raccomando.
• Non eseguire mai più di una scansione alla volta.
• Continua ad aggiornarmi riguardo al tuo comportamento buono o cattivo del computer.
• Dopo che il processo di pulizia è iniziato, dovrebbe essere completato. Anche se il tuo computer sembra funzionare meglio, potrebbe essere infetto. Ti farò sicuramente sapere dopo che il computer sarà completamente pulito.
• Se lasci l'argomento nel mezzo di una pulizia senza spiegazione, potresti non essere idoneo per ulteriore assistenza sul forum per la rimozione del malware.
• Se non hai risposto entro 5 giorni, chiudo gli argomenti. Se hai bisogno di più tempo, fammelo sapere. Se ho chiuso il thread e devo riavviare, inviami un messaggio di PM.

========================================

Scarica RogueKiller Salvalo sul desktop utilizzando uno dei collegamenti seguenti:

Collegamento 1
Collegamento 2

• Chiudi tutti i programmi in esecuzione
• Fare doppio clic sul download setup.exe installa il programma.
• Clic Inizia scansione pulsante.
• Fare clic su un altro Inizia scansione pulsante.
• Attendi finché non viene visualizzata la casella di stato Scansione completata
• Clic Rimuovi i selezionati.
• Attendi finché non viene visualizzata la casella di stato Elimina completato.
• Clic Avviso Copia il contenuto del Blocco note e incollalo nella tua prossima risposta.
• RKreport.txt Può anche essere trovato sul tuo desktop.
• Se vengono generati più registri, salvare tutti i registri.

Si prega di scaricare Malwarebytes sul desktop.

• Doppio click Configurazione simile a MB3 per il consumatore {versione} .exe e segui le istruzioni per installare il programma.
• Quindi fare clic su finire.
• Dopo che il programma è stato completamente aggiornato, Scannerizza ora al di sopra di Pannello di controllo. O Scansione delle minacce -e scansione Menù.
• Se è disponibile un altro aggiornamento delle definizioni, verrà applicato prima del resto della procedura di screening.
• Quando la scansione è completa, tutte le minacce selezionato e fare clic Rimuovi i selezionati.
• Riavvia il tuo computer quando richiesto.
• Il registro della scansione è disponibile in Cronologia -> Registri dell'applicazione. Pubblica il contenuto nella tua prossima risposta.

Si prega di scaricare AdwCleaner Salva con xplode e salva sul desktop.

• Fare doppio clic su di esso AdwCleaner.exe per eseguire lo strumento.
  Visualizza/Windows 7/8 gli utenti fanno clic con il tasto destro e Eseguire come amministratore
• Lo strumento inizierà ad aggiornare il database, se necessario.
• Clic scansione pulsante.
• AdwCleaner inizierà ... sii paziente poiché il completamento della scansione potrebbe richiedere del tempo.
• Al termine della scansione File di registro pulsante.
• Si aprirà una finestra con l'elenco dei log delle tue scansioni.
• Clic Scheda Scansione.
• Fare doppio clic sulla scansione più recente che sarà in cima alla lista .... apparirà il registro.
• Rivedi i risultati ... vedi nota sotto
• Dopo aver esaminato il diario, Pulito pulsante.
• stampa OK Quando viene richiesto di chiudere tutti i programmi e seguire le istruzioni sullo schermo.
• stampa OK Ancora una volta per consentire ad AdwCleaner di riavviare il computer e completare la disinstallazione.
• Dopo aver riavviato un rapporto sul file di registro (AdwCleaner [CX] txt) si aprirà automaticamente ( X rappresenta il report più recente).
• Avvia AdwareClearer per aprire un registro di pulizia, File di registro Fare clic sul pulsante, quindi sulla scheda Pulizia e fare doppio clic sul registro nella parte superiore dell'elenco.
• Copia e incolla il contenuto di AdwCleaner [CX] .txt nella tua prossima risposta.
• Una copia di tutti i file di registro viene salvata nella cartella C: \ AdwCleaner.

-- NonIl contenuto del file di registro di AdwCleaner può creare confusione. Se il nome o la voce di un programma che conosci e conosci non verrà rimosso, non preoccuparti. Se vedi una voce che desideri mantenere, torna ad AdwCleaner Prima della pulizia... tutti gli elementi rilevati sono elencati (e contrassegnati) in ciascuna scheda. Fare clic e deselezionare gli elementi che si desidera conservare.

Si prega di scaricare Strumento di rimozione del software indesiderato sul desktop.

• Disattiva subito il software di protezione per evitare potenziali conflitti.
• Eseguire lo strumento facendo doppio clic su di esso. Se utilizzi Windows Vista o Seven, fai clic con il pulsante destro del mouse e scegli Esegui come amministratore.
• Lo strumento si apre e avvia la scansione del sistema.
• Si prega di pazientare poiché il completamento dell'operazione potrebbe richiedere del tempo a seconda delle specifiche del sistema.
• Una volta completato, un registro (JRT.txt) verrà salvato sul desktop e aperto automaticamente.
• Invia il contenuto JRT.txt al tuo prossimo post.

[mom26gr8kids]

Ci scusiamo per il ritardo, stiamo avendo dei problemi familiari con mia figlia. Ecco il rapporto di Rogue Killer. Pubblicherà oggi il resto dei diari.

RogueKiller V12.11.16.0 (x64) (18 settembre 2017) (gratuito) di Adlice Software
posta:
Risposta : https://forum.adlice.com
Sito web : http://www.adlice.com/download/roguekiller/
Blog: http://www.adlice.com

Sistema operativo: Windows 10 (10.0.14393) versione a 64 bit
Avvio: modalità normale
Utente: songe_000 [Admin]
Iniziato da: C: \ Programmi \ RogueKiller \ RogueKiller64.exe
Modalità: Elimina - Data: 21/09/2017 04:25:45 (Durata: 02:17:48)
Chiavi: -refid

¤¤¤ Processi: 0 ¤¤¤

¤¤¤ Registrazione: 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Software \ Microsoft \ Internet Explorer \ Main | Default_page_URL: http://acer13.msn.com/?pc=ACJB -> Sostituito (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Software \ Microsoft \ Internet Explorer \ Main | Default_page_URL: http://acer13.msn.com/?pc=ACJB -> Sostituito (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)

¤¤¤ Attività: 0 ¤¤¤

¤¤¤ File: 0 ¤¤¤

¤¤¤ WMI: 0 ¤¤¤

¤¤¤ File host: 0 ¤¤¤

¤¤¤ Antirootkit: 0 (Driver: installato) ¤¤¤

¤¤¤ Browser web: 0 ¤¤¤

¤¤¤ Controllo MBR: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000LPVX-22V0TT0 +++++
--- Utente ---
[MBR] 16fa9724b6154b3b8d320e9a2b22144b
[BSP] c9250c8a97be4eab352b593d4a764ee6: Null | VT. Codice MBR sconosciuto
Tabella delle partizioni:
0 - [SYSTEM] [MAN-MOUNT] Sezione dati di base | Offset (settori): 2048 | Dimensione: 600 MB
1 - [MAN-MOUNT] Partizione di sistema EFI | Offset (settori): 1230848 | Dimensione: 300 MB
2 - [MAN-MOUNT] Partizione riservata Microsoft | Offset (settori): 1845248 | Dimensione: 128 MB
3 - Sezione dati di base | Offset (settori): 2107392 | Dimensione: 459163 MB
4 - [SYSTEM] [MAN-MOUNT] Sezione dati di base | Offset (settori): 942473216 | Dimensioni: 16748 MB
Utente = LL1 ... OK
Utente = LL2 ... OK

[mom26gr8kids]

Diario Mbam

Malwarebytes
www.malwarebytes.com

-Dettagli del registro-
Data di scansione: 21.09.2017
Tempo di scansione: 08:06
File di registro: 185b7216-9ed6-11e7-bedd-f8a963dce7d1.json
Manager: Sì

-Informazioni sul software-
Versione: 3.2.2.2029
Versione componenti: 1.0.188
Aggiornamento della versione del pacchetto: 1.0.2855
Licenza: prova

-Informazioni sul sistema-
Sistema operativo: Windows 10 (Build 14393.1358)
Processore: x64
Sistema di file: NTFS
Utente: MOMSPC \ songe_000

-Riassunto della scansione-
Tipo di scansione: scansione delle minacce
Risultato: completo
Oggetti scansionati: 419317
Minacce rilevate: 0
(Nessun elemento dannoso rilevato)
Minacce in quarantena: 0
(Nessun elemento dannoso rilevato)
Tempo trascorso: 51 min, 31 sec

-Opzioni di scansione-
Memoria: attiva
Inizio: attivo
File system: abilitato
Archivi: abilitato
Rootkit: disabilitato
Scansione euristica: abilitata
PUP: Detect
CINQUE: Rileva

-Dettagli di scansione-
Transazione: 0
(Nessun elemento dannoso rilevato)

Modulo: 0
(Nessun elemento dannoso rilevato)

Chiave di registro: 0
(Nessun elemento dannoso rilevato)

Valore di registro: 0
(Nessun elemento dannoso rilevato)

Dati di registrazione: 0
(Nessun elemento dannoso rilevato)

Flusso di dati: 0
(Nessun elemento dannoso rilevato)

Cartella: 0
(Nessun elemento dannoso rilevato)

File: 0
(Nessun elemento dannoso rilevato)

Settore fisico: 0
(Nessun elemento dannoso rilevato)


(Loro sono)

[mom26gr8kids]

Detergente per adware
# AdwCleaner 7.0.2.1 - Creato giovedì 21 settembre 16:55:44 2017
# Aggiornato il 29/2/2017 da Malwarebytes
# In esecuzione in Windows 10 Home (X64)
# Modalità: pulita
# Supporto: https://www.malwarebytes.com/support

***** [ Servizi ] *****

Nessun servizio dannoso è stato eliminato.

***** [Cartelle] *****

Nessuna cartella dannosa è stata eliminata.

***** [Cartelle] *****

Nessun file dannoso è stato eliminato.

***** [VB] *****

Nessuna DLL dannosa è stata pulita.

***** [WMI] *****

Nessun WMI dannoso è stato pulito.

***** [Scorciatoie] *****

Non sono state eliminate scorciatoie dannose.

***** [ Compiti ] *****

Nessuna attività dannosa è stata eliminata.

***** [ Disco ] *****

Eliminato: [chiave] - HKLM \ SOFTWARE \ Classes \ Interface \ {7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}


***** [Firefox (e suoi derivati)] *****

La voce dannosa di Firefox non è stata eliminata.

***** [Chromium (e suoi derivati)] *****

La voce dannosa di Chromium non è stata eliminata.

*************************

:: Chiavi di monitoraggio eliminate
:: Impostazioni di Winsock eliminate
:: Azioni aggiuntive: 0



*************************

C: / AdwCleaner / AdwCleaner [S0] .txt - [1010 B] - [2017/9/21 16:53:38]


## EOF - C: \ AdwCleaner \ AdwCleaner [C0] .txt ##

[arma]

Riesegui Strumento di scansione di ripristino Farbar (FRST / FRST64) Hai corso proprio all'inizio di questo argomento.

• Fare doppio clic per eseguirlo.
• Assicurati di controllare Addition.txt Scatola.
• stampa scansione pulsante.
• Scan crea due diari, FRST.txt ve Addition.txt Lo strumento viene eseguito nella stessa directory. Si prega di copiarlo e incollarlo nella risposta.

[mom26gr8kids]

Lo strumento di rimozione della posta indesiderata dice che non è riuscito a verificare il punto di ripristino, la creazione del punto di ripristino ha riscontrato un errore, ma posso premere qualsiasi tasto per continuare. Devo continuare?

[mom26gr8kids]

Strumento di scansione di ripristino Farbar (x64) Risultato della scansione aggiuntivo Versione: 20-09-2017
Gestito da Songe_000 (21-09-2017 20:51:30)
Esegui da C: \ Users \ songe_000 \ Downloads
Windows 10 Home versione 1607 (X64) (21/09/2016 02:13:46)
Modalità di avvio: normale
==========================================================


==================== Account: ============================ =

Manager (S-1-5-21-634217685-3676121620-3412417090-500 - Manager - Disabilitato)
Account predefinito (S-1-5-21-634217685-3676121620-3412417090-503 - Limitato - Disabilitato)
Ospite (S-1-5-21-634217685-3676121620-3412417090-501 - Limitato - Disabilitato)
Gruppo HomeUtente $ (S-1-5-21-634217685-3676121620-3412417090-1003 - Limitato - Attivo)
songe_000 (S-1-5-21-634217685-3676121620-3412417090-1001 - Amministratore - Attivo) => C: \ Users \ songe_000

==================== Centro sicurezza PC ========================

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa.)

AV: Windows Defender (disabilitato - corrente) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (attivo - corrente) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (attivo - corrente) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Attivo - Corrente) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (attivo - corrente) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (disabilitato - corrente) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (abilitato) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Programmi installati ======================

(Solo i programmi adware con il flag "Nascosto" possono essere aggiunti all'elenco delle correzioni per mostrarli. I programmi adware devono essere rimossi manualmente.)

abDocs (HKLM-x32 \ ... \ (CA4FE8B0-298C-4E5D-A486-F33B126D6A0A)) (Versione: 1.10.2001 - Acer Incorporated)
abDocs Office Add-in (HKLM-x32 \ ... \ (DCBF3379-246B-47E1-8173-639B63940838)) (Versione: 3.02.2001 - Acer Incorporated)
Ableton Live 9 Lite (HKLM-x32 \ ... \ {81C44E70-0F73-4BE5-B646-3C4F54C4F32A}) (Sürüm: 9.0.0.0 - Ableton)
Ableton Live 9 Trial version (HKLM-x32 \ ... \ (300E84D8-F6D1-4B58-906F-7E41F34E6D42)) (Versione: 9.0.0.0 - Ableton)
abMusic (HKLM-x32 \ ... \ {E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Sürüm: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32 \ ... \ {B5AD89F2-03D3-4206-8487-018298007DD0}) (Sürüm: 3.08.2003.3 - Acer Incorporated)
Acer Explorer Agent (HKLM \ ... \ {4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Sürüm: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM \ ... \ {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Sürüm: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32 \ ... \ (A5AD0B17-F34D-49BE-A157-C8B3D52ACD13)) (Versione: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM \ ... \ (91F52DE4-B789-42B0-9311-A349F10E5479)) (Versione: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM \ ... \ (C1FA525F-D701-4B31-9D32-504FC0CF0B98)) (Versione: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM \ ... \ (07F2005A-8CAC-4A4B-83A2-DA98A722CA61)) (Versione: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM \ ... \ (13885028-098C-4799-9B71-27DAC96502D5)) (Versione: 1.02.2003 - Acer Incorporated)
Acer Display Grasp (HKLM-x32 \ ... \ (84443E5D-0767-438B-B1C8-6A52FAB2101B)) (Versione: 1.02.3002 - Acer Incorporated)
Acer Touch Tools (HKLM \ ... \ {BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Sürüm: 1.01.3001 - Acer Incorporated)
Componente aggiuntivo Monitor dell'applicazione Programma di miglioramento dell'esperienza utente Acer (HKLM \ ... \ (978724F6-1863-4DD5-9E66-FB77F5AB5613)) (Versione: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM \ ... \ (12A718F2-2357-4D41-9E1F-18583A4745F7)) (Versione: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32 \ ... \ (B6846F20-4821-11E3-8F96-0800200C9A66)) (Versione: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32 \ ... \ {AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Sürüm: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32 \ ... \ Adobe Flash Player NPAPI) (Sürüm: 27.0.0.130 - Adobe Systems Incorporated)
Aimersoft DRM Media Converter (Build 1.6.0.0) (HKLM-x32 \ ... \ Aimersoft DRM Media Converter_is1) (Versione: - Aimersoft Software)
Alice Greenfingers 2 (HKLM-x32 \ ... \ BFG-Alice Greenfingers 2) (Sürüm: -)
Aloha TriPeaks (HKLM-x32 \ ... \ WTA-a0c80ba3-d5c9-49c0-8d1e-2df82fa89bd3) (Versione: 2.2.0.98 - WildTangent) Nascosto
Amazon Music (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Amazon Amazon Music) (Versione: 5.4.2.1801 - Amazon Services LLC)
AOP Framework (HKLM-x32 \ ... \ (4A37A114-702F-4055-A4B6-16571D4A5353)) (Versione: 3.22.2001.0 - Acer Incorporated)
Supporto per applicazioni Apple (32 bit) (HKLM-x32 \ ... \ (D2FE6376-E549-4F63-A2C5-CA24DA035DE4)) (Versione: 5.6 - Apple Inc.)
Supporto per applicazioni Apple (64 bit) (HKLM \ ... \ (BB109E24-EE90-485B-A28B-ADDEFB40540B)) (Versione: 5.6 - Apple Inc.)
Supporto per dispositivi mobili Apple (HKLM \ ... \ (0A596141-97D5-45FA-9281-98DFAF48D579)) (Versione: 10.3.2.3 - Apple Inc.)
Aggiornamento software Apple (HKLM-x32 \ ... \ (52D87F32-70E4-4348-8148-C0B9F35B1314)) (Versione: 2.3.0.177 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32 \ ... \ BFGC) (Versione: 3.3.0.2 -)
Bonjour (HKLM \ ... \ (56DDDFB8-7F79-4480-89D5-25E1F52AB28F)) (Versione: 3.1.0.1 - Apple Inc.)
Build-lot 2: Town of the Year (HKLM-x32 \ ... \ BFG-Yap-lot 2 - Town of the Year) (Versione: -)
Citrix Online Launcher (HKLM-x32 \ ... \ (09DA5EE2-7E46-4DC4-96F9-BFEE50D40659)) (Versione: 1.0.408 - Citrix)
COMODO Internet Security Premium (HKLM \ ... \ {67DA4459-33A8-4E69-9C7B-FB5CBADA60AB}) (Sürüm: 10.0.1.6294 - COMODO Security Solutions Inc.) Gizli
COMODO Internet Security Premium (HKLM \ ... \ COMODO Internet Security) (Sürüm: 10.0.1.6294 - COMODO Security Solutions Inc.)
Corn Cradle Collector's Edition (HKLM-x32 \ ... \ WTA-66cb0f17-50fb-49ff-8924-bad585a1895e) (Versione: 2.2.0.110 - WildTangent) Nascosto
CyberLink PhotoDirector 3 (HKLM-x32 \ ... \ InstallShield_ {39337565-330E-4ab6-A9AE-AC81E0720B10}) (Sürüm: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32 \ ... \ InstallShield_ {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Sürüm: 10.0.0.3721 - CyberLink Corp.)
Doro 1.94 (HKLM-x32 \ ... \ Doro_is1) (Versione: -CompSoft)
Fishdom 3 (HKLM-x32 \ ... \ BFG-Fishdom 3) (Sürüm: -)
Google Chrome (HKLM-x32 \ ... \ Google Chrome) (Sürüm: 60.0.3112.113 - Google Inc.)
Google Update Assistant (HKLM-x32 \ ... \ (60EC980A-BDA2-4CB6-A427-B07A5498B4CA)) (Versione: 1.3.33.5 - Google Inc.) Riservato
Assistente aggiornamento Google (HKLM-x32 \ ... \ (A92DAB39-4E2C-4304-9AB6-BC44E68B55E2)) (Versione: 1.3.25.11 - Google Inc.) Nascosto
GoToMeeting 8.10.0.7495 (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ GoToMeeting) (Sürüm: 8.10.0.7495 - LogMeIn, Inc.)
Governor of Poker 2 Premium Edition (HKLM-x32 \ ... \ WTA-068bedf7-38fc-4849-bcd3-6ca159b577c0) (Sürüm: 2.2.0.110 - WildTangent) Gizli
HP FWUpdateEDO2 (HKLM-x32 \ ... \ (415FA9AD-DA10-4ABE-97B6-5051D4795C90)) (Versione: 1.2.0.0 - Hewlett-Packard)
Firmware di base HP Officejet 6700 (HKLM \ ... \ {A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (versione: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32 \ ... \ (FC3C2B77-6800-48C6-A15D-9D1031130C16)) (Versione: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32 \ ... \ (912D30CF-F39E-4B31-AD9A-123C6B794EE2)) (Versione: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32 \ ... \ (B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D)) (Versione: 1.00.0001 - Microsoft) Riservato
IRIS. OCR (HKLM-x32 \ ... \ {CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Sürüm: 12.3.4.0 - HP)
iCloud (HKLM \ ... \ (5B1A59DA-D1EC-4C3A-A996-DF011A0A9668)) (Versione: 6.2.2.39 - Apple Inc.)
Carta d'identità (HKLM-x32 \ ... \ (3D9CB654-99AD-4301-89C6-0D12A790767C)) (Versione: 2.00.8101 - Acer Incorporated)
Intel (R) Management Engine Components (HKLM-x32 \ ... \ (65153EA5-8B6E-43B6-857B-C6E4FC25798A)) (Versione: 9.5.23.1766 - Intel Corporation)
Grafica del processore Intel (R) (HKLM-x32 \ ... \ (F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA)) (Versione: 10.18.10.3496 - Intel Corporation)
Intel (R) Serial IO (HKLM \ ... \ (9FD91C5C-44AE-4D9D-85BE-AE52816B0294)) (Versione: 1.1.165.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32 \ ... \ ComodoIse) (Sürüm: 1.2.424651.94 - Comodo)
iTunes (HKLM \ ... \ {F0C7385A-9D20-45F3-8101-05D383885180}) (Sürüm: 12.6.1.25 - Apple Inc.)
Jojo Fashion Show: World Tour (HKLM-x32 \ ... \ BFG-Jojo Fashion Show - World Tour) (Versione: -)
Live Updater (HKLM-x32 \ ... \ (EE26E302-876A-48D9-9058-3129E5B99999)) (Versione: 2.00.8100 - Acer Incorporated)
Locklizard Protection - PDF Viewer (HKLM-x32 \ ... \ Locklizard Protection - PDF Viewer_sf) (Versione: 2.6.41 - Locklizard Ltd.)
Luxor Evolved (HKLM-x32 \ ... \ WTA-3cb536ee-0c52-4c62-96d1-745290a647db) (Sürüm: 2.2.0.98 - WildTangent) Gizli
Magic Academy (HKLM-x32 \ ... \ WTA-1ae77067-327d-44ce-8e91-ed114ced669a) (Versione: 2.2.0.98 - WildTangent) Riservato
Malwarebytes versione 3.2.2.2029 (HKLM \ ... \ (35065F43-4BB2-439A-BFF7-0F1014F2E0CD) _is1) (Versione: 3.2.2.2029 - Malwarebytes)
Centro gestione Mouse e Tastiere Microsoft (HKLM \ ... \ Centro Mouse e Tastiere Microsoft) (Versione: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-tr (HKLM \ ... \ O365HomePremRetail - en-tr) (Versione: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ OneDriveSetup.exe) (Versione: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (HKLM-x32 \ ... \ (837b34e3-7c30-493c-8f6a-2b0f04e2912c)) (Versione: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.17 (HKLM \ ... \ (8220EEFE-38CD-377E-8595-13398D740ACE)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32 \ ... \ (9A25302D-30C0-39D9-BD6F-21E6EC160475)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32 \ ... \ (1F1C2DFC-2D24-3E06-BCB8-725134ADF989)) (Versione: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable - 10.0.40219 (HKLM \ ... \ (1D8E6291-B0D5-35EC-8441-6616F567A0F7)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32 \ ... \ (F0C3E5D1-1ADE-321E-8167-68EF0DE699A5)) (Versione: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 tr-ABD) (HKLM-x32 \ ... \ Mozilla Firefox 54.0.1 (x86 tr-ABD)) (Sürüm: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32 \ ... \ MozillaMaintenanceService) (Versione: 54.0.1.6388 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32 \ ... \ {551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Sürüm: 12.5.01200 - Nero AG)
NoteBurner M4V Converter 4.0.2 (HKLM-x32 \ ... \ NoteBurner M4V Converter_is1) (Sürüm: - NoteBurner Inc.)
Componente di estensibilità a portata di clic di Office 16 (HKLM-x32 \ ... \ (90160000-008C-0000-0000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Record a 64 bit del componente di estensibilità a portata di clic di Office 16 (HKLM \ ... \ (90160000-00DD-0000-1000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Componente licenza a portata di clic di Office 16 (HKLM \ ... \ (90160000-008F-0000-1000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Componente di localizzazione a portata di clic di Office 16 (HKLM-x32 \ ... \ (90160000-008C-0409-0000-0000000FF1CE)) (Versione: 16.0.8326.2107 - Microsoft Corporation) Nascosto
Peggle Nights (HKLM-x32 \ ... \ WTA-b8cce2f1-44d8-43e4-a1cd-08dd51375bc1) (Versione: 2.2.0.98 - WildTangent) Nascosto
Plants and Zombies - Gioco dell'anno (HKLM-x32 \ ... \ WTA-98f57e61-1788-4aad-8a81-305491c5a4cf) (Versione: 2.2.0.98 - WildTangent) Segreto
Prerequisiti programma di installazione (HKLM-x32 \ ... \ (3AAB08A3-F129-4BD5-B409-AE674F93759D)) (Versione: 12.0.0003 - Nero AG) Nascosto
Qualcomm Atheros Bluetooth Suite (64) (HKLM \ ... \ {A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Sürüm: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installer (HKLM-x32 \ ... \ (28006915-2739-4EBE-B5E8-49B25D32EB33)) (Versione: 12.29 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32 \ ... \ {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Sürüm: 7.78.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32 \ ... \ (5BC2B5AB-80DE-4E83-B8CF-426902051D0A)) (Versione: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Driver del controller Ethernet Realtek (HKLM-x32 \ ... \ (8833FFB6-5B0C-4764-81AA-06DFEED9A476)) (Versione: 8.25.108.2014 - Realtek)
Driver audio ad alta definizione Realtek (HKLM-x32 \ ... \ (F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versione: 6.0.1.7203 - Realtek Semiconductor Corp.)
RogueKiller versione 12.11.16.0 (HKLM \ ... \ 8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Versione: 12.11.16.0 - Adlice Software)
Shop-N-Spree: Family Fortune (HKLM-x32 \ ... \ BFG-Shop-N-Spree Family Fortune) (Versione: -)
Solubile (HKLM \ ... \ (AD78441D-E016-4119-A0AE-9ECB763B6A3D)) (Versione: 1.3.1500.2 - Risolvi)
Spotify (HKLM-x32 \ ... \ Spotify) (Siero: 0.9.6.81.gd359a796 - Spotify AB)
SUPERAntiSpyware (HKLM \ ... \ (CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA)) (Versione: 6.0.1158 - SUPERAntiSpyware.com)
Arazzo con stampa digitale anno 2 di grazia (HKLM-x32 \ ... \ Arazzo con stampa digitale anno 2 di grazia) (Versione: 2016.0325 - Pressa per candelabro)
Tapestry Year 3 (HKLM-x32 \ ... \ Tapestry Year 3) (Versione: 2016.0325 - Lampstand Press)
Tapestry Year 4 (HKLM-x32 \ ... \ Tapestry Year 4) (Versione: 2016.0328 - Lampstand Press)
Emerland Solitaire Logs (HKLM-x32 \ ... \ WTA-59102d9c-31c7-4943-bf3b-0e338ee507d7) (Versione: 3.0.2.32 - WildTangent) Nascosto
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 10 (HKLM-x32 \ ... \ ST6UNST # 10) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 11 (HKLM-x32 \ ... \ ST6UNST # 11) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 12 (HKLM-x32 \ ... \ ST6UNST # 12) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 3 (HKLM-x32 \ ... \ ST6UNST # 3) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 4 (HKLM-x32 \ ... \ ST6UNST # 4) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 5 (HKLM-x32 \ ... \ ST6UNST # 5) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 6 (HKLM-x32 \ ... \ ST6UNST # 6) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 7 (HKLM-x32 \ ... \ ST6UNST # 7) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 8 (HKLM-x32 \ ... \ ST6UNST # 8) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) # 9 (HKLM-x32 \ ... \ ST6UNST # 9) (Versione: -)
TranscriptPro for Umbrella Schools (C: \ Program Files (x86) \ TranscriptPro Umbrella \) (HKLM-x32 \ ... \ ST6UNST # 2) (Versione: -)
TranscriptPro for Umbrella Schools (HKLM-x32 \ ... \ ST6UNST # 1) (Versione: -)
Trinklit Supreme (HKLM-x32 \ ... \ WTA-021203c5-41b1-47d6-8e5e-24191ded62f1) (Versione: 2.2.0.98 - WildTangent) Nascosto
Unity Web Player (HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ UnityWebPlayer) (Sürüm: 4.5.5f1 - Unity Technologies ApS)
Programma di installazione aggiornamento per l'app WildTangent Games (HKLM-x32 \ ... \ (2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2) .WildTangent Games App) (Versione: - WildTangent) Nascosto
WildTangent Games (HKLM-x32 \ ... \ WildTangent wildgames Master Removal) (Versione: 1.0.4.0 - WildTangent)
App WildTangent Games (HKLM-x32 \ ... \ (70B446D1-E03B-4ab0-9B3C-0832142C9AA8) .WildTangent Games App-acer) (Versione: 4.0.10.20 - WildTangent) Nascosto
Impostazioni di aggiornamento e privacy di Windows 10 (HKLM \ ... \ (4DFCD818-036A-4229-A67D-CF17DC461D92)) (Versione: 1.0.14.0 - Microsoft Corporation)

