Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 25-06-2017 01 Uruchomiony przez Krzysztof (27-06-2017 22:04:06) Uruchomiony z C:\Users\Krzysztof\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2016-04-27 09:41:21) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1886510041-2021175145-3369468900-500 - Administrator - Disabled) Gość (S-1-5-21-1886510041-2021175145-3369468900-501 - Limited - Disabled) Krzysztof (S-1-5-21-1886510041-2021175145-3369468900-1000 - Administrator - Enabled) => C:\Users\Krzysztof ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.131 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ATI AVIVO64 Codecs (Version: 10.9.0.40813 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{914CDAC9-37F3-F097-C9A1-AE51DD423E0B}) (Version: 3.0.741.0 - ATI Technologies, Inc.) ATI Problem Report Wizard (Version: 3.0.741.0 - ATI Technologies) Hidden Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2302 - AVAST Software) ccc-core-static (x32 Version: 2009.0813.2131.36817 - Nazwa firmy) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform) ChessArbiter Pro for draughts (HKLM-x32\...\{68B674B5-5A36-4B76-B2B4-92826D1A902B}) (Version: 3.58.2 - Adam Curylo) Cute Chess version 0.9.4 (HKLM-x32\...\{7E0A39B7-4347-4A27-86CF-20E521C86E7C}_is1) (Version: 0.9.4 - Ilari Pihlajisto, Arto Jonsson) DJ Mixer Professional for Win 3.6.7.0 (HKLM-x32\...\DJMIXPRO1fdp_is1) (Version: 3.6.7.0 - Beijing Kuaiyi Internet Technology Ltd.) Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski) Fritz12 (x32 Version: 12.0.0 - ChessBase) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl) Krzyżówkomaniak 3.21 (HKLM-x32\...\Krzyżówkomaniak_is1) (Version: - Waldemar Zieliński) Malwarebytes Anti-Exploit version 1.9.1.1403 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1403 - Malwarebytes) Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Mozilla Firefox 54.0 (x64 pl) (HKLM\...\Mozilla Firefox 54.0 (x64 pl)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla) NEC DISPLAY SOLUTIONS: Desktop Monitor Installer (HKLM-x32\...\NEC DISPLAY SOLUTIONS Drivers) (Version: 0.17.04.30 - NEC Display Solutions, Ltd.) NEC SpectraView II 1.1.34.00 (HKLM-x32\...\SpectraView II) (Version: 1.1.34.00 - NEC Display Solutions of America, Inc.) Nemesis Standard Version 1.0 (HKLM-x32\...\Nemesis Standard_is1) (Version: 1.0.0 - Nemesis.Info) Nero 8 (HKLM-x32\...\{D3AAAEA9-9A0C-4568-8E9D-073497291045}) (Version: 8.10.132 - Nero AG) PlayElephant (remove only) (HKLM-x32\...\PlayElephant) (Version: - ) Realtek AC'97 Audio (HKLM-x32\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: - ) Shredder Classic 5 (HKLM-x32\...\{EF6531D1-F017-4451-BE6A-ADA4AF038DE5}_is1) (Version: - Stefan Meyer-Kahlen) The Bat! International Pack v5.0.36 (HKLM-x32\...\{E0C63444-172D-4EAA-99B8-F9570D74595C}) (Version: 5.0.36 - Ritlabs) TheBat! Home v5.0.36 (HKLM-x32\...\{C86FD824-E01A-4C78-9A56-39FF2E4FBDA5}) (Version: 5.0.36 - Ritlabs) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH) Translator XT2 Trio (HKLM-x32\...\{01DC7639-FEEE-4071-8828-E375EAAB3FF2}) (Version: 5.2.18176 - Techland) UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {342D4B5E-441E-4CEC-9FD7-FDB165D027B4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-06-26] (AVAST Software) Task: {46D3AA68-C2EA-40AC-BB64-BDEF4870D5EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-16] (Adobe Systems Incorporated) Task: {548F003E-5176-49C4-9027-6D254972B0E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {7D29AFA4-BC41-497C-8296-FA66BC838C9A} - System32\Tasks\AdobeAAMUpdater-1.0-Grzelak-Krzysztof => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {A7351798-7557-4CD2-A8D7-0E870A9A49EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-04-27 12:10 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll 2016-04-27 12:10 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll 2017-04-11 00:57 - 2017-04-11 00:57 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2009-07-22 10:47 - 2009-07-22 10:47 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2017-06-26 09:02 - 2017-06-26 09:02 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2017-06-26 16:53 - 2017-06-26 16:53 - 00162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 00831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 00276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-06-26 16:53 - 2017-06-26 16:53 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-06-26 20:33 - 2017-06-26 20:33 - 05678592 _____ () C:\Program Files\AVAST Software\Avast\defs\17062604\algo.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-06-26 16:53 - 2017-06-26 16:53 - 00231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-06-27 16:03 - 2017-06-27 16:03 - 05678592 _____ () C:\Program Files\AVAST Software\Avast\defs\17062700\algo.dll 2017-06-27 19:56 - 2017-06-27 19:56 - 05779744 _____ () C:\Program Files\AVAST Software\Avast\defs\17062702\algo.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 01038952 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-06-26 16:54 - 2017-06-26 16:54 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-06-26 16:53 - 2017-06-26 16:53 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-06-26 16:53 - 2017-06-26 16:53 - 02963688 _____ () C:\Program Files\AVAST Software\Avast\aswDataScan.