Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:14-09-2015 Uruchomiony przez Konrad (2015-09-14 19:46:50) Uruchomiony z F:\Pobieranie Windows 7 Professional Service Pack 1 (X64) (2015-01-21 19:34:15) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1783125985-2266738585-356277231-500 - Administrator - Disabled) Gość (S-1-5-21-1783125985-2266738585-356277231-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1783125985-2266738585-356277231-1002 - Limited - Enabled) Konrad (S-1-5-21-1783125985-2266738585-356277231-1000 - Administrator - Enabled) => C:\Users\Konrad ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5} AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated) Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com) Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com) AMD Catalyst Install Manager (HKLM\...\{770EA7C3-0B5A-C557-E641-A09244603B84}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com) Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) Bellum Crucis version 7.0 (HKLM-x32\...\{E4BD22AA-242B-4306-8408-04CE2FB6EB1D}_is1) (Version: 7.0 - Bellum Crucis Team) BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games) BitTorrent (HKU\S-1-5-21-1783125985-2266738585-356277231-1000\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.) COMODO Antivirus (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.) Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman) CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DEAC TPC Desktop (HKU\S-1-5-21-1783125985-2266738585-356277231-1000\...\ericssondi-e9395b45@@eng-ddc-deacxd10.DEAC TPC Desktop V3 $S27-20) (Version: 1.0 - Delivered by Citrix) EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.3 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.3 - Ministerstwo Finansow) Hidden Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com) Fallout (HKLM-x32\...\{54C8F0D5-7BD9-4D1F-9C1E-04CB859C50B5}) (Version: 1.2 - Interplay) Fallout Fixt 0.81alpha (Full Custom) (HKLM-x32\...\{83D6B5DC-9C8C-4DE2-B66C-14FA5C8680B5}_is1) (Version: 0.81alpha (Full Custom) - Sduibek) Fallout: New Vegas (HKLM-x32\...\Steam App 22490) (Version: - Obsidian Entertainment) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.124.715 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.) FreeArc 0.60 (HKLM-x32\...\FreeArc) (Version: 0.60 - Bulat Ziganshin) Futuremark SystemInfo (HKLM-x32\...\{2FE4C157-30AD-47F3-9D93-D9A2AFF25D3F}) (Version: 4.33.485.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden HD Audio PCI-e Audio Device (HKLM-x32\...\{0B43B885-9188-404F-8D1B-56EAB075EB59}) (Version: 1.0.0.0 - ) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1054 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{D71C9F27-DBF6-4F02-B9D3-99624993A9B1}) (Version: 5.0.10.2793 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Juniper Networks Host Checker (HKU\S-1-5-21-1783125985-2266738585-356277231-1000\...\Neoteris_Host_Checker) (Version: 8.0.11.36363 - Juniper Networks) Juniper Networks Setup Client (HKU\S-1-5-21-1783125985-2266738585-356277231-1000\...\Juniper_Setup_Client) (Version: 8.0.11.56747 - Juniper Networks) Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.) K-Lite Codec Pack 10.9.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - ) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly) Microsoft .NET Framework 4.5.3 Preview (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.53349 - Microsoft Corporation) Microsoft .NET Framework 4.5.3 w wersji zapoznawczej (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.53349 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPRO) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 40.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 pl)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0a2 - Mozilla) MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD) MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.85 - MSI) MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.27 - MSI) MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.5 - MSI) MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 4.0.0.00 - MSI) MSI Intel Extreme Tuning Utility (HKLM-x32\...\{56351c83-306c-4135-a570-2784d3025548}) (Version: 5.1.0.101 - Intel Corporation) MSI Intel Extreme Tuning Utility (x32 Version: 5.1.0.101 - Intel Corporation) Hidden MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.012 - MSI) MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.10 - MSI) MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NetScaler Gateway Endpoint Analysis (HKLM\...\{1C15CFBF-1054-4F38-93F1-C0E66441880A}) (Version: 10.5.55.8 - Citrix Systems, Inc.) New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com) Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team) OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com) Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden RAPID Mode (Version: 1.0.1.91 - Samsung Electronics Co., Ltd.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.6 - Samsung Electronics) Self-service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - ) Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com) Spotify (HKU\S-1-5-21-1783125985-2266738585-356277231-1000\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com) TP-LINK TL-WDN4800 Driver (HKLM-x32\...\{70D605C7-C823-4750-BA72-BEB835713612}) (Version: 1.3.1 - TP-LINK) Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03B37FB7-E249-4910-A253-43BDE32888B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Microsoft Project\Office15\msoia.exe [2015-09-13] (Microsoft Corporation) Task: {17B5BBC1-57CC-4F2D-B017-07F6711F6B82} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2015-09-13] (Microsoft Corporation) Task: {21702ABF-6629-4891-8EB7-AC7C1B33FCC1} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-05-21] (Samsung Electronics.) Task: {2646571C-CB83-4EFD-9061-A69AD9AC2027} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {3048710E-B48C-4530-BF48-BC3CD6A254FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Microsoft Project\Office15\msoia.exe [2015-09-13] (Microsoft Corporation) Task: {3E257389-1107-41C3-B8DD-A4B48DEFCB16} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-01-22] () Task: {4063A2B6-1FBB-49BD-A2DF-7CF10213F14C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {45848C72-4B78-4E4D-A79E-49B443AC23E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {50AF404E-B8EC-447C-ABAC-D6A43FF8F58A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06] (COMODO) Task: {5E412CF7-6784-4349-8007-FDCF3B5F248D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {636D2102-20FD-4EF5-B0B9-CAD12908BD31} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO) Task: {7939CDD6-E5DA-4663-AD77-ED603A66DAA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated) Task: {905506E5-1682-41D5-AF4B-102561127CEE} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO) Task: {C072E903-BED2-4F52-A601-FDA7AB7DD267} - System32\Tasks\{663DFB9E-6895-4EF9-93F6-D4BC104D8C56} => pcalua.exe -a "D:\Gry\Ubisoft Game Launcher\games\Assassin's Creed Unity\Support\Software\VCRedist\vcredist_x64.exe" -d "D:\Gry\Ubisoft Game Launcher\games\Assassin's Creed Unity\Support\Software\VCRedist" Task: {CD863B06-2003-4A55-A9C5-5A146BA6D22D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {E92B7861-CBAF-4F28-AB8B-851C9D3D6DD7} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO) Task: {E97BB0D0-E266-44D2-9967-EBCA45408DEE} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Załadowane moduły (filtrowane) ============== 2013-07-01 10:21 - 2013-07-01 10:21 - 00057176 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe 2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll 2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe 2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll 2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe 2014-02-21 10:47 - 2015-01-25 00:58 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2014-02-21 10:47 - 2014-02-21 10:47 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2014-02-21 10:47 - 2014-02-21 10:47 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-02-21 10:47 - 2014-02-21 10:47 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll 2015-08-06 20:38 - 2015-08-06 21:01 - 00286720 _____ () C:\Windows\system\GfsMgr64.exe 2015-08-06 20:38 - 2015-08-06 21:01 - 00204800 _____ () C:\Windows\SysWOW64\GfsMgr.exe 2015-08-06 20:38 - 2015-08-06 21:01 - 00204800 _____ () C:\Windows\SysWOW64\ExMgr.exe 2015-08-06 20:59 - 2015-08-06 21:00 - 02325504 _____ () C:\Program Files\HD Audio PCI-e Audio Device\CPL\FaceLift_x64.exe 2015-01-21 23:13 - 2015-01-21 23:13 - 01993216 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe 2013-04-15 18:39 - 2015-01-09 00:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-08-06 20:38 - 2013-05-16 03:18 - 00090112 ____N () C:\Windows\SysWOW64\ExSrv.dll 2015-07-14 12:59 - 2015-07-14 12:59 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-01-21 23:21 - 2015-01-21 23:21 - 01723856 _____ () C:\MSI\Smart Utilities\SuperRAIDExt.DLL 2015-01-21 22:05 - 2015-05-21 08:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll 2014-10-21 16:37 - 2014-10-21 16:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-09-14 19:39 - 2015-09-14 19:39 - 00380416 _____ () F:\Pobieranie\h7lzxhzm.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\acpimof.dll:$CmdTcID AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID AlternateDataStreams: C:\Windows\system\ATLOISAService.exe:$CmdTcID AlternateDataStreams: C:\Windows\system\GfsMgr64.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AERTAC64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AERTAR64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdave64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdgfxinfo64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdhcp64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdlvr64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdmantle64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdmmcl6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdocl12cl64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdocl_as64.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdocl_ld64.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\athrx.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aticfx64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atidxx64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atieah64.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\atisamu64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atiuxp64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\BootMan.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\CMCplExt_SC808.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cmeauSC808HD.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\CMEffectAPO_SC808.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\coinst_15.20.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\credui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptdlg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DelayAPO.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\detoured.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dhcpcore6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dhcpcsvc6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EuEpmGdi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FMAPO64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\gameux.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\hsa-thunk64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iologmsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iphlpsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kstat.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mantle64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mantleaxl64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO20.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MaxxAudioAPOShell64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MaxxAudioEQ64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MBAPO264.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MBWrp64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfc100u.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdrm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msieftp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msscntrs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssph.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssphtb.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssrch.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssvp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msvcr100.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\netcorehc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\netevent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntshrui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OpenVideo64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OVDecode64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OxpsConverter.