==================== CLSID personalizzato (White List): ======================= = ==

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

ÖzelCLSID: HKU \ S-1-5-21-634217685-3676121620-3412417090-1001_Classes \ CLSID \ {84B5A313-CD5D-4904-8BA2-AFDC81C1B309} \ InprocServer32 -> C: \ Kullanıcıcı \ songee00 \ 48 Local \ G2MOutlookAddin64.dll (Citrix Systems, Inc. 'in bir bölümü olan Citrix Online)
ShellIconOverlayIdentifiers: [ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated )
ShellIconOverlayIdentifiers-x32: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated )
ShellIconOverlayIdentifiers-x32: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C: \ Program Dosyaları (x86) \ Acer \ shellext \ x64 \ shellext_win.dll [2016-09-08] (Acer Incorporated )
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cavshell.dll [2017-08-28] (COMODO)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C: \ Program Files \ Common Files \ Apple \ Internet Services \ ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cavshell.dll [2017-08-28] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C: \ Program Dosyaları \ Malwarebytes \ Anti-Malware \ mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nessun file
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C: \ WINDOWS \ system32 \ igfxDTCM.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C: \ WINDOWS \ system32 \ igfxOSP.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cavshell.dll [2017-08-28] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C: \ Program Dosyaları \ Malwarebytes \ Anti-Malware \ mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Attività pianificate (Whitelist) =============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Görev: {031368AD-69FA-42F5-9836-00FC1C7A6873} - System32 \ Tasks \ Power Management => C: \ Program Dosyaları \ Acer \ Acer Power Management \ ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Görev: {036CC33F-9545-4394-9159-58C1BDED1546} - System32 \ Tasks \ BacKGroundAgent => C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ BackgroundAgent.exe [2016-09-20] (Acer Incorporated)
Görev: {08FB1CFF-406B-4377-9C10-0364DEFA1615} - System32 \ Tasks \ GoogleUpdateTaskMachineCore => C: \ Program Dosyaları (x86) \ Google \ Update \ GoogleUpdate.exe [2015-08-30] (Google Inc.)
Attività: {0D6B97AC-F2D2-4B8F-AB58-80CAC6B358AF} - System32 \ Tasks \ G2MUpdateTask-S-1-5-21-634217685-3676121620-3412417090-1001 => C: \ Users \ songe_000 \ App \ CitData \ Local \ CitData GoToMeeting \ 5573 \ g2mupdate.exe [18/09/2016] (Citrix Online, una divisione di Citrix Systems, Inc.)
Görev: {0EE31A40-E7F5-4430-9CF1-4F70BF3FFC88} - System32 \ Tasks \ Recovery Management \ Notification => C: \ Program Dosyaları \ Acer \ Acer Recovery Management \ Notification \ Notification.exe [2014-03-18] (Acer Anonim)
Attività: {16E0EE90-DC55-4921-99FD-69262DB1C64A} - System32 \ Tasks \ ALU => C: \ Programmi (x86) \ Acer \ Live Updater \ updater.exe [2013-07-08] ()
Attività: {1B9C1DD4-F810-42CE-8D2B-522648E10321} - System32 \ Tasks \ Microsoft \ Office \ Office Subscription Maintenance => C: \ Program Files (x86) \ Microsoft Office \ root \ vfs \ ProgramFilesCommonx86 \ Microsoft Shared \ Office16 \ OLicenseHeartbeat.exe [15/09/2017] (Microsoft Corporation)
Görev: {1BA8203E-D888-4C65-87EC-ECDC370FE4C7} - System32 \ Tasks \ Prelauncher => C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ InputTask.exe [2013-12-19] (Acer Incorporated)
Attività: {1C73E622-8FD6-4270-B5CF-4102D8871ADF} - System32 \ Tasks \ Apple \ AppleSoftwareUpdate => C: \ Program Files (x86) \ Apple Software Update \ SoftwareUpdate.exe [2017-02-14] (Apple Inc. )
Attività: {1CEFCF95-37A5-4291-9AC6-4E6FCCF21D9C} - System32 \ Tasks \ abDocsDllLoader => C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoaderMonitor.exe [2016-08-15] ()
Attività: {1FD632AE-52AF-4024-B8A6-3BF3BC89FD46} - System32 \ Tasks \ Quick Access Quick Launcher => C: \ Program Files \ Acer \ Acer Quick Access \ QALauncher.exe [2014-03-21] (Acer Incorporate)
Attività: {267662B5-1367-4E02-9FC6-99CD0B27701E} - System32 \ Tasks \ UbtFrameworkService => C: \ Program Files \ Acer \ User Experience Improvement Program \ Framework \ TriggerFramework.exe [2014-01-25] (TODO: < Şirket adı>)
Görev: {2E83424C-07B1-4CCF-A360-627134EE6F72} - System32 \ Tasks \ GoogleUpdateTaskMachineUA => C: \ Program Dosyaları (x86) \ Google \ Update \ GoogleUpdate.exe [2015-08-30] (Google Inc.)
Görev: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32 \ Tasks \ Microsoft \ Windows \ Workplace Join \ Automatic-Workplace-Join => C: \ WINDOWS \ System32 \ AutoWorkplace.exe
Attività: {3546FB58-3758-4717-9B11-3E15CF872BA5} - System32 \ Tasks \ Microsoft_MKC_Logon_Task_itype.exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ itype.exe [2015-07-21] (Microsoft Corporation)
Görev: {3B68FC16-40AF-4A9F-BB31-4339A32D20DD} - System32 \ Tasks \ CreateExplorerShellUnelevatedTask => C: \ WINDOWS \ explorer.exe / NOUACCHECK
Attività: {475470D8-E6D8-4501-9B94-AD2F3077BA98} - System32 \ Tasks \ COMODO \ COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C: \ Program Files \ COMODO \ COMfcon c. exe (28/08/2017) (COMODO)
Attività: {4D9A1146-9D5C-4B0D-9FCD-06BD35763CBB} - System32 \ Tasks \ COMODO \ COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C: \ Program Files \ COMODO \ COMODp.exe Internet Security \ c [28/08/2017] (COMODO)
Attività: {4EF31B12-97EE-4F2E-8B4A-BFFD3EF0D167} - System32 \ Tasks \ Microsoft \ Office \ Office ClickToRun Service Monitor => C: \ Program Files \ Common Files \ Microsoft Shared \ ClickToRun \ OfficeC2RClient.exe [2017-09- 08) (Microsoft Corporation)
Görev: {50398683-5D96-46F5-BE56-83CC74209A4D} - System32 \ Tasks \ Microsoft \ Office \ OfficeBackgroundTaskHandlerRegistration => C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ Office16 \ officebackgroundtaskhandler.exe [2017-09-17 ] ()
Görev: {555A5627-076E-40FC-8957-D0FECA9D6473} - System32 \ Tasks \ Microsoft \ Windows \ RemovalTools \ MRT_HB => C: \ WINDOWS \ system32 \ MRT.exe [2017 Corporation)
Görev: {56F5CB9E-9FFD-4AC7-9CC5-52A809E8A239} - System32 \ Tasks \ Screen Grasp GestureDetection => C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ GestureDetection.exe [2013-12-19] (Acer Incorporated )
Görev: {575997F7-92DC-4DF0-B93A-8B443BA4BA4C} - System32 \ Tasks \ ALUAgent => C: \ Program Dosyaları (x86) \ Acer \ Live Updater \ liveupdater_agent.exe [2013-01-22] ()
Görev: {5C73D677-93C1-4193-AEC4-C4A920B0BB9B} - System32 \ Tasks \ {31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C: \ Program Dosyaları \ COMODO \ COMODO Internet Security \ cistray.exe [2017-08 -28] (COMODO)
Attività: (5DE19AE0-A353-4BEB-A50D-83D2898D0D47} - System32 \ Tasks \ OneDrive Independent Update Task => C: \ Users \ songe_000 \ AppData \ Local \ Microsoft \ OneDrive \ 17.3.6517.0809 \ OneDriveStandaloneUpdater.exe
Görev: {65CB0CBC-62D9-46E8-AC63-0E1828D6EE45} - System32 \ Tasks \ Launch Manager => C: \ Program Dosyaları \ Acer \ Acer Launch Manager \ LMLauncher.exe [2014-03-17] (Acer Incorporate)
Attività: {6940B4D4-539C-4B45-A9EE-54B4DA9C94B9} - System32 \ Tasks \ Microsoft_MKC_Logon_Task_ipoint.exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ ipoint.exe [2015-07-21] (Microsoft Corporation)
Attività: {78D748B5-11E1-4D10-8558-6156ABB6A2EF} - System32 \ Tasks \ COMODO \ COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C: \ Program Files \ COMODO \ COMODO Internet Security \ cfconf.exe [28/08/2017] (COMODO)
Görev: {7DB3C51D-D6F0-4E26-8ECF-96AA4CCC4620} - System32 \ Tasks \ prelauncher_First => C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ InputTask.exe [2013-12-19] (Acer Incorporated)
Görev: {82327D8E-CE75-415E-82FC-6E8D6690898E} - System32 \ Tasks \ Adobe Flash Player Güncelleyici => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashPlayerUpdateService.exe [2017-09-14] (Adobe Systems Incorporated)
Attività: {9062A850-12C3-4B78-A7DB-D427C0C60BF2} - System32 \ Tasks \ Microsoft_Hardware_Launch_ipoint_exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ ipoint.exe [2015-07-21] (Microsoft Corporation)
Görev: {9244C2CD-693F-412E-ACB3-57FDED784C3E} - System32 \ Tasks \ Microsoft \ Office \ OfficeBackgroundTaskHandlerLogon => C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ Office16 \ officebackgroundtaskhandler.exe [2017-09-17 ] ()
Attività: {9876CF94-3A85-4133-AD1A-8B3CF2130063} - System32 \ Tasks \ Launch Screen Grasp_First => C: \ Program Files (x86) \ Acer \ Screen Grasp \ Launch Screen Grasp.exe [2013-12-19] ( Acer Incorporated)
Attività: {9EA36F30-FFFE-41AC-B3AB-EB24FE697E7E} - System32 \ Tasks \ Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ mousekeyboardcenter.exe [2015-07-21] (Microsoft)
Attività: {B580204D-33E3-49C4-8293-31890B0C45A8} - System32 \ Tasks \ G2MUploadTask-S-1-5-21-634217685-3676121620-3412417090-1001 => C: \ Users \ songe_000 \ AppData \ Local \ Citrix Go \ 5573 \ g2mupload.exe [18/09/2016] (Citrix Online, una divisione di Citrix Systems, Inc.)
Attività: {C1CFA249-4E02-41A9-8FA5-F7389F095C90} - System32 \ Tasks \ COMODO \ COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C: \ Programmi \ COMODO \ COMray c Internet.exe Security 28/08/2017) (COMODO)
Attività: {C2BA6F5F-9916-4677-A62B-57CADF6CEC06} - System32 \ Tasks \ COMODO \ COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C: \ Programmi \ COMODO \ COMODOg.exe Internet Security [2017 -08-28) (COMODO)
Attività: {C7C30F43-94AF-4101-BA90-E6E7A4A132F4} - System32 \ Tasks \ Quick Access => C: \ Program Files \ Acer \ Acer Quick Access \ QALauncher.exe [2014-03-21] (Acer Incorporate)
Attività: {D8E0E458-1F44-4E78-B1BF-AFF9AEB4786F} - System32 \ Tasks \ Adobe Acrobat Update Task => C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe [2017-07- 19) (Adobe Systems Incorporated)
Attività: {D980A4CB-AA1C-4A00-BD09-85C5066B5BB0} - System32 \ Tasks \ Microsoft_Hardware_Launch_itype_exe => c: \ Program Files \ Microsoft Mouse and Keyboard Center \ itype.exe [2015-07-21] (Microsoft Corporation)
Görev: {DAF6F28D-397E-4D0C-AD0B-31F5D75362D1} - System32 \ Tasks \ COMODO \ COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C: \ Program Dosyaları \ COMODO \ COMODOpg -28] (COMODO)
Attività: {DB303A6B-CD41-4A6C-A37A-3438AFD28708} - Aggiornamenti automatici System32 \ Tasks \ Microsoft \ Office \ Office => C: \ Program Files \ Common Files \ Microsoft Shared \ ClickToRun \ OfficeC2RClient.exe [2017-09-08 ] (Azienda Microsoft)
Attività: {DFC1478C-747E-4EAD-94AB-66815E81BAA2} - System32 \ Tasks \ AcerCloud => C: \ Program Files (x86) \ Acer \ Acer Portal \ AcerPortal.exe [2016-09-20] (Acer)

(Se viene aggiunta una voce all'elenco delle correzioni, il file dell'attività (.job) verrà spostato. Il file eseguito dall'attività non verrà spostato.)

Attività: C: \ WINDOWS \ Tasks \ G2MUpdateTask-S-1-5-21-634217685-3676121620-3412417090-1001.job => C: \ Users \ songe_000 \ AppData \ Local \ GoToMeeting \ 7495 \ g2mupdate.exe
Attività: C: \ WINDOWS \ Tasks \ G2MUploadTask-S-1-5-21-634217685-3676121620-3412417090-1001.job => C: \ Users \ songe_000 \ AppData \ Local \ GoToMeeting \ 7495 \ g2mupload.exe

[mom26gr8kids]

==================== Scorciatoie e WMI ========================

(Le voci possono essere elencate per il ripristino o la rimozione.)