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\msvci70.dll:$CmdZnID [26] AlternateDataStreams: C:\Windows\msvcr70.dll:$CmdZnID [26] AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cscript.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\esent.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fsutil.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\FXSCOVER.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\kd1394.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\kdcom.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\kdusb.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\mfc42.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\mfc42u.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msvcrt.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\prevhost.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\rpchttp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\scrrun.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\timedate.cpl:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\umpnpmgr.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\webio.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmi.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\wscript.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\xmllite.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cfgmgr32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\charmap.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\comctl32.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\comdlg32.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cscript.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\devobj.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\devrtl.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\drvinst.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\dwsbc32.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dwsdes32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dwspy32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\esent.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\fsutil.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\lcspw_32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfc42.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\mfc42u.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\MicrosoftUpdateCatalogWebControl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msvbvm50.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msvcrt.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\netbtugc.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\packager.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\polstore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\prevhost.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\richtx32.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\rpchttp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\scrrun.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\SpoonUninstall.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\synceng.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\tabctl32.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\threed32.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\timedate.cpl:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\tranimg2.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmi.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wscript.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\wshom.ocx:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\xmllite.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\amdsata.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\amdxata.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dbx-canary.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dbx-dev.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dbx-stable.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\fs_rec.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\GEARAspiWDM.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\iaStorV.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\nvraid.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\nvstor.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\srv2.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\srvnet.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\tap0901.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\tdtcp.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\USBAUDIO.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\usbcir.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [130] AlternateDataStreams: C:\Users\Krzysztof\Desktop\Universal-USB-Installer.