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\prevhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RCoInstII64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\RltkAPO64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RMActivate.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\RMActivate_isv.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\RMActivate_ssp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\RMActivate_ssp_isv.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\RP3DAA64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RP3DHT64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\RTCOM64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RtDataProc64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RTEED64A.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RTEEG64A.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RTEEL64A.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RTEEP64A.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RtkApi64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RtkCfg64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RtkCoLDR64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RtlCPAPI64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RtPgEx64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RTSnMg64.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\SearchFilterHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\SearchIndexer.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\SearchProtocolHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secproc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secproc_isv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secproc_ssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secproc_ssp_isv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\setupempdrvx64.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SmartcardCredentialProvider.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SRSHP64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SRSTSH64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SRSTSX64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SRSWOW64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\timedate.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\tquery.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSWorkspace.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WavesGUILib64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wdfcoinstaller01009.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Wpc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wwanprotdim.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wwansvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xmllite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdave32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdgfxinfo32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdhcp32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdlvr32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdmantle32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdmmcl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdocl12cl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdocl_as32.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdocl_ld32.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiadlxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atieah32.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atisamu32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\BootMan.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\charmap.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\credui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptdlg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\detoured.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dhcpcore6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dhcpcsvc6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\epmntdrv.sys:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\EuEpmGdi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\EuGdiDrv.sys:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ExMgr.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\gameux.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\GfsMgr.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\hsa-thunk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iologmsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mantle32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mantleaxl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MBAPO232.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdrm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msieftp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msscntrs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssph.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssphtb.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssrch.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssvp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\netcorehc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\netevent.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntshrui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OpenVideo.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OVDecode.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PnkBstrB.ex0:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PnkBstrB.xtr:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\prevhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\RMActivate.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\RMActivate_isv.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\RMActivate_ssp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\RMActivate_ssp_isv.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SearchFilterHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SearchIndexer.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SearchProtocolHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secproc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secproc_isv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secproc_ssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secproc_ssp_isv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\setupempdrv03.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SmartcardCredentialProvider.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\srvany.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\timedate.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tquery.