==================== Moduli installati (whitelist) ==============

2016-07-16 05:42 - 2016-07-16 05:42 - 000231424 _____ () C: \ WINDOWS \ SYSTEM32 \ ism32k.dll
07/07/2017 18:00 - 03/06/2017 04:01 - 002681200 _____ () C: \ WINDOWS \ system32 \ CoreUIComponents.dll
26/11/2014 23:53 - 26/06/2014 20:10 - 000595456 _____ () C: \ Programmi (x86) \ DoroPDFWriter \ Doro.dll
05-10-2016 18:17 - 05-10-2016 18:17 - 000092472 _____ () C: \ Programmi \ File comuni \ Apple \ Apple Application Support \ zlib1.dll
13/07/2017 20:50 - 13/07/2017 20:50 - 001354040 _____ () C: \ Programmi \ File comuni \ Apple \ Supporto applicazioni Apple \ libxml2.dll
31/07/2014 04:27 - 24/04/2012 04:43 - 000254512 ____N () C: \ Programmi (x86) \ CyberLink \ File condivisi \ RichVideo.exe
18/12/2013 17:02 - 18/12/2013 17:02 - 000124480 _____ () C: \ Programmi \ Soluto \ PCGDllExportInspector.dll
18/12/2013 17:02 - 18/12/2013 17:02 - 000054848 ____R () C: \ Programmi \ Soluto \ PCGDeviceScanLib.dll
21/09/2017 08:04 - 24/08/2017 11:27 - 002264528 _____ () C: \ PROGRAM DOSYALARI \ MALWAREBYTES \ ANTI-MALWARE \ MwacLib.dll
24/10/2016 09:24 - 17/09/2017 04:48 - 008929480 _____ () C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ VFS \ ProgramFilesX64 \ Microsoft Office \ Office16 \ 1033 \ GrooveIntlResource.dll
31/07/2014 04:34 - 03/01/2014 15:13 - 000111872 _____ () C: \ Programmi (x86) \ Acer \ clear.fi plugin \ Clearfishellext_x64.dll
28/12/2016 00:16 - 28/08/2017 22:56 - 000244928 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdcomps.dll
30/09/2015 21:39 - 29/11/2015 22:32 - 000415128 _____ () C: \ WINDOWS \ system32 \ igfxTray.exe
20/09/2016 17:11 - 20/09/2016 17:11 - 000134656 _____ () C: \ Windows \ ShellExperiences \ Windows.UI.Shell.SharedUtilities.dll
14/03/2017 23:50 - 14/03/2017 23:50 - 000474112 _____ () C: \ Windows \ ShellExperiences \ QuickActions.dll
14/03/2017 23:51 - 14/03/2017 23:51 - 009760768 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ CortanaApi.dll
14/03/2017 23:51 - 14/03/2017 23:51 - 001401856 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ Cortana.Core.dll
14/03/2017 23:51 - 14/03/2017 23:51 - 000757248 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ CSGSuggestLib.dll
07/07/2017 18:00 - 03/06/2017 02:47 - 001033216 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ Cortana.Actions.dll
07/07/2017 18:00 - 03/06/2017 02:47 - 002424320 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ Cortana.BackgroundTask.dll
07/07/2017 18:00 - 03/06/2017 02:51 - 004853760 _____ () C: \ Windows \ SystemApps \ Microsoft.Windows.Cortana_cw5n1h2txyewy \ RemindersUI.dll
28/12/2016 00:17 - 28/08/2017 22:57 - 000156352 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdwrhlp.dll
28/08/2017 23:34 - 09/05/2017 03:05 - 000092472 _____ () C: \ Programmi \ iTunes \ zlib1.dll
28/08/2017 23:34 - 09/05/2017 03:05 - 001354040 _____ () C: \ Programmi \ iTunes \ libxml2.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 001769312 _____ () C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoaderMonitor.exe
28/08/2017 16:57 - 23/08/2017 02:48 - 003824472 _____ () C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ 60.0.3112.113 \ libglesv2.dll
28/08/2017 16:57 - 23/08/2017 02:48 - 000100184 _____ () C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ 60.0.3112.113 \ libegl.dll
28/12/2016 00:16 - 28/08/2017 22:55 - 000107200 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ cavwpps.dll
16/03/2016 10:25 - 20/07/2017 09:03 - 000073920 _____ () C: \ Programmi \ COMODO \ COMODO Internet Security \ scanners \ smart.cav
31/07/2014 04:02 - 01/10/2013 03:09 - 000078880 _____ () C: \ Programmi \ Realtek \ Audio \ HDA \ FMAPP.exe

==================== Flussi di dati alternativi (whitelist) =========

(Se viene aggiunta una voce all'elenco delle correzioni, verrà rimosso solo l'ADS.)

AlternateDataStreams: C: \ WINDOWS \ regedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ splwow64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ accountaccessor.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ aclui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ACPBackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActionCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActionCenterCPL.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActivationManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActiveSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ adsmsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ aitstatic.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-convert-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-environment-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-dosya sistemi-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-heap-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-locale-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-math-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-multibyte-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-private-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-process-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-runtime-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-stdio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-string-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-time-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-utility-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppCapture.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ appinfo.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ApplicationFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppointmentApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppXApplicabilityBlob.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioEng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AUDIOKSE.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioSes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioSrvPolicyManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AuthHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ autoplay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BackgroundMediaPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ basecsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcastdvr.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BcastDVRHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcdedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcrypt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdesvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdeui.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdeunlock.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BingMaps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BitLockerDeviceEncryption.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ biwinrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BluetoothDesktopHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BootMenuUX.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bootux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BrowserSettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BthRadioMedia.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CbtBackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdd.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpreference.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpusersvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cemapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ certprop.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CfgSPCellular.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ chartv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ChatApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ci.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ClipUp.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CloudBackupSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CloudStorageWizard.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ clusapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cmifw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cmintegrator.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ coin97ip.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ coin99ip.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ comdlg32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ comsvcs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ConsoleLogon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ContactApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CredProvDataModel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ credprovs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ credprovslegacy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cryptngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CspCellularSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d10warp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d11.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ D3D12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d9.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dab.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DafPrintProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DataExchange.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DataSenseHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DavSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ daxexec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dbgeng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ddraw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ddrawex.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ devenum.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceEnroller.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DevicePairingFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceReactivation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dfp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DfpCommon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dhcpcore6.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dialserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ difx64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ scan.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Display.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dmenrollengine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DMRServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dns-sd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dnsapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dnsrslvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DolbyDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ domgmt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DPTopologyApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DPTopologyAppv2_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ drvstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dsreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dsregcmd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DuCsps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dui70.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dwmapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dxgi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DXP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EAMProgressHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ easwrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditBufferTestHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditionUpgradeHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditionUpgradeManagerObj.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EDPCleanup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ efsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EncDec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ energy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseAPNCsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseAppMgmtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseModernAppMgmtCSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ErrorDetailsUpdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ esent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ esentutl.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ evr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ExplorerFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ExSMime.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ facecredentialprovider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Family.Authentication.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ffbroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhcfg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhsettingsprovider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fontext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ FrameServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ FSClient.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveapibase.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fvenotify.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GamePanelExternalHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gameux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gdi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GdiPlus.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GEARAspi64.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GfxUIEx.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Gfxv2_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Gfxv4_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GlobCollationHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gpapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hal.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hevcdecoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hgcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hpinkcoi5C12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hpinkins5C12.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ HttpsDataSource.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hvloader.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hvloader.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icfupgd.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icm32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icsvcext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IdCtrls.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ igfxSDK.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ imapi2fs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ inetcomm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ InputLocaleManager.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ InputService.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IntelCpHDCPSvc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IntelWiDiUMS64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ internetmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IPHLPAPI.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iphlpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ipnathlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iprtrmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iscsiwmi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ JpMapControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ KnobsCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ KnobsCsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LaunchWinApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ListSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LockAppBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LockAppHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ lpremove.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ lsm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ main.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ manage-bde.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapConfiguration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapControlCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapGeocoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapRouter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapsBtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapsStore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MCCSEngineShared.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MDMAppInstaller.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mdmregistration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MediaFoundation.DefaultPerceptionProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfaudiocnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MFCaptureEngine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfds.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfksproxy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfmkvsrcsnk.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfnetsrc.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfplat.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MFPlay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfreadwrite.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfsensorgroup.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfsvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ microsoft-windows-system-events.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ migisol.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mmc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ modernexecserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ moshost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ moshostcore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MosStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mprapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mprdim.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MPSSVC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MrmCoreR.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSAC3ENC.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSAudDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mscandui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctfui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msdtcprx.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msdtcuiu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msftedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msinfo32.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msmpeg2vdec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mspaint.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSPhotography.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssitlb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssph.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssphtb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssvp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msutb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msvcp120.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVidCtl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVideoDSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msvproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVPXENC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msxml3.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MultiDigiMon.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ncsi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetCfgNotifyObjectHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netiohlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netiougc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netplwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nettrace.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkCollectionAgent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkDesktopSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkUXBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NfcRadioMedia.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ngccredprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NgcCtnr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NgcCtnrGidsHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nlasvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nltest.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NMAA.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NotificationController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NPSM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nshwfp.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ntdll.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ntshrui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ offlinesam.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ offreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ OnDemandConnRouteHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ OneDriveSettingSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pcasvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PCPTpm12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PhotoScreensaver.scr: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PimIndexMaintenance.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Pimstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pnidui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ policymanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ poqexec.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ powercfg.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PrintRenderAPIHost.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ profsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ provengine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ provops.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ProvPluginEng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ProvSysprep.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PsmServiceExtHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ puiapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pwrshplugin.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ qmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RADCUI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rasapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rascustom.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rasgcw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ReAgentc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RelPost.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ remoteaudioendpoint.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RemoteNaturalLanguage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ReportingCSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ reseteng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RjvMDMConfig.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RMapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rshx32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RTWorkQ.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ samsrv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ScDeviceEnum.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ schannel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ scksp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sdengin2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sdshext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Search.ProtocolHandler.MAPI2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchFilterHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchProtocolHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SecConfig.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sendmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sens.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SensorDataService.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SensorService.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SessEnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_Bluetooth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_Flights.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_StorageSense.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_WorkAccess.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ setupugc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SHCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ shdocvw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ skci.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ smphost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SndVolSSO.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SpeechPal.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ spoolsv.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppcext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppnp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppsvc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppwinob.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SRH.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SRHInproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sspicli.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ stobject.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ StorSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sud.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SyncCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ systemreset.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SystemSettings.UserAccountsHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SystemSettingsThresholdAdminFlowUI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Tabbtn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tabcal.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TabletPC.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ taskbarcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tbauth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TextInputFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ themecpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ timedate.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TokenBrokerCookies.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TpmCoreProvisioning.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TpmTasks.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TSpkg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ twinapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ twinui.pcshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tzautoupdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ubpm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ uDWM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIAnimation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIAutomationCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIRibbon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ umpoext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usbaaplrc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usbmon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ user32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UserDataService.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UserLanguagesCpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usoapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UtcResources.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VCardParser.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VEStoreEventHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vmrdvcore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vpnike.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VPNv2CSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vssapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wbiosrvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wcmsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wcnwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wc_storage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ webio.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ werconcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ weretw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ werui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wevtsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wfdprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wifinetworkmanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wifitask.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ win32k.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wincorlib.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Background.SystemEventsBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Store.TestingFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Cortana.Desktop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Cortana.OneCore.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Gaming.UI.GameBar.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Internal.UI.Logon.ProxyStub.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.BackgroundMediaPlayback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Playback.BackgroundMediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Playback.MediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Speech.UXRes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.HostName.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.Vpn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Security.Credentials.UI.UserConsentVerifier.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Shell.Search.UriHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.StateRepository.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Storage.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.BioFeedback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Core.TextInput.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.CredDialogController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Immersive.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Shell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winhttp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wininetlui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winload.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winload.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winresume.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winresume.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WinSCard.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wintrust.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wkssvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlanapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlancfg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WlanMediaManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlansec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlansvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlanui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlidprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WMPDMC.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpdxm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpeffects.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WMVDECOD.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WordBreakers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFolders.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkfoldersControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFoldersGPExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFoldersShell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ workfolderssvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wow64.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Wpc.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcMon.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcRefreshTask.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcTok.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wpnprv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wpx.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ws2_32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wscinterop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wscsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wsecedit.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WSManHTTPConfig.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WsmSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WsmWmiPl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wu.upgrade.ps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wups.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WWanAPI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwanconn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwanmm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwansvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XblAuthManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XblGameSaveExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XboxNetApiSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XInputUap.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ zipfldr.dll: $ CmdTcID [64]

[mom26gr8kids]

AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ac3filter.ax: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ accountaccessor.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ aclui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActionCenterCPL.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActivationManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActiveSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ adsmsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-convert-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-environment-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-filesystem-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-heap-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-locale-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-math-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-multibyte-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-private-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-runtime-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-stdio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-string-l1-1-0.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-time-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-utility-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AppCapture.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AppointmentApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ appwiz.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AUDIOKSE.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AuthExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ autoplay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ azroleui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BackgroundMediaPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ basecsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BcastDVRHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ bcrypt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BingMaps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ biwinrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BrowserSettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cemapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ chartv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ChatApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ClipboardServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ CloudBackupSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ CloudStorageWizard.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ clusapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cmifw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comctl32.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comdlg32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comsvcs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ConfigureExpandedStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ContactApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ credprovs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ credprovslegacy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cryptngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cryptui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d2d1.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d10warp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d11.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ D3D12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d8.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d9.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DafPrintProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DataExchange.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DavSyncProvider.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dbgeng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ddraw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ddrawex.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ devenum.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dhcpcore6.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dns-sd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dnsapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DolbyDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ drvstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dtdump.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dwmapi.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dxgi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ EditBufferTestHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ efsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ErrorDetailsUpdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ esent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ esentutl.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ evr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ExplorerFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ findnetprinters.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ fontext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ FSClient.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GamePanelExternalHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gameux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gdi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GdiPlus.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GEARAspi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GlobCollationHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gpapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ hevcdecoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ hgcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ icm32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iconv.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ imapi2fs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ indexeddbserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ inetcomm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ InputLocaleManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ IPHLPAPI.DLL: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iprtrmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iscsiwmi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ JpMapControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LaunchWinApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LicenseManagerApi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LockAppBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LockAppHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ main.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapConfiguration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapControlCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapGeocoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapRouter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapsBtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MCCSEngineShared.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mdmregistration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfaudiocnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfds.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfksproxy.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfmkvsrcsnk.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfplat.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MFPlay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfreadwrite.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfsensorgroup.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfsvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ migisol.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mmc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MosStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mprapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mprdim.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MrmCoreR.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSAC3ENC.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mscandui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mscms.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctfui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msdtcuiu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msftedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msinfo32.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msmpeg2vdec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSPhotography.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssitlb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssph.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssphtb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssvp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msutb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVidCtl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVP9DEC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msvproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVPXENC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msxml3.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mtxclu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NetCfgNotifyObjectHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ netiohlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ netiougc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NetworkCollectionAgent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ngccredprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NMAA.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NPSM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ nshwfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ntdll.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ntshrui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ offlinesam.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ offreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ OneDriveSettingSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ OneDriveSetup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ PCPTpm12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ pdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ PhotoScreensaver.scr: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Pimstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ policymanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ poqexec.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ powercfg.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ProximityCommon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ puiapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ pwrshplugin.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rasapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rasgcw.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rdpencom.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ReAgentc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ regedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ remoteaudioendpoint.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ RemoteNaturalLanguage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ resutils.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ RTWorkQ.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ schannel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ scksp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Search.ProtocolHandler.MAPI2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchFilterHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchProtocolHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sendmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SessEnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SHCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ smphost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SndVolSSO.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sppcext.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sspicli.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ stobject.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sud.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ systemcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tbauth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TempSignedLicenseExchangeTask.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TextInputFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ themecpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TokenBrokerCookies.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TpmCoreProvisioning.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TSpkg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ twinapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIAnimation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIAutomationCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIRibbon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Unistore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ user32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UserDeviceRegistration.Ngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UserLanguagesCpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ VCardParser.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ vssapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wcnwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ webio.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ weretw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wfdprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ win32k.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wincorlib.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.ApplicationModel.Store.TestingFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Gaming.UI.GameBar.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Internal.UI.Logon.ProxyStub.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.BackgroundMediaPlayback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.BackgroundMediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.MediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Speech.UXRes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Security.Authentication.OnlineId.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Shell.Search.UriHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Speech.Pal.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.StateRepository.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Storage.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.BioFeedback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Core.TextInput.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Cred.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.CredDialogController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Immersive.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winhttp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wininetlui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WinSCard.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winspool.drv: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wintrust.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlanapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlancfg.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlanui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlidprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WMPDMC.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpdxm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpeffects.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpmde.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WMVSENCD.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WordBreakers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Wpc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WPDShServiceObj.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ws2_32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wscinterop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wsecedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WSManHTTPConfig.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WsmWmiPl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WWanAPI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ XInputUap.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ xolehlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ xvid.ax: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ zipfldr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ afd.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ahcache.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ bowser.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ capimg.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ Classpnp.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ clfs.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ cmimcext.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ crashdmp.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dam.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dfsc.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dxgmms2.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ fastfat.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ fvevol.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ FWPKCLNT.SYS: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ hidclass.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ http.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ hvsocket.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ iorate.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ IPMIDrv.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ kbdhid.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ks.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ MegaSas2i.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ modem.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ mrxdav.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb10.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb20.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ mskssrv.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ nwifi.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ partmgr.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ pci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ pdc.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ point64.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ssudbus.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ storahci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ stornvme.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ tcpipreg.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ tpm.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ usbaapl64.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ usbscan.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ VirtualAudio1.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ vmbkmcl.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ vmbkmclr.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ vpci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ wcifs.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ WdiWiFi.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ winhvr.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ xboxgip.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ ProgramData \ Temp: 2CB9631F [134]
AlternateDataStreams: C: \ ProgramData \ Temp: 7A2101AB [460]
AlternateDataStreams: C: \ ProgramData \ Temp: BAC2F271 [229]
AlternateDataStreams: C: \ ProgramData \ TempDEB08FD [194]

[mom26gr8kids]

AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ AdwCleaner.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ almedia-converter_full351.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ cispremium_installer.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ JRT.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup (1) .exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ mbam-setup-2.0.4.1028.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ mbar-1.08.3.1004.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter-plus.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ RS TEXAS Rsources.docx: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ setup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Kullanıcılar \ songe_000 \ Downloads \ Setup.X86.tr-US_O365HomePremRetail_0c7d5447-a8b2-4030-b6eb-1526a3c73fb2_TX_PR_.exe: $ CmdTcID [64]

==================== Modalità provvisoria (White List) ===================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. "AlternateShell" viene ripristinato.)

HKLM \ SYSTEM \ CurrentControlSet \ Control \ SafeBoot \ Minimal \ MBAMService => "" = "Hizmet"
HKLM \ SYSTEM \ CurrentControlSet \ Control \ SafeBoot \ Network \ MBAMService => "" = "Hizmet"

==================== Association (White List) ===============

(Se viene aggiunta una voce all'elenco delle correzioni, l'elemento del registro verrà ripristinato al valore predefinito o rimosso.)


==================== Internet Explorer è attendibile / limitato ===============

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa dal registro.)

Sito attendibile di IE: HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ sharepoint.com -> hxxps: //studentcccsedu-files.sharepoint.com

==================== Contenuto ospitato: =========================== ====

(Se necessario, la direttiva Hosts: può essere aggiunta all'elenco delle correzioni per reimpostare gli host.)

22/08/2013 07:25 - 22/08/2013 07:25 - 000000824 _____ C: \ WINDOWS \ system32 \ Drivers \ etc \ hosts


==================== Altre aree ============================

(Al momento non esiste una correzione automatica per questa sezione.)

HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Pannello di controllo \ Desktop \ Wallpaper -> C: \ Users \ songe_000 \ Images \ desktop wallpaper \ spring flowers flower-growth-1366x768-13141629. jpg
Server DNS: 192.168.0.1 - 205.171.2.25
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall è abilitato.