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Krzysztof\Desktop\Universal-USB-Installer.exe:$CmdZnID [26] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-12-17 11:47 - 00001044 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1886510041-2021175145-3369468900-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{D5F0442C-173A-44F4-B07D-43BBD3FB7F0B}C:\program files (x86)\tom's live chess viewer\chess_viewer.exe] => (Allow) C:\program files (x86)\tom's live chess viewer\chess_viewer.exe FirewallRules: [UDP Query User{CD74D0D5-D3BF-4E9A-B1ED-C4E90C0747CC}C:\program files (x86)\tom's live chess viewer\chess_viewer.exe] => (Allow) C:\program files (x86)\tom's live chess viewer\chess_viewer.exe FirewallRules: [TCP Query User{0B1A7FFD-E9AF-40F6-AA09-7A9B3EA6A5D1}C:\program files (x86)\tom's live chess viewer\chess_viewer.exe] => (Allow) C:\program files (x86)\tom's live chess viewer\chess_viewer.exe FirewallRules: [UDP Query User{1BCD80A0-B498-4131-9DFC-6DC28BEFD499}C:\program files (x86)\tom's live chess viewer\chess_viewer.exe] => (Allow) C:\program files (x86)\tom's live chess viewer\chess_viewer.exe FirewallRules: [TCP Query User{8B4B1B3B-89F5-4D55-A034-57768407C348}C:\program files (x86)\damage2000 beta 4\engines\draughtsengine_40.exe] => (Allow) C:\program files (x86)\damage2000 beta 4\engines\draughtsengine_40.exe FirewallRules: [UDP Query User{ECD28570-0200-450B-9352-E781A88BA469}C:\program files (x86)\damage2000 beta 4\engines\draughtsengine_40.exe] => (Allow) C:\program files (x86)\damage2000 beta 4\engines\draughtsengine_40.exe FirewallRules: [{D7200291-1D08-4617-A8D6-3D2B9086D979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B911CBFE-3648-4BC3-89FA-298F904BC583}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{DC48B83B-0743-4422-BF17-6C875E9BD0A8}D:\horizon 4.6\engines\horizon46.exe] => (Allow) D:\horizon 4.6\engines\horizon46.exe FirewallRules: [UDP Query User{694CC7A3-0E41-408A-A461-93C4797FA2AD}D:\horizon 4.6\engines\horizon46.exe] => (Allow) D:\horizon 4.6\engines\horizon46.exe FirewallRules: [TCP Query User{1544EAB7-A821-4548-8098-5925D0D977F2}C:\users\krzysztof\desktop\mobydam\mobydam.exe] => (Allow) C:\users\krzysztof\desktop\mobydam\mobydam.exe FirewallRules: [UDP Query User{0F7737F8-CE08-4225-9288-742E2CBEB0B9}C:\users\krzysztof\desktop\mobydam\mobydam.exe] => (Allow) C:\users\krzysztof\desktop\mobydam\mobydam.exe FirewallRules: [TCP Query User{21422637-B904-4BC5-BE45-7C95E440DE55}C:\programdata\oracle\java\javapath_target_1422687\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1422687\java.exe FirewallRules: [UDP Query User{38D100A5-956C-4529-88FB-2910D9087956}C:\programdata\oracle\java\javapath_target_1422687\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1422687\java.exe FirewallRules: [TCP Query User{F80FE7C9-2B5E-40C5-B3B9-A2C2C01EBFB6}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{04AF123A-7001-415E-AA70-A2A942D0F94F}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [TCP Query User{D5ED0B32-3487-4C6E-8FC9-10A7C8E812B8}C:\programdata\oracle\java\javapath_target_1527093\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1527093\java.exe FirewallRules: [UDP Query User{FC544109-1D11-4B4D-8387-EEB6CBEDEBEA}C:\programdata\oracle\java\javapath_target_1527093\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1527093\java.exe FirewallRules: [TCP Query User{8E0605ED-F480-4E96-81F1-8EF8FF86E683}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{C3998455-3132-4108-8783-78499867CC45}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [TCP Query User{94A20D0E-7D62-4AA4-A0FD-FF9EACA4EA08}C:\users\krzysztof\desktop\draughts\dsbs\dgt\dgtebsvr.exe] => (Allow) C:\users\krzysztof\desktop\draughts\dsbs\dgt\dgtebsvr.exe FirewallRules: [UDP Query User{86CF045F-CAF8-4BC2-A4F5-93213477A2B9}C:\users\krzysztof\desktop\draughts\dsbs\dgt\dgtebsvr.exe] => (Allow) C:\users\krzysztof\desktop\draughts\dsbs\dgt\dgtebsvr.exe FirewallRules: [{67A3F4BA-D504-4A9D-B0F0-F53F3B168505}] => (Allow) C:\Users\Krzysztof\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CD0E16AF-9525-4FFE-AF12-9B6AA1C98D02}] => (Allow) C:\Users\Krzysztof\AppData\Roaming\uTorrent\uTorrent.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (06/27/2017 12:00:06 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SWISSW.exe w wersji 3.5.8.2 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: ec8 Godzina rozpoczęcia: 01d2ef2c1163ba87 Godzina zakończenia: 16 Ścieżka aplikacji: C:\Program Files (x86)\ChessArbiter Pro for draughts\SWISSW.exe Identyfikator raportu: 5feba6b6-5b1f-11e7-a38a-0016e65bcb21 Error: (06/27/2017 11:53:31 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SWISSW.exe w wersji 3.5.8.2 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 344 Godzina rozpoczęcia: 01d2ef2b2771216d Godzina zakończenia: 63 Ścieżka aplikacji: C:\Program Files (x86)\ChessArbiter Pro for draughts\SWISSW.exe Identyfikator raportu: 76776a3e-5b1e-11e7-a38a-0016e65bcb21 Error: (06/26/2017 04:55:25 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll". Nie można odnaleźć zestawu zależnego Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/26/2017 04:55:23 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll". Nie można odnaleźć zestawu zależnego Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/26/2017 02:45:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Avira.OE.ServiceHost.