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\TSWorkspace.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\Wpc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\xmllite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\AcpiCtlDrv.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\amdacpksd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\amdkmpfd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ataport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\AtihdW76.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\bflwfx64.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\bthpan.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\BTHUSB.SYS:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ctxusbm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\Diskdump.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\fvevol.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ICCWDT.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ikbevent.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\imsevent.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ISCTD.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\MBfilt64.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\msiscsi.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\rfcomm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\RNDISMP.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\RTKVHD64.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\SamsungRapidFSFltr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\SC808HDV64.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\storport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\TeeDriverx64.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\vfilter.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\virtualnet.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID AlternateDataStreams: C:\Users\Konrad\Desktop\11874001_862553220465308_1584834040_n.jpg:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\APGSIM_z_0_na_1.log:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\APGSIM_z_1_na_0.log:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\bookmarks-2015-03-19.json:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\bookmarks.html:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\epol-gw-krb1-2014.05.31.vpn:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\epol-gw-ldt1-2014.04.26.vpn:$CmdTcID AlternateDataStreams: C:\Users\Konrad\Desktop\epol-gw-ldt1-2014.04.26.vpn:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\indeks.jpg:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\proclog_z_0_na_1.txt:$CmdZnID AlternateDataStreams: C:\Users\Konrad\Desktop\proclog_z_1_na_0.txt:$CmdZnID ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1783125985-2266738585-356277231-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: ECOSERVICE => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: MSI_LiveUpdate_Service => 2 MSCONFIG\Services: Qualcomm Atheros Killer Service V2 => 2 MSCONFIG\startupfolder: C:^Users^Konrad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER MSCONFIG\startupreg: Sound Blaster Cinema 2 => "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r MSCONFIG\startupreg: Spotify => "C:\Users\Konrad\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Konrad\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "D:\Gry\Steam\steam.exe" -silent ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{7B1963DE-BBB5-40BE-8474-4906EFB6FABC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CEF964B6-E8B3-4A7D-BC1D-302834752657}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E599ED27-1B28-486E-B388-A5766000C34B}] => (Allow) D:\Gry\Steam\Steam.exe FirewallRules: [{81CC9C16-DF5B-4BDC-BDF9-4D172F705CC0}] => (Allow) D:\Gry\Steam\Steam.exe FirewallRules: [{77F78F18-A055-4F49-AE9B-89CF8E83DEBF}] => (Allow) D:\Gry\Steam\bin\steamwebhelper.exe FirewallRules: [{B568F53F-D36D-4607-9959-07DFAF700A43}] => (Allow) D:\Gry\Steam\bin\steamwebhelper.exe FirewallRules: [{1AD677B8-C4F6-49F8-B55B-F4FBAD772BDC}] => (Allow) C:\Users\Konrad\AppData\Roaming\Spotify\spotify.exe FirewallRules: [{A7422707-C0C4-4FDA-8983-87B497C1B96C}] => (Allow) C:\Users\Konrad\AppData\Roaming\Spotify\spotify.exe FirewallRules: [{559A0D05-2A9F-46E7-861E-F77532127065}] => (Allow) C:\Users\Konrad\AppData\Roaming\Spotify\spotify.exe FirewallRules: [{255F749D-E472-46B8-AA26-EF4E4A16D6FD}] => (Allow) C:\Users\Konrad\AppData\Roaming\Spotify\spotify.exe FirewallRules: [TCP Query User{BD254B38-AFE3-499E-BB83-4FF8778E63EE}D:\gry\wolfenstein - enemy territory\et.exe] => (Allow) D:\gry\wolfenstein - enemy territory\et.exe FirewallRules: [UDP Query User{C5EACD1D-94E6-4FA0-8B2A-21C163451820}D:\gry\wolfenstein - enemy territory\et.exe] => (Allow) D:\gry\wolfenstein - enemy territory\et.exe FirewallRules: [TCP Query User{D596DB3C-C26C-46BD-91B8-6B8A006A57D0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{177141F6-8B9B-4BAE-B573-65C1743AB845}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{EEFBBA59-0E14-4B94-9D6E-A483B1CE026B}] => (Allow) D:\Gry\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe FirewallRules: [{0DF5B964-29D0-41FC-930A-C7B567BE30D5}] => (Allow) D:\Gry\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe FirewallRules: [{1BE01235-C426-425E-A0C5-53D88A7873BA}] => (Allow) E:\CS\steamapps\common\Medieval II Total War\medieval2.exe FirewallRules: [{B3B7652E-D2E3-4A4F-8CCF-03CDBEA151F3}] => (Allow) E:\CS\steamapps\common\Medieval II Total War\medieval2.exe FirewallRules: [{B5797E1A-CC01-404F-93C5-3ECAC4D8C107}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{70719FD1-74FB-4DF3-8867-0AAE859FE28E}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{470D5132-15A8-4C12-8C25-38BA69CFCF11}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe FirewallRules: [{1A120244-44E7-404E-A527-3A84AEFD4519}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe FirewallRules: [{558BC2F8-1A8B-479F-9101-5682C93A8B3C}] => (Allow) D:\Gry\Steam\steamapps\common\Fallout New Vegas enplczru\FalloutNVLauncher.exe FirewallRules: [{DEFDB1A8-F481-4B2C-9BAF-F3EA4F96E6FE}] => (Allow) D:\Gry\Steam\steamapps\common\Fallout New Vegas enplczru\FalloutNVLauncher.exe FirewallRules: [{3BA462D5-41FC-4404-ACA1-7520F437250B}] => (Allow) D:\Gry\Battle.net\Battle.net.exe FirewallRules: [{FC3F106D-32D9-4687-82EB-5A7C72D898F3}] => (Allow) D:\Gry\Battle.net\Battle.net.exe FirewallRules: [{4C74572B-5889-440B-A2DF-CB94DBE1ACFB}] => (Allow) D:\Gry\Hearthstone\Hearthstone.exe FirewallRules: [{6AA40979-9C40-4890-B5E4-EBA63CE761BC}] => (Allow) D:\Gry\Hearthstone\Hearthstone.exe FirewallRules: [{39404E30-E296-4F8E-A90C-09810CE7EF93}] => (Allow) D:\Gry\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{85E0562A-971E-4D2F-B2AE-D944195C52AC}] => (Allow) D:\Gry\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{A4EE82A7-5F1D-41DF-9CD7-F8595FB42EAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E7F36166-AC0D-4467-8989-F731703B4A5D}] => (Allow) D:\Gry\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{8AA0D64A-6245-4383-95DB-4146FA2D22B8}] => (Allow) D:\Gry\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{CF820408-B3FA-4A1B-B073-CFD3BC464D90}] => (Allow) C:\Users\Konrad\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{DD9893E2-0361-4F0C-A1D3-E923332F2592}] => (Allow) C:\Users\Konrad\AppData\Roaming\BitTorrent\BitTorrent.