==================== MSCONFIG / TASK MANAGER elementi disabilitati ==


==================== Regole del firewall (lista bianca) ===============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Regole del firewall: [{00236EC4-B65A-40A4-A24F-F3E873934C15}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ WindowsUpnpMV.exe
Regole del firewall: [{2024B434-269F-4F96-8A9E-BC29D2116955}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ WindowsUpnpMV.exe
Regole del firewall: [{57AE1212-BECB-49B5-9031-5B746C6A1619}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ DMCDaemon.exe
Regole del firewall: [{D1A9301C-E3E4-434A-8082-E052D833D6D7}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMusic \ DMCDaemon.exe
Regole firewall: [{11BFEBD7-9DE0-4224-B213-631A3ACCDE70}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{ABA8D62E-80BA-4575-B8C1-5EE854EEE873}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{C2DF89AD-13A8-46C2-B844-4DCD20ADFA9F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{C126C04E-B406-446D-AE77-BB740DBCD0E0}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{3AB8CC6A-C717-46B7-B02F-04EC2D30F3D0}] => (Consenti) C: \ Programmi (x86) \ Acer \ AOP Framework \ acer \ ccd.exe
Regole del firewall: [{DEB2B719-34B1-4048-978D-DAD7C684F6CF}] => (Consenti) C: \ Programmi (x86) \ Acer \ AOP Framework \ acer \ ccd.exe
Regole firewall: [{6205C4D2-344D-4018-91EC-FAF3F248C18A}] => (Consenti) C: \ Programmi (x86) \ Nero \ Nero 12 \ Nero BackItUp \ BackItUp.exe
Regole firewall: [{A444437B-4F85-4F41-82F0-BC52DFE26483}] => (Consenti) C: \ Programmi (x86) \ Nero \ Nero 12 \ Nero BackItUp \ BackItUp.exe
Regole firewall: [{C4246184-B078-4136-AEC0-71242368BFE7}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [{AF759300-2CFA-4E92-AD98-B0387D63750E}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [{83EAA9C5-13AE-4379-8A7A-1A451DE149F1}] => (Consenti) C: \ Programmi (x86) \ CyberLink \ PowerDirector10 \ PDR10.EXE
Regole firewall: [(0CDEF45C-EBCE-40DD-A906-4D8A19357239}] => (Consenti) C: \ Program Files \ Soluto \ SolutoRemoteDirect.exe
Regole firewall: [{27BC92BA-C0DF-4F0A-B402-803DE4B8C650}] => (Consenti) C: \ Program Files \ Soluto \ Soluto.exe
Regole firewall: [{A86C510D-1FBE-4A07-B7D3-6688972260BF}] => (Consenti) C: \ Program Files \ Soluto \ SolutoCleanup.exe
Regole firewall: [{F06DBE26-DCDC-43DB-923B-84922C3D7501}] => (Consenti) C: \ Program Files \ Soluto \ SolutoConsole.exe
Regole firewall: [(0F557B47-74C5-41DD-A6DF-EC7019C28C0A}] => (Consenti) C: \ Program Files \ Soluto \ SolutoUpdateService.exe
Regole firewall: [{622F8DA1-E917-4525-82F4-95CE89573A91}] => (Consenti) C: \ Program Files \ Soluto \ SolutoService.exe
Regole firewall: [{8583C492-5FAC-4950-B27D-85673B8A59F1}] => (Consenti) C: \ Programmi (x86) \ Spotify \ spotify.exe
Regole firewall: [{C0A50D40-4FBC-4225-A75A-0F9FD9A3A385}] => (Consenti) C: \ Programmi (x86) \ Spotify \ spotify.exe
Regole firewall: [(5B845775-762B-40A0-BB1D-F61FDF22BB8A}] => (Consenti) C: \ Programmi (x86) \ Spotify \ Data \ SpotifyWebHelper.exe
Regole firewall: [{34912F3A-F2D0-4438-9420-CC762555A183}] => (Consenti) C: \ Program Files (x86) \ Spotify \ Data \ SpotifyWebHelper.exe
Regole firewall: [{CEFCBC5D-294D-48FD-B250-9584842DE192}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{AB0F8975-BA91-45AA-8389-E538AF6033F3}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{79E8EE5B-0B90-4ED6-B332-9F3DFF41F7AF}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{E0F07D32-362A-42ED-97E1-2A1D3865FFDD}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{057DC14D-EFDB-4A07-A145-AA644A742B2D}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{3DD3649E-E7D5-4AED-9E4A-6833D37AFBD6}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ DMCDaemon.exe
Regole firewall: [{53C87CE3-47A8-4F93-B0BD-520F1A21B2B1}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{4BF74386-68AA-4104-ABA6-8F7D80142BB0}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Media \ WindowsUpnpMV.exe
Regole firewall: [{0861019B-875B-4A10-9D3B-213164B67BA9}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{C243A41F-FBA1-4674-84FE-ECFDD2CBA840}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{81AD1F53-D770-4C1D-BA7A-4F2DCBA344FA}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole del firewall: [{A8CC1775-D679-4C99-85EA-324560AA6292}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole firewall: [{CBE73F58-AB6C-4FF7-A5AA-CB1EE0114910}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{B2CB0BF9-8ABF-4098-896C-D1D77F1FB73A}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ DMCDaemon.exe
Regole firewall: [{8B489C99-EFED-4EA5-A3E4-669318A95753}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole del firewall: [{D47B7414-60D1-4252-931D-6DE0E3B83698}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Photo \ WindowsUpnp.exe
Regole firewall: [{CA212984-C696-49A8-AE50-B087954C39EE}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole del firewall: [{A8573D83-3F62-4B63-8F72-25BC95DE1FE3}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole firewall: [{69446298-6357-443B-8251-DCABB696B4AB}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ Sdd.exe
Regole firewall: [(1D67F0DF-34D4-447D-9440-263584BA3932)] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ Sdd.exe
Regole del firewall: [{D9555367-7BFA-4AA6-982F-8B42357225FD}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ virtualdrive.exe
Regole del firewall: [{CBCD7F61-1B35-46F6-97EA-815F9F82BA58}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ virtualdrive.exe
Regole firewall: [{83B83E5C-AAB5-4A6C-97F9-5164F9ED193C}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole firewall: [{8AAED861-7B16-459D-8ED6-13A33C8600CF}] => (Consenti) C: \ Programmi (x86) \ Acer \ Acer Portal \ ccd.exe
Regole firewall: [(1F685178-EA4D-4AA3-BBF8-C4C8E20932B5}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [(88E207CF-08D8-4A64-8C9A-0D51CF4F3333}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [{C6A1C400-85F1-4DC5-A059-AE2F3DF325DE}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [{F1DD69A2-519A-4BB1-9F12-F578B2F4AA42}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [{5B16D34A-BDE4-4761-B960-83F3A988E93E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{087C7601-8720-45BD-8447-AD5254C91DAC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{F64A059C-30FF-41AD-A425-189CE24C68F4}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{487A07D8-3374-4DFD-AC5B-753AF1596829}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{292AC2E5-5F18-4EAD-AC73-EC05D8D2695C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{0797C174-7686-488C-A944-2D4C77F4FC79}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{862EF299-342E-4255-98EC-89B02044CF19}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{DAB56AD2-B2EA-4BFB-8CCB-217F67022528}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{AAC31940-E5C7-468A-9E3F-65F4F9845731}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{C03B7854-7BAD-486C-A091-8C8C8997D418}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{4E897D40-E6AC-4B6E-BA94-1DAE00C4E192}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{B049E71A-59E5-42B7-AD7D-2F1F556BD488}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{6ED28BD2-A969-4B35-8E12-BB80B9605C17}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{6F633001-09A5-4859-8FA0-D6D5803D4DA5}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{A5F43AA4-DD7B-429A-9C28-5A4193D66627}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{42D6CA32-D9D2-41D9-B7CE-4F2FC9D9A83C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{318CECFA-D32D-48AB-8A81-CE985D8CE539}] => (Consenti) C: \ Programmi \ File comuni \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [(2BB3DBE6-91AB-46E8-AF0C-BF4A7B0CA04B}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole del firewall: [TCP Query User {5B522B84-DF1F-4CE2-B113-8C1F69F32FE5} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole del firewall: [Utente query UDP {D5F409BF-8A9F-47D0-802D-116B76665B69} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole firewall: [{D9ADAFBA-88C9-4225-BE10-12F894082EFA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{1ABA8D1C-3966-42E8-9FD7-438F94A46FA1}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{D3C689FC-2F31-43D7-BC1D-23548AC10842}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{646F6972-AA14-4723-8192-E52D82C4F992}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{1343D175-4BF6-4E90-90AB-E56BA1F2311C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [(99C2F080-43BB-4DF9-81E5-219381284ACE}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{1B3683A4-B449-4D6C-9252-72E7DA494F9E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{BAF9A487-642E-4D99-A217-EF9A8052C634}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{1624C5C2-8284-447E-8853-6712189171CC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{EC87B11F-1667-4B5F-BA70-4048A7E23BF8}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{814D7CDE-92D7-45B9-8016-26E503FEB4F2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{24DD4180-2FF4-4489-BECC-A0B75990A875}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{9AA4F94A-35B8-46DA-8F3C-D4D3CA2B97E6}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{3ED60866-5EE2-4382-A788-2648A03216E7}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{2AC5E4CE-DF7B-48F4-AB50-B0E882C3BD2D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{01E8A7C1-B69E-4D61-B528-95F1933452BF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [TCP Query User {5C24F2A6-8FB8-4736-A723-D9091A00F642} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole del firewall: [Utente query UDP {F3EBBBFF-1560-466C-991B-B6B05B6CDD37} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole firewall: [{43A9D858-8EB2-4D2C-B546-D9A8C65688BC}] => (Consenti) C: \ Users \ songe_000 \ AppData \ Local \ Microsoft \ SkyDrive \ SkyDrive.exe
Regole firewall: [(9C81E31D-1FB0-4BB3-9824-BD5F22CC185D}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ bin \ FaxApplications.exe
Regole firewall: [{F056919F-1BA2-40C4-A168-9935E4BB2796}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ bin \ DigitalWizards.exe
Regole firewall: [{1B6E200F-3865-4F73-BBD8-DEC53F29D2E3}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ bin \ SendAFax.exe
Regole firewall: [{98B2DFB3-C03F-4223-BE51-B86487471B09}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ DeviceSetup.exe
Regole firewall: [{138FFF1D-F20C-4F6A-86D9-1307290C51AD}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ HPNetworkCommunicator.exe
Regole firewall: [{DFCEACDA-092A-4A55-9942-549F974C3D65}] => (Consenti) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ HPNetworkCommunicatorCom.exe
Regole firewall: [{31741EF3-A886-45A4-B92A-4CF5E85C1670}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{678003C3-8AF4-4AB3-B4FC-93EBC73AE2C2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{C8098A4A-FD4B-4EA1-85EA-A2F49F0CA64A}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{B31AB466-2234-4560-B053-C049F02D302C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{F8993880-EC36-42EF-9B25-80ADAD21190D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{F4C2A124-642A-4F35-8FBF-A47FC3A87F11}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{7507D646-3A42-48AC-9AFF-82492AAD5A86}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{0C13D7C8-AF0F-4385-AA5D-BD2CA1E2FA91}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{D704FC1F-E959-4AA0-8E68-4026A5E9CBC2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{4A00C396-E7AA-4FAD-A457-08B98729E84F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{70ED23CC-346C-4872-AEF6-379805B432EC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{AB86E766-0963-44A5-8C40-26722B898A2A}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{2519A1DF-B16D-4C73-BC42-254711584A0E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{B59ECFBB-80F4-42E6-B9DF-E44F03F2A553}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{B8011E13-D5D2-4555-8605-4B1478491DB1}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{40C74F0B-5914-4B66-B921-060B7B04F9DD}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{4EF4DADA-E14F-4EE5-905B-AAD1F2E946BE}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{0383FCA1-B573-4107-81E6-C5289D3B30B8}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{C8B6E443-CE15-4E1B-A9BB-FBE5A40CA136}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{FFC80977-D188-4634-9A80-E942AFA506BF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{5689A824-1CDF-4C15-A3DD-E844711E7A04}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ DMCDaemon.exe
Regole firewall: [{D58E4BCB-4548-4680-BD8B-511FC992C02E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ DMCDaemon.exe
Regole del firewall: [{E86F153E-1082-4DF0-A826-22F276BA7A61}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ WindowsUpnp.exe
Regole del firewall: [{0A490A81-03F1-429D-BFAE-F890253976EB}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto_ \ WindowsUpnp.exe
Regole firewall: [{F90A2635-C6AE-4489-86E2-A6CEEC3EB240}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ DMCDaemon.exe
Regole firewall: [{83F4D3FF-0047-4F0E-95F6-7F059EBF6C23}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ DMCDaemon.exe
Regole firewall: [{A21E2346-4210-4911-A270-F994A7970F37}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ WindowsUpnp.exe
Regole firewall: [{202E60DA-C480-48FA-8BEE-9D749454ADFA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abPhoto \ WindowsUpnp.exe
Regole firewall: [{42EFD9D8-A1F5-4E06-BF93-EDD086F877BF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{B2D43925-0DB1-4E26-BA48-4FA49613FEC6}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{00812894-7509-42B8-80BA-90B1A5436DB4}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{50C116BE-F057-435A-AB21-2AAAA556FD90}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{502BD199-955F-40B5-B834-8751A00D075E}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole firewall: [{1A72FBB1-2786-417C-B83E-37F759C34E73}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [Utente query TCP {970CE1B8-1AD2-461B-AF8E-C33665CBEEE5} C: \ programmi (x86) \ mozilla firefox \ firefox.exe] => (Consenti) C: \ programmi (x86) \ mozilla firefox \ firefox.exe
Regole del firewall: [Utente query UDP {8F81D309-ED55-470A-9D8C-465E9F3DD7C1} C: \ programmi (x86) \ mozilla firefox \ firefox.exe] => (Consenti) C: \ file di programma (x86) \ mozilla firefox \ firefox.exe
Regole firewall: [{8C9111E4-07A7-4DAF-9098-BE8D8531E712}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{7C18D753-D319-40DB-88DF-FC30211EFE99}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{52B38A9A-D8E1-46FD-A5C1-2DED45F967ED}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{0A5D90D3-4F76-481B-81BE-3A291F5B0B4B}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{1FC0E619-31F8-428F-AD1A-930CC31C717F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole del firewall: [{5717E7B9-B007-4D32-8AD8-1E2E19BFD452}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ DMCDaemon.exe
Regole firewall: [{06F41FA4-6B70-4D01-9E36-7C35D035D955}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole firewall: [{B69D2AA8-482F-4F43-90BF-298A5C6FB808}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia_ \ WindowsUpnpMV.exe
Regole del firewall: [{C6B1CE5F-0453-4F16-B4B7-BC8689D26F72}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{D87CA709-90E4-48BF-9F19-B220C41E2014}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{B653A0BE-8BE3-4045-A586-0D322D749C06}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{0046F486-9951-45ED-AEB5-922FDA7EBC97}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{1BA4D898-8827-4D69-A194-2D34845A922D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{F0A48ABC-ABC8-4A8C-99A3-72E673F17979}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{ABC073FC-B542-4D13-B674-C3BD30616FEF}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{834784A6-B596-4244-A361-92BF06F7F38E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{60027485-8FB9-453D-ADD5-50165E3FB923}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{11BAD5E6-E6DD-462B-83E9-07787B02D14D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{79E280B7-CC71-4947-B446-A56CF06FF8B6}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{22BF4FE2-81AB-44F7-83B1-A4298744F4DC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{AD96EC36-0882-4125-8E38-86BA094E515D}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{893EC21B-B9C3-43B4-9F6F-BB9AC9D30E17}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{C1082CBF-EEED-42D7-B1BF-AC353933445F}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{1A4C59F0-9084-4B6E-BD77-C7ED087523B9}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [(4C0CEC6D-A1C1-4793-B02B-71549A0D12DA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{050B935D-809B-4699-87B2-C2522F3BE30E}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole del firewall: [{D57E921A-2B52-4030-873A-ED24230B865C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{C2925A1C-1A29-49CB-8809-DA8BAAC86911}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{1BACC9CB-EF38-47D7-B0B8-8E14E4D5C752}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{F9A050DB-DC5C-475F-8A1F-BE4A9F0A2CCA}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{108F4A87-3C16-4038-80FB-69A54E83F113}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [{16695FC9-695C-43E3-90AD-8634B496298C}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{EF7E8372-6421-4F28-9BF8-4846F7D4ACBC}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{EF253CD6-7D3E-4BFA-AEE1-7809108E9827}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ DMCDaemon.exe
Regole firewall: [{302E624F-1143-4E7F-9EB5-AB3ABA4788D2}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole del firewall: [{A2B33C06-38FB-4CAE-840E-20986BD50D95}] => (Consenti) C: \ Programmi (x86) \ Acer \ abMedia \ WindowsUpnpMV.exe
Regole firewall: [Utente query TCP {FCAF4C16-D0DA-4F62-B702-7C460D5FE5CC} C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe] => (Blocca) C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe
Regole del firewall: [UDP Query User {B2CCB2C9-DAF0-4B4B-A71D-B8A362388FF7} C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe] => (Blocca) C: \ users \ songe_000 \ appdata \ roaming \ spotify \ spotify.exe
Regole del firewall: [{FD83F711-2701-4CA0-80D7-96FF5464703B}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [{FD620598-A759-44CA-9F40-3840505D211F}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole firewall: [{2AD03CDC-6E28-4FC5-AA47-DEF3236D1BF1}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [{5988247A-E212-4CA2-A798-E72008A3661F}] => (Consenti) C: \ Program Files \ Bonjour \ mDNSResponder.exe
Regole firewall: [{F726D270-20BF-4F90-A84B-87299766F45C}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [{D969EFD3-1DA9-4081-B160-E4EE6F6D9B16}] => (Consenti) C: \ Programmi (x86) \ Bonjour \ mDNSResponder.exe
Regole firewall: [Utente query TCP {5A1F0B58-0956-4365-8ABA-97AEF8041598} C: \ windows \ system32 \ settingsynchost.exe] => (Blocca) C: \ windows \ system32 \ settingsynchost.exe
Regole firewall: [Utente query UDP {832D7CE9-F140-4072-8A22-5517DAC1C879} C: \ windows \ system32 \ settingsynchost.exe] => (Blocca) C: \ windows \ system32 \ settingsynchost.exe
Regole firewall: [TCP Query User {0B520AD6-4A9C-4619-B0A6-AECFD6CE652E} C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe] => (Consenti) C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe
Regole del firewall: [Utente query UDP {B63B0D33-97C9-402C-9395-8BA9EBB66E26} C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe] => (Consenti) C: \ users \ songe_000 \ appdata \ local \ amazon music \ amazon music helper.exe
Regole firewall: [{35B83626-70B2-411E-8DCD-04A7B6921CA2}] => (Consenti) C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ outlook.exe
Regole del firewall: [{E75D9322-35DF-4C9A-9DB1-94C84FC49572}] => (Consenti) C: \ Programmi (x86) \ Google \ Chrome \ Application \ chrome.exe
Regole firewall: [{35E260E3-96CC-4439-80B7-0B0B46F1AFF4}] => (Consenti) C: \ Program Files \ iTunes \ iTunes.exe

==================== Punti di ripristino =========================

12-09-2017 01:35:16 Windows Update
17-09-2017 02:24:22 Windows Update

==================== Dispositivi di gestione dispositivi difettosi =============

Nome: Controller host Intel (R) Serial IO I2C - 9C62
Descrizione: Controller host Intel (R) Serial IO I2C - 9C62
Guida di classe: {4d36e97d-e325-11ce-bfc1-08002be10318}
Produttore: Intel Corporation
Servizio: iaLPSSi_I2C
Problema: Windows non riesce a caricare il driver del dispositivo per questo hardware. Il driver potrebbe essere danneggiato o mancante. (Codice 39)
Soluzione: le cause di questo errore includono un driver non trovato; un file binario danneggiato; un problema di I / O del file o un driver che fa riferimento al punto di ingresso in un altro binario che non è stato possibile caricare.
Disinstallare il driver e quindi fare clic su "Rileva modifiche hardware" per reinstallare o aggiornare il driver.


==================== Errori del registro eventi: =========================

Errori dell'applicazione:
==================
Errore: (21.09.2017 08:36:34) (Fonte: VSS) (EventID: 8193) (Utente :)
Descrizione: Errore del servizio Copia Shadow del volume: un errore imprevisto durante la chiamata alla routine QueryFullProcessImageNameW. hr = 0x80070006, l'handle non è valido.
.


Operazione:
Trattare in modo asincrono

Contesto:
Stato corrente: DoSnapshotSet

Errore: (21.09.2017 08:34:22 PM) (Fonte: Microsoft-Windows-CAPI2) (EventID: 513) (Utente :)
Descrizione: i servizi di crittografia non sono riusciti durante l'elaborazione della chiamata OnIdentity () sull'oggetto System Writer.

Dettaglio:
AddLegacyDriverFiles: impossibile eseguire il backup dell'immagine del protocollo Binary Microsoft Link Layer Discovery.

Fallimento del sistema:
Ingresso negato.
.

Errore: (21.09.2017 08:13:32) (Origine: errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: updater.exe, versione: 2.0.8100.0, timestamp: 0x51da5d04
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 10.0.14393.1358, timestamp: 0x59327897
Codice eccezione: 0xe0434352
Offset errore: 0x0000000000033c58
ID processo che ha generato l'errore: 0x24a0
Ora di inizio dell'applicazione difettosa: 0x01d3334862258945
Percorso dell'applicazione che ha generato l'errore: C: \ Program Files (x86) \ Acer \ Live Updater \ updater.exe
Percorso del modulo difettoso: C: \ WINDOWS \ System32 \ KERNELBASE.dll
ID rapporto: e7e61ed5-ae3d-41e8-9ead-5be10931c0dd
Il nome completo del pacchetto che ha causato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Errore: (21.09.2017 08:13:32) (Origine: .NET Runtime) (EventID: 1026) (Utente :)
Descrizione: Application: updater.exe
Versione Framework: v4.0.30319
Descrizione: il processo è stato interrotto a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.Xml.XmlException
in System.Xml.XmlTextReaderImpl.Throw (System.Exception)
in System.Xml.XmlTextReaderImpl.ParseDocumentContent ()
in System.Xml.XmlLoader.Load (System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
in System.Xml.XmlDocument.Load (System.Xml.XmlReader)
in System.Xml.XmlDocument.Load (System.String)
updater.Report.AddFPToResult (updater.Result) adresinde
updater.UpgradeItem.DiagnosticDownloadEvent (NotifyMgrArgs) 'da
updater.DownloadMgr.DownloadFile (System.String, System.String) adresinde
updater.DownloadMgr.Worker (System.Object) adresinde
in System.Threading.ExecutionContext.RunInternal (System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
in System.Threading.ExecutionContext.Run (System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
in System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem ()
in System.Threading.ThreadPoolWorkQueue.Dispatch ()

Errore: (21.09.2017 08:13:16) (Origine: errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: updater.exe, versione: 2.0.8100.0, timestamp: 0x51da5d04
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 10.0.14393.1358, timestamp: 0x59327897
Codice eccezione: 0xe0434352
Offset errore: 0x0000000000033c58
ID processo che ha generato l'errore: 0x31c0
Ora di inizio dell'applicazione difettosa: 0x01d333482c263b4e
Percorso dell'applicazione che ha generato l'errore: C: \ Program Files (x86) \ Acer \ Live Updater \ updater.exe
Percorso del modulo difettoso: C: \ WINDOWS \ System32 \ KERNELBASE.dll
ID segnalazione: 7a9e673a-341f-4a71-92da-2e41a4cef210
Il nome completo del pacchetto che ha causato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Errore: (21.09.2017 08:13:15) (Origine: .NET Runtime) (EventID: 1026) (Utente :)
Descrizione: Application: updater.exe
Versione Framework: v4.0.30319
Descrizione: il processo è stato interrotto a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.Xml.XmlException
in System.Xml.XmlTextReaderImpl.Throw (System.Exception)
in System.Xml.XmlTextReaderImpl.ParseDocumentContent ()
in System.Xml.XmlLoader.Load (System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
in System.Xml.XmlDocument.Load (System.Xml.XmlReader)
in System.Xml.XmlDocument.Load (System.String)
updater.Report.AddFPToResult (updater.Result) adresinde
updater.UpgradeItem.DiagnosticDownloadEvent (NotifyMgrArgs) 'da
updater.DownloadMgr.DownloadFile (System.String, System.String) adresinde
updater.DownloadMgr.Worker (System.Object) adresinde
in System.Threading.ExecutionContext.RunInternal (System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
in System.Threading.ExecutionContext.Run (System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
in System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem ()
in System.Threading.ThreadPoolWorkQueue.Dispatch ()

Errore: (21.09.2017 08:12:15) (Origine: COM) (EventID: 10031) (Utente :)
Descrizione: è stato eseguito un controllo dei criteri incompatibili durante l'annullamento della condivisione di un oggetto di marshalling personalizzato e la classe negata {2CD39202-3A2F-4935-9A86-65B919919A7F}.