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.NullReferenceException w Avira.OE.Communicator.RequestMessageHandler.IsResponse(System.String) w Avira.OE.Communicator.SecureConnection.SecureSocket_MessageReceived(System.Object, WebSocket4Net.MessageReceivedEventArgs) w WebSocket4Net.WebSocket.FireMessageReceived(System.String) w WebSocket4Net.Command.Text.ExecuteCommand(WebSocket4Net.WebSocket, WebSocket4Net.WebSocketCommandInfo) w WebSocket4Net.WebSocket.ExecuteCommand(WebSocket4Net.WebSocketCommandInfo) w WebSocket4Net.WebSocket.OnDataReceived(Byte[], Int32, Int32) w WebSocket4Net.WebSocket.client_DataReceived(System.Object, SuperSocket.ClientEngine.DataEventArgs) w SuperSocket.ClientEngine.ClientSession.OnDataReceived(Byte[], Int32, Int32) w SuperSocket.ClientEngine.SslStreamTcpSession.OnDataRead(System.IAsyncResult) w System.Net.LazyAsyncResult.Complete(IntPtr) w System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr) w System.Net.Security._SslStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest) w System.Net.Security._SslStream.ReadFrameCallback(System.Net.AsyncProtocolRequest) w System.Net.AsyncProtocolRequest.CompleteRequest(Int32) w System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32) w System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult) w System.Net.LazyAsyncResult.Complete(IntPtr) w System.Net.ContextAwareResult.CompleteCallback(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Net.ContextAwareResult.Complete(IntPtr) w System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr) w System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*) w System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*) Error: (06/26/2017 02:06:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service COMODO Internet Security Helper Service since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (06/26/2017 01:49:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Internet Security Essentials. System Error: Nie można odnaleźć określonego pliku. . Error: (06/26/2017 08:41:26 AM) (Source: MsiInstaller) (EventID: 10005) (User: Grzelak) Description: Product: CCC Help Swedish -- Internal Error 2203. C:\Windows\Installer\2de899.ipi, -2147287035 Error: (06/19/2017 07:17:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: ) Description: Zainicjowanie obiektu System Writer kopii zapasowej VSS przez Usługi kryptograficzne nie powiodło się. Details: System Writer object failed to subscribe to VSS. System Error: Nieokreślony błąd. . Error: (06/15/2017 01:11:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program cis.exe w wersji 10.0.1.6223 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 178 Godzina rozpoczęcia: 01d2e5c222141119 Godzina zakończenia: 118 Ścieżka aplikacji: C:\Program Files\COMODO\COMODO Internet Security\cis.exe Identyfikator raportu: c65faa4f-51b8-11e7-a7e8-0016e65bcb21 Dziennik System: ============= Error: (06/27/2017 08:00:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NDSPCIIO z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (06/27/2017 08:00:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NDSPCIIO z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (06/27/2017 07:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NDSPCIIO z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (06/27/2017 07:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NDSPCIIO z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (06/27/2017 12:40:51 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/27/2017 12:40:50 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/27/2017 12:40:50 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/27/2017 12:40:49 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/27/2017 09:07:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi aswbIDSAgent z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (06/27/2017 09:07:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą aswbIDSAgent. CodeIntegrity: =================================== Date: 2017-06-26 13:57:29.031 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 13:57:28.921 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 13:55:59.211 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 13:55:59.040 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 13:05:55.621 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 13:05:55.182 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 12:35:50.093 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 12:35:49.887 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 12:29:32.431 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-26 12:29:32.174 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) 4 CPU 3.20GHz Procent pamięci w użyciu: 59% Całkowita pamięć fizyczna: 3583.55 MB Dostępna pamięć fizyczna: 1462.01 MB Całkowita pamięć wirtualna: 7165.29 MB Dostępna pamięć wirtualna: 4857.94 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:48.73 GB) (Free:6.61 GB) NTFS Drive d: () (Fixed) (Total:97.65 GB) (Free:12.08 GB) NTFS Drive e: () (Fixed) (Total:86.39 GB) (Free:24.82 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 4E94BC80) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=184 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================