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Shrew Soft Virtual Adapter Description: Shrew Soft Virtual Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Shrew Soft Service: vnet Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: ASInsHelp Description: ASInsHelp Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ASInsHelp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) Description: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: Ke2200 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/14/2015 07:45:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/14/2015 07:43:54 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Nie można uzyskać informacji rejestru licznika wydajności dla elementu WSearchIdxPi w wystąpieniu z powodu następującego błędu: Operacja ukończona pomyślnie. 0x0. Error: (09/14/2015 07:43:54 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Nie można zainicjować monitorowania wydajności dla obiektu programu zbierającego, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer. Kontekst: aplikacja , wykaz SystemIndex Error: (09/14/2015 07:43:54 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Nie można zainicjować monitorowania wydajności dla usługi zbierającej, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer. Error: (09/14/2015 07:42:20 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Nie można uzyskać informacji rejestru licznika wydajności dla elementu WSearchIdxPi w wystąpieniu z powodu następującego błędu: Operacja ukończona pomyślnie. 0x0. Error: (09/14/2015 07:42:20 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Nie można zainicjować monitorowania wydajności dla obiektu programu zbierającego, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer. Kontekst: aplikacja , wykaz SystemIndex Error: (09/14/2015 07:42:20 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Nie można zainicjować monitorowania wydajności dla usługi zbierającej, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer. Error: (09/14/2015 07:11:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/14/2015 07:09:16 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Nie można uzyskać informacji rejestru licznika wydajności dla elementu WSearchIdxPi w wystąpieniu z powodu następującego błędu: Operacja ukończona pomyślnie. 0x0. Error: (09/14/2015 07:09:15 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Nie można zainicjować monitorowania wydajności dla obiektu programu zbierającego, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer. Kontekst: aplikacja , wykaz SystemIndex Dziennik System: ============= Error: (09/14/2015 07:43:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (09/14/2015 07:43:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ASInsHelp z powodu następującego błędu: %%2 Error: (09/14/2015 07:42:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (09/14/2015 07:42:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ASInsHelp z powodu następującego błędu: %%2 Error: (09/14/2015 07:09:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (09/14/2015 07:09:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ASInsHelp z powodu następującego błędu: %%2 Error: (09/14/2015 06:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/14/2015 06:43:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Integrated Clock Controller Service - Intel(R) ICCS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/14/2015 06:43:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Extreme Tuning Utility Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/14/2015 06:43:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (09/14/2015 07:45:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/14/2015 07:43:54 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: WSearchIdxPiOperacja ukończona pomyślnie. 0x0 Error: (09/14/2015 07:43:54 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Kontekst: aplikacja , wykaz SystemIndex Error: (09/14/2015 07:43:54 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Error: (09/14/2015 07:42:20 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: WSearchIdxPiOperacja ukończona pomyślnie. 0x0 Error: (09/14/2015 07:42:20 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Kontekst: aplikacja , wykaz SystemIndex Error: (09/14/2015 07:42:20 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Error: (09/14/2015 07:11:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/14/2015 07:09:16 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: WSearchIdxPiOperacja ukończona pomyślnie. 0x0 Error: (09/14/2015 07:09:15 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Kontekst: aplikacja , wykaz SystemIndex CodeIntegrity: =================================== Date: 2015-03-14 23:37:08.317 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Procent pamięci w użyciu: 42% Całkowita pamięć fizyczna: 8140.98 MB Dostępna pamięć fizyczna: 4657.59 MB Całkowita pamięć wirtualna: 12235.18 MB Dostępna pamięć wirtualna: 8272.35 MB ==================== Dyski ================================ Drive c: (System-SSD) (Fixed) (Total:63.48 GB) (Free:13.85 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano BCD)] Drive d: (Dane) (Fixed) (Total:488.28 GB) (Free:354.65 GB) NTFS Drive e: (Reszta-SSD) (Fixed) (Total:37.13 GB) (Free:36.27 GB) NTFS Drive f: (Filmy) (Fixed) (Total:443.23 GB) (Free:62.03 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D3A5CB4E) Partition 1: (Active) - (Size=63.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=37.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CDDE3DD3) Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================