Errore: (21.09.2017 04:13:43) (Origine: errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: updater.exe, versione: 2.0.8100.0, timestamp: 0x51da5d04
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 10.0.14393.1358, timestamp: 0x59327897
Codice eccezione: 0xe0434352
Offset errore: 0x0000000000033c58
ID processo difettoso: 0x2bac
Ora di inizio dell'applicazione difettosa: 0x01d33326db32ad29
Percorso dell'applicazione che ha generato l'errore: C: \ Program Files (x86) \ Acer \ Live Updater \ updater.exe
Percorso del modulo difettoso: C: \ WINDOWS \ System32 \ KERNELBASE.dll
ID rapporto: 64bed7b2-67ac-484d-ab57-7537eebf0de7
Il nome completo del pacchetto che ha causato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Errore: (21.09.2017 04:13:41) (Origine: .NET Runtime) (EventID: 1026) (Utente :)
Descrizione: Application: updater.exe
Versione Framework: v4.0.30319
Descrizione: il processo è stato interrotto a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.Xml.XmlException
in System.Xml.XmlTextReaderImpl.Throw (System.Exception)
in System.Xml.XmlTextReaderImpl.ParseDocumentContent ()
in System.Xml.XmlLoader.Load (System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
in System.Xml.XmlDocument.Load (System.Xml.XmlReader)
in System.Xml.XmlDocument.Load (System.String)
updater.Report.AddFPToResult (updater.Result) adresinde
updater.UpgradeItem.DiagnosticDownloadEvent (NotifyMgrArgs) 'da
updater.DownloadMgr.DownloadFile (System.String, System.String) adresinde
updater.DownloadMgr.Worker (System.Object) adresinde
in System.Threading.ExecutionContext.RunInternal (System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
in System.Threading.ExecutionContext.Run (System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
in System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem ()
in System.Threading.ThreadPoolWorkQueue.Dispatch ()

Errore: (21.09.2017 03:29:13 PM) (Origine: errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: cmdagent.exe, versione: 10.0.1.6294, timestamp: 0x59a48eea
Nome del modulo che ha generato l'errore: cmdagent.exe, versione: 10.0.1.6294, timestamp: 0x59a48eea
Codice eccezione: 0xc0000409
Offset errore: 0x00000000004d11c0
ID processo che ha generato l'errore: 0x1a68
Ora di inizio dell'applicazione difettosa: 0x01d33318c85bb78f
Percorso dell'applicazione che ha generato l'errore: C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdagent.exe
Percorso del modulo difettoso: C: \ Program Files \ COMODO \ COMODO Internet Security \ cmdagent.exe
ID rapporto: a7370bc1-e921-482b-a081-d9be397fe885
Il nome completo del pacchetto che ha causato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:


Errori di sistema:
=============
Errore: (21.09.2017 08:17:49) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:45) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:42) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:38) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:35) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:31) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:27) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:24) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:17:20) (Origine: disco) (ID evento: 7) (Utente :)
Descrizione: il blocco per dispositivo \ Device \ Harddisk0 \ DR0 non è valido.

Errore: (21.09.2017 08:14:07) (Origine: DCOM) (EventID: 10010) (Utente: NT AUTHORITY)
Descrizione: il server {784E29F4-5EBE-4279-9948-1E8FE941646D} non è stato registrato con DCOM entro il periodo di timeout richiesto.


Codice Integrità:
===================================
Data: 2017-09-21 15: 30: 08.626
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21-09-2017 14:33: 20.704
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21/09/2017 11: 07: 44.438
Descrizione: Windows non può verificare l'integrità dell'immagine di \ Device \ HarddiskVolume4 \ Windows \ System32 \ guard64.dll perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21/09/2017 11: 07: 38.681
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21/09/2017 08: 05: 39.517
Descrizione: l'integrità del codice ha determinato che il file \ Device \ HarddiskVolume4 \ Windows \ SystemApps \ Microsoft.MicrosoftEdge_8wekyb3d8bbwe \ MicrosoftEdgeCP.exe) \ Device \ HarddiskVolume4 \ Program Files \ Malwarebytes \ Anti-Malware \ mbae64.dll memorizza i requisiti del livello di firma.

Data: 21-09-2017 07:50: 43.401
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21-09-2017 07: 14: 02.583
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21-09-2017 06:55: 07.706
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21-09-2017 06: 46: 04.833
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.

Data: 21/09/2017 04: 23: 44.605
Descrizione: Windows non può verificare l'integrità dell'immagine del file \ Device \ HarddiskVolume4 \ Program Files \ Windows Defender \ MsMpEng.exe perché l'hash del file non è stato trovato nel sistema. Una recente modifica hardware o software potrebbe essere firmata o danneggiata in modo errato oppure malware proveniente da una fonte sconosciuta.


==================== Informazioni sulla memoria ===========================

Processore: CPU Intel (R) Core (TM) i5-4210U a 1,70 GHz
Percentuale di memoria utilizzata: 79%
RAM fisica totale: 4019,27 MB
RAM fisica disponibile: 827,3 MB
Totale virtuale: 7091,27 MB
Virtuale disponibile: 3412,08 MB

==================== Driver ============================= ===

Unità c: (Acer) (fisso) (totale: 448,4 GB) (gratuito: 236,29 GB) NTFS

==================== MBR e tabella delle divisioni ==================

========================================================
Disco: 0 (dimensione: 465,8 GB) (ID disco: CEE1CD6E)

Categoria: GPT.

==================== Addition End.txt ========================= = ==

[mom26gr8kids]

Risultato della scansione Farbar Recovery Scan Tool (FRST) (x64) Versione: 20-09-2017
Gestito da songe_000 (amministratore) su MOMSPC (21-09-2017 20:44:56)
Esegui da C: \ Users \ songe_000 \ Downloads
Profili installati: songe_000 (Profili disponibili: songe_000)
Piattaforma: Windows 10 Home versione 1607 (X64) Lingua: inglese (USA)
Internet Explorer Ver.11 (browser predefinito: Edge)
Modalità di avvio: normale
Tutorial sullo strumento di scansione di ripristino Farbar:

==================== Processi (autorizzati) =================

(Se viene aggiunta una voce all'elenco delle correzioni, il processo viene chiuso. Il file non viene spostato.)

(Intel Corporation) C: \ Windows \ System32 \ igfxCUIService.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ CCDMonitorService.exe
(SUPERAntiSpyware.com) C: \ Programmi \ SUPERAntiSpyware \ DESKTOP.EXE
(Apple Inc.) C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Launch Manager \ LMSvc.exe
() C: \ Programmi (x86) \ CyberLink \ Shared files \ RichVideo.exe
(COMODO) C: \ Programmi (x86) \ COMODO \ Internet Security Essentials \ isesrv.exe
(Acer Incorporated) C: \ Program Dosyaları \ Acer \ Acer Touch Tools \ TouchToolsLaunchSvc.exe
(Soluto) C: \ Programmi \ Soluto \ SolutoService.exe
(Soluto) C: \ Programmi \ Soluto \ SolutoLauncherService.exe
(Apple Inc.) C: \ Programmi \ Bonjour \ mDNSResponder.exe
(Intel (R) Corporation) C: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe
(Microsoft Corporation) C: \ Programmi \ File comuni \ microsoft shared \ ClickToRun \ OfficeClickToRun.exe
(Malwarebytes) C: \ Program Dosyaları \ Malwarebytes \ Anti-Malware \ MBAMService.exe
(Microsoft Corporation) C: \ Windows \ Microsoft.NET \ Framework64 \ v3.0 \ WPF \ PresentationFontCache.exe
(Soluto) C: \ Programmi \ Soluto \ Soluto.exe
(Microsoft Corporation) C: \ Program Files \ Microsoft Mouse and Keyboard Center \ ipoint.exe
(Microsoft Corporation) C: \ Program Files \ Microsoft Mouse and Keyboard Center \ itype.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cistray.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxEM.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxHK.exe
() C: \ Windows \ System32 \ igfxTray.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Launch Manager \ LMEvent.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Quick Access \ QASvc.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Quick Access \ QAEvent.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Launch Manager \ LMTray.exe
(Acer Incorporated) C: \ Programmi \ Acer \ Acer Power Management \ ePowerSvc.exe
(Acer Incorporate) C: \ Programmi \ Acer \ Acer Quick Access \ QAMsg.exe
(Acer Incorporate) C: \ Program Dosyaları \ Acer \ Acer Quick Access \ QuickAccess.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cis.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVCpl64.exe
(Apple Inc.) C: \ Programmi \ iTunes \ iTunesHelper.exe
(Spotify Ltd) C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ SpotifyWebHelper.exe
(SUPERAntiSpyware) C: \ Programmi \ SUPERAntiSpyware \ SUPERANTISPYWARE.EXE
(Hewlett-Packard Co.) C: \ Programmi \ HP \ HP Officejet 6700 \ Bin \ ScanToPCActivationApp.exe
(Apple Inc.) C: \ Programmi (x86) \ Common Files \ Apple \ Internet Services \ iCloudServices.exe
(Apple Inc.) C: \ Programmi (x86) \ Common Files \ Apple \ Internet Services \ ApplePhotoStreams.exe
() C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoaderMonitor.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ BackgroundAgent.exe
(Apple Inc.) C: \ Program Files \ iPod \ bin \ iPodService.exe
(Acer) C: \ Programmi (x86) \ Acer \ Acer Portal \ AcerPortal.exe
(Tecnologia cloud Acer) C: \ Programmi (x86) \ Acer \ AOP Framework \ acer \ ccd.exe
(Amazon Services LLC) C: \ Kullanıcılar \ songe_000 \ AppData \ Local \ Amazon Music \ Amazon Music Helper.exe
(Hewlett-Packard) C: \ Programmi (x86) \ Hp \ HP Software Update \ hpwuschd2.exe
(CompSoft) C: \ Programmi (x86) \ DoroPDFWriter \ DoroServer.exe
(COMODO) C: \ Programmi (x86) \ COMODO \ Internet Security Essentials \ vkise.exe
(AZIONI: <Şirket adı>) C: \ Programmi (x86) \ WildTangent Games \ App \ GamesAppIntegrationService.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ GestureDetection.exe
(Acer Incorporated) C: \ Program Dosyaları (x86) \ Acer \ Screen Grasp \ Launch Screen Grasp.exe
(Apple Inc.) C: \ Programmi (x86) \ Common Files \ Apple \ Apple Application Support \ APSDaemon.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ LMS.exe
(acer) C: \ Program Files \ Acer \ User Experience Improvement Program \ Framework \ UBTService.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(Nero AG) C: \ Programmi (x86) \ Nero \ Update \ NASvc.exe
(Malwarebytes) C: \ Program Dosyaları \ Malwarebytes \ Anti-Malware \ mbamtray.exe
(Microsoft Corporation) C: \ Program Dosyaları (x86) \ Microsoft Office \ root \ Office16 \ WINWORD.EXE
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdagent.exe
(Microsoft Corporation) C: \ Users \ songe_000 \ AppData \ Local \ Microsoft \ OneDrive \ 17.3.6998.0830 \ FileCoAuth.exe
(Intel Corporation) C: \ Windows \ SysWOW64 \ IntelCpHeciSvc.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cavwp.exe
(Malwarebytes) C: \ Users \ songe_000 \ Downloads \ JRT (1) .exe
(Microsoft Corporation) C: \ Windows \ SysWOW64 \ cmd.exe
(Google Inc.) C: \ Program Dosyaları (x86) \ Google \ Chrome \ Application \ chrome.exe
() C: \ Programmi \ Realtek \ Audio \ HDA \ FMAPP.exe
(Microsoft Corporation) C: \ Windows \ System32 \ dllhost.exe
(Microsoft Corporation) C: \ Windows \ System32 \ smartscreen.exe
(COMODO) C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdvirth.exe

==================== Registrazione (whitelist) ======================== == =

(Se una voce viene aggiunta all'elenco delle correzioni, l'elemento del registro viene ripristinato al valore predefinito o rimosso. Il file non viene spostato.)

HKLM \ ... \ Run: [RTHDVCPL] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM \ ... \ Run: [COMODO AutoStart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C: \ Program Files \ COMODO \ COMODO Internet Security \ cistray.exe [1489088 2017-08-28] ( COMODO)
HKLM \ ... \ Run: [iTunesHelper] => C: \ Programmi \ iTunes \ iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32 \ ... \ Run: [HP Software Update] => C: \ Program Files (x86) \ Hp \ HP Software Update \ HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32 \ ... \ Run: [DoroServer] => C: \ Program Files (x86) \ DoroPDFWriter \ DoroServer.exe [204800 2014-12-19] (CompSoft)
HKLM-x32 \ ... \ Run: [abDocsDllLoader] => C: \ Programmi (x86) \ Acer \ abDocs \ abDocsDllLoader.exe [91488 2016-08-15] ()
HKLM-x32 \ ... \ Run: [QuickTime Task] => C: \ Programmi (x86) \ QuickTime \ QTTask.exe [421888 2015-11-18] (Apple Inc.)
HKLM-x32 \ ... \ Run: [Aimersoft Helper Compact.exe] => C: \ Programmi (x86) \ Common Files \ Aimersoft \ Aimersoft Helper Compact \ ASHelper.exe [1667072 2012-02-28] (AimerSoft )
HKLM-x32 \ ... \ Run: [IseUI] => C: \ Program Dosyaları (x86) \ COMODO \ Internet Security Essentials \ vkise.exe [3632848 2017-08-07] (COMODO)
HKLM \ ... \ Winlogon: [Userinit] c: \ windows \ system32 \ userinit.exe, c: \ program files \ soluto \ soluto.exe / userinit
HKLM \ ... \ Policies \ Explorer \ Run: [BtvStack] => C: \ Program Dosyaları (x86) \ Qualcomm Atheros \ Bluetooth Suite \ BtvStack.exe
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [Spotify Web Helper] => C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ SpotifyWebHelper.exe [1444976 2016 -12-21] (Spotify Ltd)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [AviraSpeedup] => "C: \ Programmi (x86) \ Avira \ AviraSpeedup \ avira_system_speedup.exe" -autorun
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [SUPERAntiSpyware] => C: \ Programmi \ SUPERAntiSpyware \ SUPERAntiSpyware.exe [7964064 2017-08-28] (SUPERAntiSpyware .EXE)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [HP Officejet 6700 (NET)] => C: \ Program Files \ HP \ HP Officejet 6700 \ Bin \ ScanToPCActivationApp. exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [iCloudServices] => C: \ Program Files (x86) \ Common Files \ Apple \ Internet Services \ iCloudServices.exe [ 67384 09/05/2017] (Apple Inc.)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [ApplePhotoStreams] => C: \ Program Files (x86) \ Common Files \ Apple \ Internet Services \ ApplePhotoStreams.exe [ 67896 2017/05/09] (Apple Inc.)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [Spotify] => C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify \ Spotify.exe [7153264 2016-12 -21) (Spotify Ltd)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ ... \ Run: [Amazon Music] => C: \ Users \ songe_000 \ AppData \ Local \ Amazon Music \ Amazon Music Helper.exe [ 3694056 2017-04-18] (Amazon Services LLC)
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Control Panel \ Desktop \ SCRNSAVE.EXE -> C: \ WINDOWS \ system32 \ Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
HKU \ S-1-5-18 \ ... \ RunOnce: [Application Restart # 0] => C: \ Program Files \ Common Files \ microsoft shared \ ink \ TabTip.exe [371928 2016-07-16] (Azienda Microsoft)

==================== Internet (autorizzato) =====================

(Se un elemento è incluso nell'elenco delle correzioni, se è un elemento del registro, viene rimosso o ripristinato all'impostazione predefinita.)

Tcpip \ Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip \ .. \ Interfaces \ {dee13008-c737-4ac5-9444-f2960207d42f}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Internet Explorer:
==================
HKU \ S-1-5-21-634217685-3676121620-3412417090-1001 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = hxxp: //www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Lync Browser Assistant -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C: \ Programmi (x86) \ Microsoft Office \ root \ VFS \ ProgramFilesX64 \ Microsoft Office \ Office16 \ OCHelper.dll (2017-09 -17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Assistant -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C: \ Program Files (x86) \ Microsoft Office \ root \ VFS \ ProgramFilesX64 \ Microsoft Office \ Office16 \ GROOVEEX.DLL (2017 -09-17] (Microsoft Corporation)
Gestore-x32: mso-minsb-roam.16 - (83C25742-A9F7-49FB-9138-434302C88D07) - C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-17] (Azienda Microsoft)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-17] (Microsoft Azienda)
Handler-x32: osf-roam.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C: \ Program Files (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-17] (Microsoft Azienda)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C: \ Programmi (x86) \ Microsoft Office \ root \ Office16 \ MSOSB.DLL [2017-09-17] (Microsoft Corporation)

FireFox:
========
FF Profil Yolu: C: \ Users \ songe_000 \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 2lsg6gue.default [2017-09-16]
FF DefaultSearchEngine: Mozilla \ Firefox \ Profiles \ 2lsg6gue.default -> Google
FF DefaultSearchEngine.US: Mozilla \ Firefox \ Profiles \ 2lsg6gue.default -> Google
FF Anahtar Kelime.URL: Mozilla \ Firefox \ Profiles \ 2lsg6gue.default -> hxxps: //search.yahoo.com/search? Fr = mcafee & type = B110US662D20141022 & p =
Estensione FF: (Avira Browser Security) - C: \ Users \ songe_000 \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 2lsg6gue.default \ Extensions \ abs@avira.com.xpi [2017-07-17]
Estensione FF: (WOT) - C: \ Users \ songe_000 \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 2lsg6gue.default \ Extensions \ {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7) [2017-07-14]
FF SearchPlugin: C: \ Program Dosyaları (x86) \ mozilla firefox \ browser \ searchplugins \ McSiteAdvisor.xml [2015-01-04]
Plugin FF: @ adobe.com / FlashPlayer -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ NPSWF64_27_0_0_130.dll [2017-09-14] ()
FF Eklentisi-x32: @ adobe.com / FlashPlayer -> C: \ WINDOWS \ SysWOW64 \ Macromed \ Flash \ NPSWF32_27_0_0_130.dll [2017-09-14] ()
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; versione = 4.0.5 -> C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI updater -> C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIUpdater.dll [2013-12-09] (Intel Foundation)
FF Plugin-x32: @ microsoft.com / SharePoint, versione = 14.0 -> C: \ Program Files (x86) \ Microsoft Office \ root \ Office16 \ NPSPWRAP.DLL [2017-09-17] (Microsoft Corporation)
FF Plugin-x32: @ tools.google.com / Google Update; versione = 3 -> C: \ Programmi (x86) \ Google \ Update \ 1.3.33.5 \ npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @ tools.google.com / Google Update; versione = 9 -> C: \ Programmi (x86) \ Google \ Update \ 1.3.33.5 \ npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @ WildTangent.com / GamesAppPresenceDetector, versione = 1.0 -> C: \ Program Files (x86) \ WildTangent Games \ App \ BrowserIntegration \ Registered \ 0 \ NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C: \ Programmi (x86) \ Adobe \ Acrobat Reader DC \ Reader \ AIR \ nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU \ S-1-5-21-634217685-3676121620-3412417090-1001: @ citrixonline.com / appdetectorplugin -> C: \ Users \ songe_000 \ AppData \ Local \ Citrix \ Plugins \ 104 \ npappdetector.dll [2016 -05-11) (Citrix Online)
FF Plugin HKU \ S-1-5-21-634217685-3676121620-3412417090-1001: @ unity3d.com / UnityPlayer, versione = 1.0 -> C: \ Users \ songe_000 \ AppData \ LocalLow \ Unity \ WebPlayer \ loader \ npUnity3D32 .dll [03/07/2015] (Unity Technologies ApS)

[mom26gr8kids]

Eccetto:
=======
Profilo CHR: C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default [2017-09-21]
Estensione CHR: (Presentazioni Google) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
Estensione CHR: (Google Docs) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ aohghmighlieiainnegkcijnfilokake [2015-02-07]
Estensione CHR: (Google Drive) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
Estensione CHR: (WOT: Web of Trust, Website Reputation Ratings) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ bhmmomiinigofkjcapegjjndpbikblnp [2017-07-11]
Estensione CHR: (YouTube) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
Estensione CHR: (Ricerca Google) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
Estensione CHR: (Fogli Google) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
Estensione CHR: (Documenti Google offline) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ ghbmnnjooekpmoecnnilnnbdlolhkhi [18/03/2016]
Estensione CHR: (Pagamenti Chrome Web Store) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
Estensione CHR: (Gmail) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
Estensione CHR: (Chrome Media Redirector) - C: \ Users \ songe_000 \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Extensions \ pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-16]
CHR HKLM-x32 \ ... \ Chrome \ Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps: //clients2.google.com/service/update2/crx

==================== Servizi (autorizzati) ====================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

R2! SASCORE; C: \ Programmi \ SUPERAntiSpyware \ SASCORE64.EXE [173472 2017-02-23] (SUPERAntiSpyware.com)
Servizio per dispositivi mobili Apple R2; C: \ Programmi \ File comuni \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 CCDMonitorService; C: \ Program Dosyaları (x86) \ Acer \ AOP Framework \ CCDMonitorService.exe [2267352 2016-09-20] (Acer Incorporated)
R2 ClickToRunSvc; C: \ Programmi \ File comuni \ Microsoft Shared \ ClickToRun \ OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
R2 CmdAgent; C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdagent.exe [10501616 2017-08-28] (COMODO)
R3 cmdvirth; C: \ Programmi \ COMODO \ COMODO Internet Security \ cmdvirth.exe [2876096 2017-08-28] (COMODO)
R3 ePowerSvc; C: \ Programmi \ Acer \ Acer Power Management \ ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C: \ Program Dosyaları (x86) \ WildTangent Games \ App \ GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Şirket adı>) [File non firmato]
S2 HPSupportSolutionsFrameworkService; C: \ Program Dosyaları (x86) \ Hp \ Common \ HPSupportSolutionsFrameworkService.exe [89840 2015-06-30] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C: \ WINDOWS \ system32 \ igfxCUIService.exe [370064 2015-11-29] (Intel Corporation)
R2 Interfaccia del servizio di licenza di autorizzazione Intel®; C: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe [747520 2013-08-27] (Intel (R) Corporation) [File non firmato]
Interfaccia TCP IP del servizio di licenza in primo piano S3 Intel (R); C: \ Programmi \ Intel \ iCLS Client \ SocketHeciServer.exe [828376 2013-08-27] (Intel (R) Corporation)
R2 è izesrv; C: \ Programmi (x86) \ COMODO \ Internet Security Essentials \ isesrv.exe [133840 2017-08-07] (COMODO)
R2 jhi_service; C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 LMSvc; C: \ Programmi \ Acer \ Acer Launch Manager \ LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
Servizio R2 MBAM; C: \ Programmi \ Malwarebytes \ Anti-Malware \ mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R3 QASvc; C: \ Programmi \ Acer \ Acer Quick Access \ QASvc.exe [457960 2014-03-21] (Acer Incorporate)
R2 RichVideo; C: \ Programmi (x86) \ CyberLink \ File condivisi \ RichVideo.exe [254512 2012-04-24] ()
R2 SolutoLauncherService; C: \ Programmi \ Soluto \ SolutoLauncherService.exe [221728 2013-12-18] (Soluto)
S3 SolutoRemoteService; C: \ Program Files \ Soluto \ SolutoRemoteService.exe [1942016 2013-12-18] (GlavSoft LLC.) [File non firmato]
R2 TouchToolsLaunchService; C: \ Program Dosyaları \ Acer \ Acer Touch Tools \ TouchToolsLaunchSvc.exe [250624 2014-01-08] (Acer Incorporated)
R3 UEIPSvc; C: \ Program Files \ Acer \ User Experience Improvement Program \ Framework \ UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C: \ Programmi \ Windows Defender \ NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
S3 WinDefend; C: \ Programmi \ Windows Defender \ MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

===================== Driver (autorizzati) ======================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

R1 cmderd; C: \ WINDOWS \ System32 \ DRIVERS \ cmderd.sys [40968 2017-08-08] (COMODO)
R1 cmdGuard; C: \ WINDOWS \ System32 \ DRIVERS \ cmdguard.sys [827864 2017-08-08] (COMODO)
R1 cmdhlp; C: \ WINDOWS \ system32 \ DRIVERS \ cmdhlp.sys [50808 2017-08-08] (COMODO)
R3 cpuz136; C: \ WINDOWS \ TEMP \ cpuz136 \ cpuz136_x64.sys [23856 2016-09-20] (CPUID)
S3 dg_ssudbus; C: \ WINDOWS \ system32 \ DRIVERS \ ssudbus.sys [131712 2016-10-12] (Samsung Electronics Co., Ltd.)
R1 ESKoruma Sürücüsü; C: \ WINDOWS \ system32 \ drivers \ mbae64.sys [77440 2017-08-24] ()
R1 incelemek; C: \ WINDOWS \ system32 \ DRIVERS \ inspect.sys [132904 2017-08-08] (COMODO)
R1 izrrv; C: \ WINDOWS \ system32 \ drivers \ isedrv.sys [62208 2017-03-29] (COMODO)
R3 LMDriver; C: \ WINDOWS \ System32 \ drivers \ LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R2 MBAMChameleon; C: \ WINDOWS \ system32 \ drivers \ MBAMChameleon.sys [192960 2017-09-21] (Malwarebytes)
R3 MBAMFarflt; C: \ WINDOWS \ system32 \ DRIVERS \ farflt.sys [101824 2017-09-21] (Malwarebytes)
R3 MB; Koruma; C: \ WINDOWS \ system32 \ drivers \ mbam.sys [45472 21/09/2017] (Malwarebytes)
R3 MBAMSwissArmy; C: \ WINDOWS \ system32 \ drivers \ MBAMSwissArmy.sys [253888 2017-09-21] (Malwarebytes)
R3 MBAM Web Koruması; C: \ WINDOWS \ system32 \ drivers \ mwac.sys [94144 2017-09-21] (Malwarebytes)
R3 MEIx64; C: \ WINDOWS \ system32 \ DRIVERS \ TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NetAdapterCx; C: \ WINDOWS \ System32 \ drivers \ NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioShim; C: \ WINDOWS \ System32 \ drivers \ RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 rt640x64; C: \ WINDOWS \ System32 \ drivers \ rt640x64.sys [886528 2015-07-22] (Realtek)
R3 RTSPER; C: \ WINDOWS \ system32 \ DRIVERS \ RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C: \ Programmi \ SUPERAntiSpyware \ SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com e SUPERAntiSpyware.com)
R1 SASKUTIL; C: \ Programmi \ SUPERAntiSpyware \ SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com e SUPERAntiSpyware.com)
S3 ssudmdm; C: \ WINDOWS \ system32 \ DRIVERS \ ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SynRMIHID; C: \ WINDOWS \ system32 \ DRIVERS \ SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdBoot; C: \ WINDOWS \ system32 \ drivers \ WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C: \ WINDOWS \ system32 \ drivers \ WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C: \ WINDOWS \ System32 \ Drivers \ WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C: \ WINDOWS \ System32 \ drivers \ WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WsAudio_Device (1); C: \ WINDOWS \ system32 \ drivers \ VirtualAudio1.sys [31080 2016-05-16] (Wondershare)
S3 iaLPSSi_GPIO; \ SystemRoot \ System32 \ drivers \ iaLPSSi_GPIO.sys [X]
S3aLPSSi_I2C; \ SystemRoot \ System32 \ drivers \ iaLPSSi_I2C.sys [X]
S0 iaStorAV; System32 \ drivers \ iaStorAV.sys [X]
S0 iaStorV; System32 \ drivers \ iaStorV.sys [X]

==================== NetSvcs (White List) ===================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).


==================== File e cartelle creati in un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

21/09/2017 20:44 - 21/09/2017 20:48 - 000022429 _____ C: \ Users \ songe_000 \ Downloads \ FRST.txt
21/09/2017 20:44 - 21/09/2017 20:44 - 000000000 ____D C: \ Users \ songe_000 \ Downloads \ FRST-OlderVersion
21/09/2017 14:42 - 21/09/2017 14:42 - 000000000 ___HD C: \ $ WINDOWS. ~ BT
21/09/2017 11:10 - 21/09/2017 20:32 - 001790024 _____ (Malwarebytes) C: \ Users \ songe_000 \ Downloads \ JRT (1) .exe
21/09/2017 10:46 - 21/09/2017 10:47 - 008182736 _____ (Malwarebytes) C: \ Users \ songe_000 \ Downloads \ AdwCleaner (1) .exe
21/09/2017 10:44 - 21/09/2017 10:44 - 000001242 _____ C: \ Users \ songe_000 \ Desktop \ mbamlog.txt
21/09/2017 08:05 - 21/09/2017 20:14 - 000094144 _____ (Malwarebytes) C: \ WINDOWS \ system32 \ Sürücüler \ mwac.sys
21/09/2017 08:05 - 21/09/2017 10:59 - 000101824 _____ (Malwarebytes) C: \ WINDOWS \ system32 \ Sürücüler \ farflt.sys
21/09/2017 08:05 - 21/09/2017 10:58 - 000253888 _____ (Malwarebytes) C: \ WINDOWS \ system32 \ Sürücüler \ MBAMSwissArmy.sys
21/09/2017 08:05 - 21/09/2017 10:58 - 000045472 _____ (Malwarebytes) C: \ WINDOWS \ system32 \ Sürücüler \ mbam.sys
21/09/2017 08:05 - 21/09/2017 08:05 - 000192960 _____ (Malwarebytes) C: \ WINDOWS \ system32 \ Sürücüler \ MBAMChameleon.sys
21/09/2017 08:04 - 21/09/2017 08:04 - 000001916 _____ C: \ Users \ Public \ Desktop \ Malwarebytes.lnk
21/09/2017 08:04 - 21/09/2017 08:04 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Malwarebytes
21/09/2017 08:04 - 21/09/2017 08:04 - 000000000 ____D C: \ Programmi \ Malwarebytes
21/09/2017 08:04 - 24/08/2017 11:27 - 000077440 _____ C: \ WINDOWS \ system32 \ Drivers \ mbae64.sys
21/09/2017 08:03 - 21/09/2017 08:03 - 000000000 ____D Migrazione C: \ ProgramData \ MB2
21/09/2017 04:25 - 21/09/2017 04:25 - 000000903 _____ C: \ Users \ Public \ Desktop \ RogueKiller.lnk
21/09/2017 04:23 - 21/09/2017 04:24 - 035884000 _____ (Adlice Software) C: \ Users \ songe_000 \ Downloads \ RogueKiller_setup_ref3.exe
17/09/2017 15:54 - 21/09/2017 20:44 - 000000000 ____D C: \ FRST
17/09/2017 15:53 ​​- 21/09/2017 20:44 - 002399744 _____ (Farbar) C: \ Users \ songe_000 \ Downloads \ FRST64.exe
12/09/2017 01:06 - 12/09/2017 01:06 - 000067293 _____ C: \ Users \ songe_000 \ Documents \ GraceLloyd.pdf
12/09/2017 00:15 - 12/09/2017 00:20 - 000026703 _____ C: \ Users \ songe_000 \ Downloads \ Grace Transcript (1) .xlsx
12/09/2017 00:14 - 12/09/2017 01:26 - 000066365 _____ C: \ Users \ songe_000 \ Documents \ KaeleyEagle.pdf
12/09/2017 00:14 - 12/09/2017 00:19 - 000026703 _____ C: \ Users \ songe_000 \ Downloads \ Grace Transcript.xlsx
30-08-2017 22:42 - 03-08-2017 23:31 - 001564512 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ appraiser.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 001214816 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ aeinv.dll
30-08-2017 22:42 - 03-08-2017 23:31 - 000629088 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ generaltel.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000544096 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ devinv.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000335712 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ dcntel.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000334176 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ invagent.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000233824 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ aepic.dll
30/08/2017 22:42 - 03/08/2017 23:31 - 000136032 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ acmigration.dll
30-08-2017 22:42 - 03-08-2017 23:31 - 000096608 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ CompatTelRunner.exe
30-08-2017 22:42 - 03-08-2017 23:31 - 000034656 _____ (Microsoft Corporation) C: \ WINDOWS \ system32 \ DeviceCensus.exe
30/08/2017 22:42 - 03/08/2017 22:26 - 000192864 _____ (Microsoft Corporation) C: \ WINDOWS \ SysWOW64 \ aepic.dll
29-08-2017 12:07 - 29-08-2017 12:07 - 000063458 _____ C: \ Users \ songe_000 \ Documents \ JacksonSeidler.pdf
29-08-2017 12:00 - 29-08-2017 12:00 - 003816483 _____ C: \ Users \ songe_000 \ Files \ Jackson Seidler Notebook 2016-2017.pdf
28-08-2017 23:41 - 28-08-2017 23:41 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programmi \ iCloud
28-08-2017 23:39 - 28-08-2017 23:39 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ iTunes
28/08/2017 23:38 - 28/08/2017 23:39 - 000000000 ____D C: \ Programmi \ iPod
26/08/2017 20:35 - 26/08/2017 20:35 - 000026849 _____ C: \ Users \ songe_000 \ Downloads \ customPage41005 (3) .xlsx
25-08-2017 11:17 - 25-08-2017 11:18 - 001616527 _____ C: \ Users \ songe_000 \ Downloads \ att.pdf
24-08-2017 12:09 - 24-08-2017 12:09 - 000561602 _____ C: \ Users \ songe_000 \ Downloads \ Homeschool-Attendance-Registration-2017-2018 (1) .pdf

==================== File e cartelle modificati per un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

21/09/2017 20:44 - 16/03/2017 23:52 - 000094140 _____ C: \ WINDOWS \ system32 \ Drivers \ fvstore.dat
21/09/2017 20:44 - 16/03/2017 23:12 - 001474832 _____ C: \ WINDOWS \ system32 \ Drivers \ sfi.dat
21/09/2017 20:30 - 22/10/2014 21:58 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Local \ Packages
21/09/2017 20:11 - 20/09/2016 15:17 - 000000000 ____D C: \ WINDOWS \ system32 \ SleepStudy
21/09/2017 15:28 - 16/07/2016 05:36 - 000000000 ____D C: \ WINDOWS \ CbsTemp
21/09/2017 14:43 - 20/09/2016 17:15 - 000000000 ___DC C: \ WINDOWS \ Panther
21/09/2017 13:34 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ AppReadiness
21/09/2017 11:01 - 22/10/2014 23:43 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Local \ Spotify
21/09/2017 10:58 - 20/09/2016 15:20 - 000000180 _____ C: \ WINDOWS \ system32 \ {A6D608F0-0BDE-491A-97AE-5C4B05D86E01} .bat
21/09/2017 10:58 - 22/10/2014 21:58 - 000000000 __SHD C: \ Users \ songe_000 \ IntelGraphicsProfiles
21/09/2017 10:57 - 20/09/2016 18:54 - 000000006 ____H C: \ WINDOWS \ Tasks \ SA.DAT
21/09/2017 10:56 - 20/09/2016 15:25 - 000000000 ____D C: \ Users \ songe_000
21/09/2017 10:56 - 16/07/2016 00:04 - 000786432 _____ C: \ WINDOWS \ system32 \ config \ BBI
21/09/2017 10:55 - 16/03/2017 00:21 - 000000000 ____D C: \ AdwCleaner
21/09/2017 08:04 - 02/02/2015 22:20 - 000000000 ____D C: \ ProgramData \ Malwarebytes
21/09/2017 08:04 - 02/02/2015 22:20 - 000000000 ____D C: \ Program Dosyaları (x86) \ Malwarebytes Anti-Malware
21/09/2017 07:56 - 16/07/2016 05:47 - 000000000 ___HD C: \ Programmi \ WindowsApps
21/09/2017 04:25 - 09/03/2017 21:15 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programmi \ RogueKiller
21/09/2017 04:25 - 09/03/2017 21:15 - 000000000 ____D C: \ Programmi \ RogueKiller
21/09/2017 04:25 - 03/02/2015 22:24 - 000028272 _____ C: \ WINDOWS \ system32 \ Drivers \ TrueSight.sys
21/09/2017 04:20 - 22/10/2014 23:43 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Roaming \ Spotify
18/09/2017 14:53 - 31/07/2014 04:31 - 000000000 ____D C: \ Programmi (x86) \ Microsoft Office
18/09/2017 14:46 - 22/10/2014 22:01 - 000000000 __RDO C: \ Users \ songe_000 \ OneDrive
17/09/2017 02:53 - 25/10/2014 19:59 - 000000000 ____D C: \ WINDOWS \ system32 \ MRT
2017-09-17 02:26 - 2014-10-25 19:59 - 138202976 ____C (Microsoft Corporation) C: \ WINDOWS \ system32 \ MRT.exe
16/09/2017 21:10 - 09/02/2016 16:32 - 000066078 _____ C: \ Users \ songe_000 \ Documents \ JustinSonger.pdf
16/09/2017 20:50 - 16/07/2016 05:47 - 000000000 ____D C: \ ProgramData \ regid.1991-06.com.microsoft
2017-09-14 18:45 - 2017-07-19 17:48 - 000003366 _____ C: \ WINDOWS \ System32 \ Tasks \ OneDrive Independent Update Task-S-1-5-21-634217685-3676121620-3412417090-1001
14/09/2017 18:45 - 30/11/2015 02:22 - 000002415 _____ C: \ Users \ songe_000 \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ OneDrive.lnk
14/09/2017 18:42 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ SysWOW64 \ Macromed
14/09/2017 18:42 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ system32 \ Macromed
10/09/2017 13:14 - 16/07/2016 05:45 - 000000000 ____D C: \ WINDOWS \ INF
10/09/2017 13:08 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ LiveKernelRaporları
08/09/2017 19:48 - 16/03/2017 23:12 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programmi \ COMODO
08/09/2017 19:48 - 22/10/2014 23:07 - 000000000 ____D C: \ ProgramData \ Comodo
08/09/2017 16:35 - 16/07/2016 05:47 - 000000000 ____D C: \ WINDOWS \ system32 \ valuation
07/09/2017 10:44 - 30/11/2015 01:41 - 001445410 _____ C: \ WINDOWS \ system32 \ PerfStringBackup.INI
06/09/2017 18:29 - 09/06/2015 18:43 - 000002457 _____ C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Acrobat Reader DC.lnk
05/09/2017 13:01 - 16/07/2016 05:49 - 000835576 _____ (Adobe Systems Incorporated) C: \ WINDOWS \ SysWOW64 \ FlashPlayerApp.exe
05/09/2017 13:01 - 16/07/2016 05:49 - 000177656 _____ (Adobe Systems Incorporated) C: \ WINDOWS \ SysWOW64 \ FlashPlayerCPLApp.cpl
28/08/2017 23:53 - 21/11/2015 23:02 - 000064724 _____ C: \ Users \ songe_000 \ Documents \ KaitlynCarlson.pdf
28/08/2017 23:39 - 24/06/2017 12:23 - 000000000 ____D C: \ Programmi \ iTunes
28/08/2017 22:59 - 28/12/2016 00:20 - 000051808 _____ (COMODO) C: \ WINDOWS \ system32 \ cmdcsr.dll
28/08/2017 22:59 - 28/12/2016 00:19 - 000939144 _____ (COMODO) C: \ WINDOWS \ system32 \ guard64.dll
28/08/2017 22:59 - 28/12/2016 00:19 - 000731344 _____ (COMODO) C: \ WINDOWS \ SysWOW64 \ guard32.dll
28/08/2017 22:57 - 28/12/2016 00:17 - 000457408 _____ (COMODO) C: \ WINDOWS \ system32 \ cmdvrt64.dll
28/08/2017 22:55 - 28/12/2016 00:15 - 000363712 _____ (COMODO) C: \ WINDOWS \ SysWOW64 \ cmdvrt32.dll
28/08/2017 20:59 - 05/02/2017 18:39 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ LocalLow \ Mozilla
28/08/2017 16:57 - 27/11/2016 21:58 - 000544424 ____N (Microsoft Corporation) C: \ WINDOWS \ system32 \ MpSigStub.exe
28/08/2017 16:57 - 22/10/2014 22:11 - 000002276 _____ C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Google Chrome.lnk
28/08/2017 16:57 - 22/10/2014 22:11 - 000002264 _____ C: \ Users \ Public \ Desktop \ Google Chrome.lnk
28/08/2017 16:52 - 11/05/2016 16:55 - 000000668 _____ C: \ WINDOWS \ Tasks \ G2MUploadTask-S-1-5-21-634217685-3676121620-3412417090-1001.job
28/08/2017 16:52 - 11/05/2016 16:55 - 000000572 _____ C: \ WINDOWS \ Tasks \ G2MUpdateTask-S-1-5-21-634217685-3676121620-3412417090-1001.job
28/08/2017 16:52 - 09/11/2014 14:57 - 000000000 ____D C: \ Programmi \ SUPERAntiSpyware
28/08/2017 09:39 - 09/02/2016 22:06 - 000064246 _____ C: \ Users \ songe_000 \ Documents \ DoranLee.pdf
28/08/2017 09:20 - 13/07/2017 23:44 - 000000000 ____D C: \ Users \ songe_000 \ AppData \ Local \ GoToMeeting

==================== File nella radice di alcune directory =======

14/03/2017 13:58 - 14/03/2017 13:58 - 000000098 _____ () C: \ ProgramData \ Microsoft.SqlServer.Compact.351.64.bc

Alcuni file in TEMP:
====================
21/09/2017 04:25 - 12/12/2016 18:11 - 001886344 _____ (Microsoft Corporation) C: \ Users \ songe_000 \ AppData \ Local \ Temp \ dllnt_dump.dll
30/03/2017 23:58 - 14/07/2017 18:52 - 004113960 _____ (COMODO) C: \ Users \ songe_000 \ AppData \ Local \ Temp \ if_installer.exe

==================== Bamital e volsnap ====================

(Non esiste una correzione automatica per i file che non superano la convalida.)

C: \ WINDOWS \ system32 \ winlogon.exe => File firmato digitalmente
C: \ WINDOWS \ system32 \ wininit.exe => File firmato digitalmente
C: \ WINDOWS \ explorer.exe => File con firma digitale
C: \ WINDOWS \ SysWOW64 \ explorer.exe => File con firma digitale
C: \ WINDOWS \ system32 \ svchost.exe => File firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ svchost.exe => File firmato digitalmente
C: \ WINDOWS \ system32 \ services.exe => File firmato digitalmente
C: \ WINDOWS \ system32 \ User32.dll => Il file è firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ User32.dll => File firmato digitalmente
C: \ WINDOWS \ system32 \ userinit.exe => File firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ userinit.exe => File con firma digitale
C: \ WINDOWS \ system32 \ rpcss.dll => Il file è firmato digitalmente
C: \ WINDOWS \ system32 \ dnsapi.dll => Il file è firmato digitalmente
C: \ WINDOWS \ SysWOW64 \ dnsapi.dll => File con firma digitale
C: \ WINDOWS \ system32 \ Drivers \ volsnap.sys => File firmato digitalmente

SonRegBack: 17/09/2017 16:32

==================== FRST.txt sonu ========================= = ==

[arma]

Lo strumento di rimozione della posta indesiderata dice che non è riuscito a verificare il punto di ripristino, ho riscontrato un errore durante la creazione del punto di ripristino, ma posso premere qualsiasi tasto per continuare. Devo continuare?

Sì.

Download allegato fixlist.txt Apri il file e salvalo sul desktop.
NON. Entrambi i file PRIMA ve fixlist.txt la stessa posizione o correzione non funzionerà.

ATTENZIONE: questo script è stato scritto specificamente per questo utente per l'uso su quella particolare macchina. L'esecuzione su un'altra macchina può danneggiare il sistema operativo

Correre FRST (FRST64) e premete Fix Premere una volta il pulsante e attendere.
Lo strumento crea un registro sul desktop (Fixlog.txt). Per favore invialo alla tua risposta.

[mom26gr8kids]

Ho provato a eseguire JRT due volte oggi. Due volte ha raggiunto i file di processo (o qualcosa di simile) e poi è scomparso dallo schermo. Non sono stati prodotti diari. Ho aspettato un po 'per vedere se sarebbe tornato ma non si è acceso, quindi l'ho eseguito di nuovo. E dopo averlo eseguito entrambe le volte il mio sistema deve essere riavviato. La prima volta si è bloccato nella schermata di riavvio e penso che questa volta richiederà anche un riavvio forzato. Attualmente bloccato nella schermata di riavvio.

Non ho ancora scaricato la correzione FRST perché il computer è lento e il mio browser web non si carica. Ricevo pagine che non rispondono. Quando ottengo il riavvio, scaricherò la correzione e vedrò se il problema è stato risolto. Fammi sapere se ci sono altri passaggi che vorresti che eseguissi.

[mom26gr8kids]

Testo registro correzioni
Fix Farbar Recovery Scan Tool (x64) Versione Versione: 24-09-2017
Gestito da Songe_000 (24-09-2017 21:42:42) Run: 1
Esegui da C: \ Users \ songe_000 \ Downloads
Profili installati: songe_000 (Profili disponibili: songe_000)
Modalità di avvio: normale
==============================================

correggere il contenuto dell'elenco:
*****************
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nessun file
AlternateDataStreams: C: \ WINDOWS \ regedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ splwow64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ accountaccessor.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ aclui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ACPBackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActionCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActionCenterCPL.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActivationManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ActiveSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ adsmsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ aitstatic.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-convert-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-environment-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-dosya sistemi-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-heap-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-locale-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-math-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-multibyte-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-private-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-process-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-runtime-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-stdio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-string-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-time-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ api-ms-win-crt-utility-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppCapture.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ appinfo.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ApplicationFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppointmentApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AppXApplicabilityBlob.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioEng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AUDIOKSE.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioSes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AudioSrvPolicyManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ AuthHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ autoplay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BackgroundMediaPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ basecsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcastdvr.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BcastDVRHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcdedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bcrypt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdesvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdeui.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bdeunlock.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BingMaps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BitLockerDeviceEncryption.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ biwinrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BluetoothDesktopHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BootMenuUX.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ bootux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BrowserSettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ BthRadioMedia.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CbtBackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdd.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpreference.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cdpusersvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cemapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ certprop.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CfgSPCellular.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ chartv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ChatApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ci.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ClipUp.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CloudBackupSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CloudStorageWizard.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ clusapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cmifw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cmintegrator.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ coin97ip.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ coin99ip.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ comdlg32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ comsvcs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ConsoleLogon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ContactApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CredProvDataModel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ credprovs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ credprovslegacy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ cryptngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ CspCellularSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d10warp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d11.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ D3D12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ d3d9.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dab.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DafPrintProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DataExchange.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DataSenseHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DavSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ daxexec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dbgeng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ddraw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ddrawex.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ devenum.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceEnroller.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DevicePairingFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DeviceReactivation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dfp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DfpCommon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dhcpcore6.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dialserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ difx64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ scan.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Display.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dmenrollengine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DMRServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dns-sd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dnsapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dnsrslvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DolbyDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ domgmt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DPTopologyApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DPTopologyAppv2_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ drvstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dsreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dsregcmd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DuCsps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dui70.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dwmapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ dxgi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ DXP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EAMProgressHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ easwrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditBufferTestHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditionUpgradeHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EditionUpgradeManagerObj.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EDPCleanup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ efsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EncDec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ energy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseAPNCsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseAppMgmtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ EnterpriseModernAppMgmtCSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ErrorDetailsUpdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ esent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ esentutl.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ evr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ExplorerFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ExSMime.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ facecredentialprovider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Family.Authentication.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ffbroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhcfg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fhsettingsprovider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fontext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ FrameServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ FSClient.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveapibase.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fvenotify.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ fveui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GamePanelExternalHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gameux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gdi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GdiPlus.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GEARAspi64.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GfxUIEx.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Gfxv2_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Gfxv4_0.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ GlobCollationHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gpapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ gpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hal.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hevcdecoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hgcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hpinkcoi5C12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hpinkins5C12.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ HttpsDataSource.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hvloader.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ hvloader.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icfupgd.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icm32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ icsvcext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IdCtrls.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ igfxSDK.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ imapi2fs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ inetcomm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ InputLocaleManager.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ InputService.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IntelCpHDCPSvc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IntelWiDiUMS64.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ internetmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ IPHLPAPI.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iphlpsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ipnathlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iprtrmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ iscsiwmi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ JpMapControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ KnobsCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ KnobsCsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LaunchWinApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ListSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LockAppBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ LockAppHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ lpremove.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ lsm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ main.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ manage-bde.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapConfiguration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapControlCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapGeocoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapRouter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapsBtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MapsStore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MCCSEngineShared.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MDMAppInstaller.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mdmregistration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MediaFoundation.DefaultPerceptionProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfaudiocnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MFCaptureEngine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfds.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfksproxy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfmkvsrcsnk.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfnetsrc.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfplat.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MFPlay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfreadwrite.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfsensorgroup.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mfsvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ microsoft-windows-system-events.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ migisol.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mmc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ modernexecserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ moshost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ moshostcore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MosStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mprapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mprdim.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MPSSVC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MrmCoreR.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSAC3ENC.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSAudDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mscandui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msctfui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msdtcprx.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msdtcuiu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msftedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msinfo32.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msmpeg2vdec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mspaint.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSPhotography.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssitlb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssph.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssphtb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ mssvp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msutb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msvcp120.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVidCtl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVideoDSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msvproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MSVPXENC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ msxml3.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ MultiDigiMon.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ncsi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetCfgNotifyObjectHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netiohlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netiougc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netplwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ netshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nettrace.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkCollectionAgent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkDesktopSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NetworkUXBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NfcRadioMedia.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ngccredprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NgcCtnr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NgcCtnrGidsHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nlasvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nltest.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NMAA.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NotificationController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ NPSM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ nshwfp.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ntdll.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ntshrui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ offlinesam.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ offreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ OnDemandConnRouteHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ OneDriveSettingSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pcasvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PCPTpm12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PhotoScreensaver.scr: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PimIndexMaintenance.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Pimstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pnidui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ policymanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ poqexec.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ powercfg.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PrintRenderAPIHost.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ profsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ provengine.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ provops.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ProvPluginEng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ProvSysprep.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ PsmServiceExtHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ puiapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ pwrshplugin.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ qmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RADCUI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rasapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rascustom.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rasgcw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ReAgentc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RelPost.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ remoteaudioendpoint.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RemoteNaturalLanguage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ReportingCSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ reseteng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RjvMDMConfig.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RMapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ rshx32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ RTWorkQ.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ samsrv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ScDeviceEnum.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ schannel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ scksp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sdengin2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sdshext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Search.ProtocolHandler.MAPI2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchFilterHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SearchProtocolHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SecConfig.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sendmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sens.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SensorDataService.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SensorService.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SessEnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_Bluetooth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_Flights.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_StorageSense.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingsHandlers_WorkAccess.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ setupugc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SHCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ shdocvw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ skci.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ smphost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SndVolSSO.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SpeechPal.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ spoolsv.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppcext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppnp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppsvc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sppwinob.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SRH.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SRHInproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sspicli.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ stobject.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ StorSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ sud.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SyncCenter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ systemreset.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SystemSettings.UserAccountsHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ SystemSettingsThresholdAdminFlowUI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Tabbtn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tabcal.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TabletPC.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ taskbarcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tbauth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TextInputFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ themecpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ timedate.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TokenBrokerCookies.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TpmCoreProvisioning.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TpmTasks.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ TSpkg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ twinapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ twinui.pcshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ tzautoupdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ubpm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ uDWM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIAnimation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIAutomationCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UIRibbon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ umpoext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usbaaplrc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usbmon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ user32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UserDataService.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UserLanguagesCpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ usoapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ UtcResources.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VCardParser.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VEStoreEventHandlers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vmrdvcore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vpnike.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ VPNv2CSP.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ vssapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wbiosrvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wcmsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wcnwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wc_storage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ webio.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ werconcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ weretw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ werui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wevtsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wfdprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wifinetworkmanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wifitask.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ win32k.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wincorlib.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Background.SystemEventsBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Store.TestingFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Cortana.Desktop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Cortana.OneCore.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Gaming.UI.GameBar.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Internal.UI.Logon.ProxyStub.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.BackgroundMediaPlayback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Playback.BackgroundMediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Playback.MediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Media.Speech.UXRes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.HostName.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Networking.Vpn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Security.Credentials.UI.UserConsentVerifier.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Shell.Search.UriHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.StateRepository.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.Storage.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.BioFeedback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Core.TextInput.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.CredDialogController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Immersive.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Windows.UI.Shell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winhttp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wininetlui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winload.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winload.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winresume.efi: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ winresume.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WinSCard.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wintrust.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wkssvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlanapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlancfg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WlanMediaManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlansec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlansvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlanui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wlidprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WMPDMC.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpdxm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpeffects.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wmpshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WMVDECOD.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WordBreakers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFolders.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkfoldersControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFoldersGPExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WorkFoldersShell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ workfolderssvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wow64.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Wpc.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcMon.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcRefreshTask.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WpcTok.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wpnprv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wpx.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ ws2_32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wscinterop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wscsvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wsecedit.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WSManHTTPConfig.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WsmSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WsmWmiPl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wu.upgrade.ps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wups.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ WWanAPI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwanconn.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwanmm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ wwansvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XblAuthManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XblGameSaveExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XboxNetApiSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ XInputUap.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ zipfldr.dll: $ CmdTcID [64]

[mom26gr8kids]

AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ac3filter.ax: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ accountaccessor.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ aclui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActionCenterCPL.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActivationManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ActiveSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ adsmsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-convert-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-environment-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-filesystem-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-heap-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-locale-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-math-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-multibyte-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-private-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-runtime-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-stdio-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-string-l1-1-0.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-time-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-utility-l1-1-0.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AppCapture.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AppointmentApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ appwiz.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AUDIOKSE.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ AuthExt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ autoplay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ azroleui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BackgroundMediaPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ basecsp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BcastDVRHelper.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ bcrypt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BingMaps.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ biwinrt.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ BrowserSettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cemapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ chartv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ChatApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ClipboardServer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ CloudBackupSettings.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ CloudStorageWizard.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ clusapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cmifw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comctl32.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comdlg32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ comsvcs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ConfigureExpandedStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ContactApis.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ credprovs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ credprovslegacy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cryptngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ cryptui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d2d1.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d10warp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d11.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ D3D12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d8.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ d3d9.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DafPrintProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DataExchange.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DavSyncProvider.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dbgeng.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ddraw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ddrawex.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ devenum.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dhcpcore6.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dns-sd.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dnsapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ DolbyDecMFT.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ drvstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dtdump.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dwmapi.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ dxgi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ EditBufferTestHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ efsext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ErrorDetailsUpdate.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ esent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ esentutl.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ evr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ExplorerFrame.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ findnetprinters.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ fontext.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ FSClient.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GamePanelExternalHook.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gameux.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gdi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GdiPlus.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GEARAspi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ GlobCollationHost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ gpapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ hevcdecoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ hgcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ icm32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iconv.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ imapi2fs.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ indexeddbserver.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ inetcomm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ InputLocaleManager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ IPHLPAPI.DLL: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iprtrmgr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ iscsiwmi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ JpMapControl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LaunchWinApp.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LicenseManagerApi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LockAppBroker.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ LockAppHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ main.cpl: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapConfiguration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapControlCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapGeocoder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapRouter.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MapsBtSvc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MCCSEngineShared.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mdmregistration.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfaudiocnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfds.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfksproxy.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfmkvsrcsnk.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfplat.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MFPlay.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfreadwrite.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfsensorgroup.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mfsvr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ migisol.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mmc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MosStorage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mprapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mprdim.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MrmCoreR.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSAC3ENC.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mscandui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mscms.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctf.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msctfui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msdtcuiu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msftedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msinfo32.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msmpeg2vdec.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSPhotography.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssitlb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssph.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssphtb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mssvp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msutb.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVidCtl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVP9DEC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msvproc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ MSVPXENC.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ msxml3.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ mtxclu.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NetCfgNotifyObjectHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ netiohlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ netiougc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NetworkCollectionAgent.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ngccredprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NMAA.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ NPSM.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ nshwfp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ntdll.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ntshrui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ offlinesam.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ offreg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ OneDriveSettingSyncProvider.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ OneDriveSetup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ PCPTpm12.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ pdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ PhotoScreensaver.scr: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Pimstore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ policymanager.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ poqexec.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ powercfg.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ProximityCommon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ puiapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ pwrshplugin.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rasapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rasgcw.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ rdpencom.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ReAgentc.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ regedit.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ remoteaudioendpoint.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ RemoteNaturalLanguage.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ resutils.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ RTWorkQ.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ schannel.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ scksp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Search.ProtocolHandler.MAPI2.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchFilterHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchFolder.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SearchProtocolHost.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sendmail.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SessEnv.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SettingSync.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SHCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ smphost.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ SndVolSSO.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sppcext.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sspicli.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ stobject.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ sud.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ systemcpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tapi32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tbauth.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ tdh.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TempSignedLicenseExchangeTask.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TextInputFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ themecpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TokenBrokerCookies.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TpmCoreProvisioning.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ TSpkg.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ twinapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIAnimation.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIAutomationCore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UIRibbon.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Unistore.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ user32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UserDeviceRegistration.Ngc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ UserLanguagesCpl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ VCardParser.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ vssapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wcnwiz.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ webio.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ weretw.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wfdprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ win32k.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wincorlib.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.ApplicationModel.Store.TestingFramework.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Gaming.UI.GameBar.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Internal.UI.Logon.ProxyStub.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.BackgroundMediaPlayback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.BackgroundMediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.MediaPlayer.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Media.Speech.UXRes.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Security.Authentication.OnlineId.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Shell.Search.UriHandler.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Speech.Pal.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.StateRepository.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.Storage.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.BioFeedback.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Core.TextInput.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Cred.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.CredDialogController.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Immersive.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Windows.UI.Search.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winhttp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wininetlui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winmde.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WinSCard.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ winspool.drv: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wintrust.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlanapi.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlancfg.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlanui.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wlidprov.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WMPDMC.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpdxm.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpeffects.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpmde.dll: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wmpshell.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WMVSENCD.DLL: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WordBreakers.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ Wpc.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WPDShServiceObj.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ ws2_32.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wscinterop.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ wsecedit.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WSManHTTPConfig.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WsmWmiPl.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ WWanAPI.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ XInputUap.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ xolehlp.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ xvid.ax: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ SysWOW64 \ zipfldr.dll: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ afd.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ahcache.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ bowser.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ capimg.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ Classpnp.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ clfs.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ cmimcext.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ crashdmp.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dam.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dfsc.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ dxgmms2.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ fastfat.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ fvevol.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ FWPKCLNT.SYS: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ hidclass.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ http.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ hvsocket.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ iorate.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ IPMIDrv.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ kbdhid.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ks.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ MegaSas2i.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ modem.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ mrxdav.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb10.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ mrxsmb20.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ mskssrv.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ nwifi.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ partmgr.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ pci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ pdc.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ point64.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ ssudbus.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ storahci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ stornvme.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ tcpipreg.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ tpm.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ usbaapl64.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ usbscan.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ VirtualAudio1.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ vmbkmcl.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Sürücüler \ vmbkmclr.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ vpci.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ wcifs.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ WdiWiFi.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ winhvr.sys: $ CmdTcID [130]
AlternateDataStreams: C: \ WINDOWS \ system32 \ Drivers \ xboxgip.sys: $ CmdTcID [64]
AlternateDataStreams: C: \ ProgramData \ Temp: 2CB9631F [134]
AlternateDataStreams: C: \ ProgramData \ Temp: 7A2101AB [460]
AlternateDataStreams: C: \ ProgramData \ Temp: BAC2F271 [229]
AlternateDataStreams: C: \ ProgramData \ TempDEB08FD [194]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ AdwCleaner.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ almedia-converter_full351.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ cispremium_installer.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ JRT.exe: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup (1) .exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ mbam-setup-2.0.4.1028.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ mbar-1.08.3.1004.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter-plus.exe: $ CmdTcID [130]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ RS TEXAS Rsources.docx: $ CmdZnID [26]
AlternateDataStreams: C: \ Users \ songe_000 \ Downloads \ setup.exe: $ CmdTcID [64]
AlternateDataStreams: C: \ Kullanıcılar \ songe_000 \ Downloads \ Setup.X86.tr-US_O365HomePremRetail_0c7d5447-a8b2-4030-b6eb-1526a3c73fb2_TX_PR_.exe: $ CmdTcID [64]
S3 iaLPSSi_GPIO; \ SystemRoot \ System32 \ drivers \ iaLPSSi_GPIO.sys [X]
S3aLPSSi_I2C; \ SystemRoot \ System32 \ drivers \ iaLPSSi_I2C.sys [X]
S0 iaStorAV; System32 \ drivers \ iaStorAV.sys [X]
S0 iaStorV; System32 \ drivers \ iaStorV.sys [X]
14/03/2017 13:58 - 14/03/2017 13:58 - 000000098 _____ () C: \ ProgramData \ Microsoft.SqlServer.Compact.351.64.bc
21/09/2017 04:25 - 12/12/2016 18:11 - 001886344 _____ (Microsoft Corporation) C: \ Users \ songe_000 \ AppData \ Local \ Temp \ dllnt_dump.dll
30/03/2017 23:58 - 14/07/2017 18:52 - 004113960 _____ (COMODO) C: \ Users \ songe_000 \ AppData \ Local \ Temp \ if_installer.exe

[mom26gr8kids]

*****************

Chiave HKLM \ Software \ Classes \ Directory \ Background \ ShellEx \ ContextMenuHandlers \ igfxcui => rimossa con successo
Chiave HKLM \ Software \ Classes \ CLSID \ {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => non trovata.
C: \ WINDOWS \ regedit.exe => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ splwow64.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ accountaccessor.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ aclui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ACPBackgroundManagerPolicy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ActionCenter.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ActionCenterCPL.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ActivationManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ActiveSyncProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ adsmsext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ aitstatic.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-conio-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-convert-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-environment-l1-1-0.dll => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-filesystem-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-heap-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-locale-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-math-l1-1-0.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ api-ms-win-crt-multibyte-l1-1-0.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ api-ms-win-crt-private-l1-1-0.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ api-ms-win-crt-conio-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-runtime-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-stdio-l1-1-0.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ api-ms-win-crt-string-l1-1-0.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ api-ms-win-crt-time-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ api-ms-win-crt-utility-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ AppCapture.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ appinfo.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ApplicationFrame.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ AppointmentApis.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ AppXApplicabilityBlob.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ AudioEng.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ AUDIOKSE.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ AudioSes.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ AudioSrvPolicyManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ AuthHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ autoplay.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BackgroundMediaPolicy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ basecsp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bcastdvr.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BcastDVRHelper.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bcdedit.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bcrypt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bdesvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bdeui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bdeunlock.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BingMaps.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BitLockerDeviceEncryption.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ biwinrt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BluetoothDesktopHandlers.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ BootMenuUX.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ bootux.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BrowserSettingSync.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ BthRadioMedia.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ CbtBackgroundManagerPolicy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cdd.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cdpreference.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cdpsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cdpusersvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cemapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ certprop.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ CfgSPCellular.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ chartv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ChatApis.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ci.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ClipUp.exe => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ system32 \ CloudBackupSettings.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ CloudStorageWizard.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ clusapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cmifw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cmintegrator.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ coin97ip.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ coin99ip.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ comdlg32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ comsvcs.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ConsoleLogon.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ContactApis.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ CredProvDataModel.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ credprovs.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ credprovslegacy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ cryptngc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ CspCellularSettings.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ d3d10warp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ d3d11.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ D3D12.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ d3d9.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dab.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DafPrintProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DataExchange.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DataSenseHandlers.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DavSyncProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ daxexec.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dbgeng.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ddraw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ddrawex.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ devenum.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DeviceCenter.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ DeviceEnroller.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ DevicePairingFolder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DeviceReactivation.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dfp.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DfpCommon.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dhcpcore6.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dialserver.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ difx64.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ discan.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Display.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dmenrollengine.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DMRServer.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dns-sd.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dnsapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dnsrslvr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DolbyDecMFT.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ domgmt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DPTopologyApp.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DPTopologyAppv2_0.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ drvstore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dsreg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dsregcmd.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DuCsps.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dui70.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dwmapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ dxgi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ DXP.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EAMProgressHandler.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ easwrt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EditBufferTestHook.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EditionUpgradeHelper.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EditionUpgradeManagerObj.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EDPCleanup.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ efsext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EncDec.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ energy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EnterpriseAPNCsp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ EnterpriseAppMgmtSvc.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ EnterpriseModernAppMgmtCSP.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ErrorDetailsUpdate.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ esent.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ esentutl.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ evr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ExplorerFrame.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ExSMime.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ facecredentialprovider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Family.Authentication.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ ffbroker.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fhcfg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fhcpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fhsettingsprovider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fontext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ FrameServer.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ FSClient.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fveapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fveapibase.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fvenotify.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ fveui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ GamePanelExternalHook.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ gameux.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ gdi32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ GdiPlus.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ GEARAspi64.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ GfxUIEx.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Gfxv2_0.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Gfxv4_0.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ GlobCollationHost.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ gpapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ gpsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hal.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hevcdecoder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hgcpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hpinkcoi5C12.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hpinkins5C12.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ HttpsDataSource.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hvloader.efi => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ hvloader.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ icfupgd.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ icm32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ icsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ icsvcext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ IdCtrls.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ igfxSDK.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ imapi2fs.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ inetcomm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ InputLocaleManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ InputService.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ IntelCpHDCPSvc.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ IntelWiDiUMS64.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ internetmail.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ IPHLPAPI.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ iphlpsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ipnathlp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ iprtrmgr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ iscsiwmi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ JpMapControl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ KnobsCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ KnobsCsp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ LaunchWinApp.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ListSvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ LockAppBroker.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ LockAppHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ lpremove.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ lsm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ main.cpl => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ manage-bde.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MapConfiguration.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MapControlCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MapGeocoder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MapRouter.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MapsBtSvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MapsStore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MCCSEngineShared.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MDMAppInstaller.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mdmregistration.dll => Impossibile rimuovere ADS ": $ CmdTcID".
C: \ WINDOWS \ system32 \ MediaFoundation.DefaultPerceptionProvider.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ mfaudiocnv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MFCaptureEngine.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfds.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfksproxy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfmkvsrcsnk.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfnetsrc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfplat.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MFPlay.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfreadwrite.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfsensorgroup.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mfsvr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ microsoft-windows-system-events.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ migisol.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mmc.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ modernexecserver.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ moshost.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ moshostcore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MosStorage.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mprapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mprdim.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MPSSVC.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MrmCoreR.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MSAC3ENC.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MSAudDecMFT.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mscandui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msctf.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msctfp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msctfui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msdtcprx.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msdtcuiu.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msftedit.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msinfo32.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msmpeg2vdec.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mspaint.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MSPhotography.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mssitlb.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mssph.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mssphtb.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ mssvp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msutb.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msvcp120.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MSVidCtl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MSVideoDSP.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msvproc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MSVPXENC.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ msxml3.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ MultiDigiMon.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ncsi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NetCfgNotifyObjectHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ netiohlp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ netiougc.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ netplwiz.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ netshell.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ nettrace.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NetworkCollectionAgent.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NetworkDesktopSettings.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NetworkUXBroker.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NfcRadioMedia.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ngccredprov.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NgcCtnr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NgcCtnrGidsHandler.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ nlasvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ nltest.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NMAA.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NotificationController.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ NPSM.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ nshwfp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ntdll.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ntshrui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ offlinesam.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ offreg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ OnDemandConnRouteHelper.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ OneDriveSettingSyncProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ pcasvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ PCPTpm12.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ pdh.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ PhotoScreensaver.scr => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ PimIndexMaintenance.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Pimstore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ pnidui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ policymanager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ poqexec.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ powercfg.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ PrintRenderAPIHost.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ profsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ provengine.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ provops.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ProvPluginEng.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ProvSysprep.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ PsmServiceExtHost.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ puiapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ pwrshplugin.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ qmgr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ RADCUI.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ rasapi32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ rascustom.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ rasgcw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ReAgentc.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ RelPost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ remoteaudioendpoint.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ RemoteNaturalLanguage.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ReportingCSP.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ reseteng.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ RjvMDMConfig.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ RMapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ rshx32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ RTWorkQ.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ samsrv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ScDeviceEnum.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ schannel.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ scksp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sdengin2.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sdshext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Search.ProtocolHandler.MAPI2.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ SearchFilterHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SearchFolder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SearchProtocolHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SecConfig.efi => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ system32 \ sendmail.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Sens.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SensorDataService.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ SensorService.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SessEnv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SettingsHandlers_Bluetooth.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ SettingsHandlers_Flights.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ SettingsHandlers_StorageSense.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ SettingsHandlers_WorkAccess.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ SettingSync.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ setupugc.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SHCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ shdocvw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ skci.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ smphost.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SndVolSSO.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SpeechPal.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ spoolsv.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sppcext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sppnp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sppsvc.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sppwinob.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SRH.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SRHInproc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sspicli.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ stobject.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ StorSvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ sud.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SyncCenter.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ systemreset.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ SystemSettings.UserAccountsHandlers.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ SystemSettingsThresholdAdminFlowUI.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Tabbtn.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ tabcal.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ TabletPC.cpl => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ tapi32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ taskbarcpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ tbauth.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ tdh.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ TextInputFramework.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ themecpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ timedate.cpl => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ TokenBrokerCookies.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ TpmCoreProvisioning.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ TpmTasks.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ TSpkg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ twinapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ twinui.pcshell.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ tzautoupdate.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ubpm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ uDWM.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ UIAnimation.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ UIAutomationCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ UIRibbon.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ umpoext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ usbaaplrc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ usbmon.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ user32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ UserDataService.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ UserLanguagesCpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ usoapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ UtcResources.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ VCardParser.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ VEStoreEventHandlers.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ vmrdvcore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ vpnike.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ VPNv2CSP.dll => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ system32 \ vssapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wbiosrvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wcmsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wcnwiz.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wc_storage.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ webio.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ werconcpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ weretw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ werui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wevtsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wfdprov.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wifinetworkmanager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wifitask.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ win32k.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wincorlib.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Background.SystemEventsBroker.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.ApplicationModel.Store.TestingFramework.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.Cortana.Desktop.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Cortana.OneCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Gaming.UI.GameBar.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Internal.UI.Logon.ProxyStub.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Media.BackgroundMediaPlayback.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.Media.Playback.BackgroundMediaPlayer.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.Media.Playback.MediaPlayer.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Media.Speech.UXRes.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.Networking.HostName.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Networking.Vpn.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Security.Credentials.UI.UserConsentVerifier.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.Shell.Search.UriHandler.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.StateRepository.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.Storage.Search.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Windows.UI.BioFeedback.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.UI.Core.TextInput.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.UI.CredDialogController.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.UI.Immersive.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Windows.UI.Shell.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ winhttp.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ wininetlui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ winload.efi => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ winload.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ winmde.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ winresume.efi => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ winresume.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WinSCard.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wintrust.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wkssvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wlanapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wlancfg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WlanMediaManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wlansec.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wlansvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wlanui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wlidprov.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WMPDMC.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wmpdxm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wmpeffects.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wmpmde.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wmpshell.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WMVDECOD.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WordBreakers.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WorkFolders.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WorkfoldersControl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WorkFoldersGPExt.dll => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ WorkFoldersShell.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ workfolderssvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wow64.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Wpc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WpcMon.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WpcRefreshTask.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WpcTok.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wpnprv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wpx.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ ws2_32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wscinterop.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wscsvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wsecedit.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WSManHTTPConfig.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WsmSvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WsmWmiPl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wu.upgrade.ps.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wups.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ WWanAPI.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wwanconn.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wwanmm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ wwansvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ XblAuthManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ XblGameSaveExt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ XboxNetApiSvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ XInputUap.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ zipfldr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.

[mom26gr8kids]

C: \ WINDOWS \ SysWOW64 \ ac3filter.ax => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ accountaccessor.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ aclui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ActionCenterCPL.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ActivationManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ActiveSyncProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ adsmsext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-convert-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-environment-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-filesystem-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-heap-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-locale-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-math-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-multibyte-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-private-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-conio-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-runtime-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-stdio-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-string-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-time-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ api-ms-win-crt-utility-l1-1-0.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ AppCapture.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ AppointmentApis.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ appwiz.cpl => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ AUDIOKSE.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ AuthExt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ autoplay.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ azroleui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ BackgroundMediaPolicy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ basecsp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ BcastDVRHelper.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ bcrypt.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ BingMaps.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ biwinrt.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ BrowserSettingSync.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ cemapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ chartv.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ ChatApis.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ClipboardServer.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ CloudBackupSettings.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ CloudStorageWizard.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ clusapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ cmifw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ comctl32.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ comdlg32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ comsvcs.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ConfigureExpandedStorage.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ContactApis.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ credprovs.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ credprovslegacy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ cryptngc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ cryptui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ d2d1.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ d3d10warp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ d3d11.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ D3D12.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ d3d8.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ d3d9.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ DafPrintProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ DataExchange.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ DavSyncProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ dbgeng.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ddraw.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ ddrawex.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ devenum.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ dhcpcore6.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ dns-sd.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ dnsapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ DolbyDecMFT.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ drvstore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ dtdump.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ dwmapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ dxgi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ EditBufferTestHook.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ efsext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ErrorDetailsUpdate.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ esent.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ esentutl.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ evr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ExplorerFrame.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ findnetprinters.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ fontext.dll => Impossibile disinstallare ADS ": $ CmdTcID".
C: \ WINDOWS \ SysWOW64 \ FSClient.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ GamePanelExternalHook.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ gameux.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ gdi32.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ GdiPlus.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ GEARAspi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ GlobCollationHost.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ gpapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ hevcdecoder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ hgcpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ icm32.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ iconv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ imapi2fs.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ indexeddbserver.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ inetcomm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ InputLocaleManager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ IPHLPAPI.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ iprtrmgr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ iscsiwmi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ JpMapControl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ LaunchWinApp.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ LicenseManagerApi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ LockAppBroker.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ LockAppHost.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ main.cpl => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MapConfiguration.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MapControlCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MapGeocoder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MapRouter.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MapsBtSvc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MCCSEngineShared.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mdmregistration.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ mf.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ mfaudiocnv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfds.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfksproxy.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfmkvsrcsnk.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfplat.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MFPlay.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfreadwrite.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfsensorgroup.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mfsvr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ migisol.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mmc.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ MosStorage.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mprapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mprdim.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MrmCoreR.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MSAC3ENC.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mscandui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mscms.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msctf.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msctfp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msctfui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msdtcuiu.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msftedit.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msinfo32.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ msmpeg2vdec.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MSPhotography.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mssitlb.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mssph.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mssphtb.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mssvp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msutb.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MSVidCtl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MSVP9DEC.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msvproc.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ MSVPXENC.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ msxml3.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ mtxclu.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ NetCfgNotifyObjectHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ netiohlp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ netiougc.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ NetworkCollectionAgent.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ngccredprov.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ NMAA.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ NPSM.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ nshwfp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ntdll.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ntshrui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ offlinesam.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ offreg.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ OneDriveSettingSyncProvider.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ OneDriveSetup.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ PCPTpm12.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ pdh.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ PhotoScreensaver.scr => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Pimstore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ policymanager.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ poqexec.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ powercfg.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ ProximityCommon.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ puiapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ pwrshplugin.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ rasapi32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ rasgcw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ rdpencom.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ReAgentc.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ regedit.exe => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ remoteaudioendpoint.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ RemoteNaturalLanguage.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ resutils.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ RTWorkQ.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ schannel.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ scksp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Search.ProtocolHandler.MAPI2.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ SearchFilterHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ SearchFolder.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ SearchProtocolHost.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ sendmail.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ SessEnv.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ SettingSync.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ SHCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ smphost.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ SndVolSSO.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ sppcext.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ sspicli.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ stobject.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ sud.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ systemcpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ tapi32.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ tbauth.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ tdh.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ TempSignedLicenseExchangeTask.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ TextInputFramework.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ themecpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ TokenBrokerCookies.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ TpmCoreProvisioning.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ TSpkg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ twinapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ UIAnimation.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ UIAutomationCore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ UIRibbon.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Unistore.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ user32.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ UserDeviceRegistration.Ngc.dll => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ SysWOW64 \ UserLanguagesCpl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ VCardParser.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ vssapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wcnwiz.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ webio.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ weretw.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wfdprov.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ win32k.sys => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ wincorlib.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.ApplicationModel.Store.TestingFramework.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Gaming.UI.GameBar.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Internal.UI.Logon.ProxyStub.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Media.BackgroundMediaPlayback.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.BackgroundMediaPlayer.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ SysWOW64 \ Windows.Media.Playback.MediaPlayer.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ Windows.Media.Speech.UXRes.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ SysWOW64 \ Windows.Security.Authentication.OnlineId.dll => ": $ CmdTcID" Impossibile rimuovere ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Shell.Search.UriHandler.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Speech.Pal.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.StateRepository.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.Storage.Search.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.UI.BioFeedback.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.UI.Core.TextInput.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.UI.Cred.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.UI.CredDialogController.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.UI.Immersive.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Windows.UI.Search.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ winhttp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wininetlui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ winmde.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WinSCard.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ winspool.drv => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wintrust.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wlanapi.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wlancfg.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wlanui.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wlidprov.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WMPDMC.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wmpdxm.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wmpeffects.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wmpmde.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wmpshell.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WMVSENCD.DLL => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WordBreakers.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ Wpc.dll => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ WPDShServiceObj.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ ws2_32.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wscinterop.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ wsecedit.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WSManHTTPConfig.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WsmWmiPl.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ WWanAPI.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ XInputUap.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ xolehlp.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ SysWOW64 \ xvid.ax => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ SysWOW64 \ zipfldr.dll => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ afd.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ ahcache.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ bowser.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ capimg.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ Classpnp.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ clfs.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ cmimcext.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ crashdmp.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ dam.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ dfsc.sys => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ Drivers \ dxgmms2.sys => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ fastfat.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ fvevol.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ FWPKCLNT.SYS => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ hidclass.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ http.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ hvsocket.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ iorate.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ IPMIDrv.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ kbdhid.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ ks.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ MegaSas2i.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ modem.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ mrxdav.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ mrxsmb.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ mrxsmb10.sys => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ mrxsmb20.sys => ": $ CmdTcID" ADS kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ mskssrv.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ nwifi.sys => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ Drivers \ partmgr.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ pci.sys => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ Drivers \ pdc.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ point64.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ ssudbus.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ storahci.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ stornvme.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ tcpipreg.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ tpm.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ usbaapl64.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ usbscan.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ VirtualAudio1.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ vmbkmcl.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ vmbkmclr.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ vpci.sys => ADS ": $ CmdTcID" non può essere disinstallato.
C: \ WINDOWS \ system32 \ Drivers \ wcifs.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ WdiWiFi.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ WINDOWS \ system32 \ Drivers \ winhvr.sys => ": $ CmdTcID" ANNUNCI kaldırılamadı.
C: \ WINDOWS \ system32 \ Drivers \ xboxgip.sys => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ ProgramData \ Temp => ": 2CB9631F" ADS è stato rimosso con successo.
C: \ ProgramData \ Temp => ": 7A2101AB" ADS è stato rimosso correttamente.
C: \ ProgramData \ Temp => ": BAC2F271" ADS è stato rimosso correttamente.
C: \ ProgramData \ Temp => "DEB08FD "ADS è stato rimosso con successo.
C: \ Users \ songe_000 \ Downloads \ AdwCleaner.exe => ADS ": $ CmdZnID" è stato rimosso con successo.
C: \ Users \ songe_000 \ Downloads \ almedia-converter_full351.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ Users \ songe_000 \ Downloads \ cispremium_installer.exe => ADS ": $ CmdZnID" è stato rimosso con successo.
C: \ Users \ songe_000 \ Downloads \ JRT.exe => ADS ": $ CmdZnID" rimosso con successo.
C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup (1) .exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ Users \ songe_000 \ Downloads \ MaxUninstaller_Setup.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ Users \ songe_000 \ Downloads \ mbam-setup-2.0.4.1028.exe => ": $ CmdTcID" ADS kaldırılamadı.
C: \ Users \ songe_000 \ Downloads \ mbar-1.08.3.1004.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter-plus.exe => ": $ CmdTcID" Impossibile rimuovere l'ADS.
C: \ Users \ songe_000 \ Downloads \ noteburner-m4v-converter.exe => ": $ CmdTcID" Impossibile rimuovere l'ADS.
"C: \ Users \ songe_000 \ Downloads \ RS TEXAS Rsources.docx" => ": $ CmdZnID" ADS bulunamadı.
C: \ Users \ songe_000 \ Downloads \ setup.exe => ": $ CmdTcID" Impossibile disinstallare ADS.
C: \ Users \ songe_000 \ Downloads \ Setup.X86.tr-US_O365HomePremRetail_0c7d5447-a8b2-4030-b6eb-1526a3c73fb2_TX_PR_.exe => ": $ CmdTcID" ADS kaldırılamadı.
Chiave HKLM \ System \ CurrentControlSet \ Services \ iaLPSSi_GPIO => rimossa con successo
iaLPSSi_GPIO => servizio rimosso con successo
Chiave HKLM \ System \ CurrentControlSet \ Services \ iaLPSSi_I2C => rimossa con successo
iaLPSSi_I2C => servizio rimosso con successo
Chiave HKLM \ System \ CurrentControlSet \ Services \ iaStorAV => rimossa con successo
iaStorAV => servizio rimosso con successo
Chiave HKLM \ System \ CurrentControlSet \ Services \ iaStorV => rimossa con successo
iaStorV => servizio rimosso con successo
C: \ ProgramData \ Microsoft.SqlServer.Compact.351.64.bc => spostato con successo
C: \ Users \ songe_000 \ AppData \ Local \ Temp \ dllnt_dump.dll => spostato con successo
C: \ Users \ songe_000 \ AppData \ Local \ Temp \ if_installer.exe => spostato con successo

==== Fixlog End 21:44:25 ====

[arma]

Scansioni recenti ...

Scarica Controllo di sicurezza a partire dal Qui or Qui e nasconditi Desktop.

• Doppio click SecurityCheck.exe
• Segui le istruzioni sullo schermo all'interno della scatola nera.
• A Taccuino il documento dovrebbe essere chiamato e aperto automaticamente checkup.txt; si prega di pubblicare il contenuto di questo documento.

NOTA 1. Se una delle vostre applicazioni di sicurezza (ad esempio un firewall di terze parti) richiede l'autorizzazione per consentire a DIG.EXE di accedere a Internet, consentitela.
NOTA 2. SecurityCheck potrebbe fornire falsi avvisi, quindi fammi leggere i risultati.
NOTA 3. Se ottieni SISTEMA OPERATIVO NON SUPPORTATO! ABORTITO! riavviare il computer e dovrebbe essere eseguito il controllo di sicurezza

Si prega di scaricare Passable Service Scanner Esegui il problema sul computer eseguendolo con (FSS).
Assicurati che le seguenti opzioni siano selezionate:

• Servizi Internet
• firewall di Windows
• Ripristino del sistema
• Centro di sicurezza
• Aggiornamento Windows
• Windows Defender
• Altri servizi

Stampa "scansione"
Crea un registro (FSS.txt) nella directory in cui è stato eseguito lo strumento.
Per favore copia e incolla il diario nella tua risposta.

Scarica Pulizia file temporanei (TFC)
Download alternativo: http://www.itxassociates.com/OT-Tools/TFC.exe

• Fare doppio clic su di esso TFC.exe per eseguire il programma.
• Clic inizio Premi il bottone.
• TFC chiuderà tutti i programmi in esecuzione e Maggio ti chiede di riavviare il computer.

Scarica Strumento gratuito di rimozione dei virus Sophos e salvalo sul desktop.

• Fare doppio clic sull'icona e Correre
• Clic Il prossimo
• scegliere Accetto i termini di questo contratto di licenza, quindi fai clic su Il prossimo due volte
• Clic Caricare
• Clic finire avviare il programma
• Quando il database dei virus viene aggiornato, Inizia scansione
• Se viene rilevata una minaccia, fare clic su i dettagli, Poi Visualizza il file di registro ... (angolo inferiore sinistro)
• Copia e incolla i risultati nella tua risposta
• Chiudi il documento Blocco note, Dettagli sulla minaccia schermo, quindi Inizia la pulizia
• Clic Uscita per chiudere il programma