Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:20-12-2015 Uruchomiony przez Ruka (2015-12-21 21:53:49) Uruchomiony z C:\Users\Ruka\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-11-21 18:21:03) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1647462393-2480976863-1240803015-500 - Administrator - Disabled) Gość (S-1-5-21-1647462393-2480976863-1240803015-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1647462393-2480976863-1240803015-1002 - Limited - Enabled) Oliwka (S-1-5-21-1647462393-2480976863-1240803015-1003 - Limited - Enabled) => C:\Users\Oliwka openpgsvc (S-1-5-21-1647462393-2480976863-1240803015-1004 - Limited - Enabled) => C:\Users\openpgsvc Ruka (S-1-5-21-1647462393-2480976863-1240803015-1000 - Administrator - Enabled) => C:\Users\Ruka ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5} AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.162.6808 - ABBYY) ABBYY PDF Transformer 3.0 (Version: 3.00.162.6808 - ABBYY) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM-x32\...\Adobe_678cd98c8365a5647f9a2e539d120a8) (Version: 10.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden AIMP (HKLM-x32\...\AIMP) (Version: v4.00.1655 Beta 3, 20.09.2015 - AIMP DevTeam) AMD Catalyst Install Manager (HKLM\...\{1B4ED54A-A741-5D36-40C6-0DA839CA033F}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.) A-PDF Number freeware 1.3 (HKLM-x32\...\A-PDF Number_is1) (Version: - A-PDF.com) Ashampoo Movie Studio 2013 v.1.0.0 (HKLM-x32\...\{91B33C97-EB09-F0A4-36AC-3895F9F93DD1}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) Ashampoo Snap 6 v.6.0.10 (HKLM-x32\...\{C92AB6F1-770F-EA32-6CF7-8A0792FA1A4B}_is1) (Version: 6.0.10 - Ashampoo GmbH & Co. KG) Assassin's Creed wersja 1.02 (HKLM-x32\...\Assassin's Creed_is1) (Version: 1.02 - UBISoft) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Bandizip (HKLM\...\Bandizip) (Version: 5.09 - Bandisoft.com) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.120 - Atheros Communications) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden BurnAware Free 8.6 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden COMODO Internet Security (HKLM\...\{0E9AFD45-C3BA-41D1-B54B-495A22CB3409}) (Version: 6.0.64131.2674 - COMODO Security Solutions Inc.) Creative Media Lite (HKLM-x32\...\Creative Media Lite) (Version: - ) Creative Software Update (x32 Version: 1.00.14 - Creative Technology Ltd.) Hidden Creative ZEN Stone User's Guide (HKLM-x32\...\ZENStoneUG) (Version: - Creative Tech) CWA Bestia (HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\...\F6709682E7CEB516D1702D164F9CF2E03C7B3967) (Version: 3.0.0.33 - ABC PRO SP. z o.o.) CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.) CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Debugging Tools for Windows (x86) (HKLM-x32\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.) Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.) Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung) eM Client (HKLM-x32\...\{F3D4FF28-2C9E-45E5-B983-CE8BF449ECEC}) (Version: 6.0.23421.0 - eM Client Inc.) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung) ETDWare PS/2-X64 10.0.7.3_WHQL (HKLM\...\Elantech) (Version: 10.0.7.3 - ELAN Microelectronic Corp.) Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden FREE Outlook PST File Viewer version 2.0 (HKLM-x32\...\{FC708B30-BA65-4091-B93C-A50A367B6448}_is1) (Version: 2.0 - www.freeviewer.org) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Gpg4win (2.2.6) (HKLM-x32\...\GPG4Win) (Version: 2.2.6 - The Gpg4win Project) HitFilm 2 Express (HKLM\...\{A6E81EFB-2A19-4B5B-8C48-D4E5DB3AD547}) (Version: 2.0.2522.46168 - FXhome) Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden JTHTML 8.5 (HKLM-x32\...\JTHTML 8.5_is1) (Version: 8.5 - Janusz Tomczak) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Legislator (HKLM-x32\...\{6230CADC-BAD1-4473-1234-7DAF16C6CD67}) (Version: 2.2.0.0 - ABC PRO Sp. z o.o.) Legislator Magic (HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\...\7DAF87704FB4DA93C48442ED721CC6AAD0A10913) (Version: 3.1.0.999 - ABC PRO SP. z o.o.) Lenovo K900 Device Drivers (HKLM-x32\...\{CE03FF91-455C-4C9E-AEB7-CAFE959811CD}) (Version: 5.0.18 - Lenovo) Lenovo Service Bridge (HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo) LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics) LibreOffice 5.0.0.5 (HKLM\...\{A4D51ECF-D046-46F5-935F-2B3A6ADF89D9}) (Version: 5.0.0.5 - The Document Foundation) Light Image Resizer 4.7.1.1 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.1.1 - ObviousIdea) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 43.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0 (x86 pl)) (Version: 43.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.0.5820 - Mozilla) Mozilla Thunderbird 38.4.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 pl)) (Version: 38.4.0 - Mozilla) MultiCommander (HKLM\...\MultiCommander) (Version: - ) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation) Overlook Fing (HKLM-x32\...\Overlook Fing 2.2) (Version: 2.2 - Overlook) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.207.0 - Tracker Software Products (Canada) Ltd.) Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - ) Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden QGIS Pisa 2.10.1 Pisa (HKLM\...\QGIS Pisa) (Version: - QGIS Development Team) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.) Renegade X Black Dawn (HKLM\...\UDK-90ab8e7c-b51f-433c-b6a3-f1aef71249bd) (Version: - Epic Games, Inc.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung) Screen Capturer (HKLM-x32\...\Screen Capturer) (Version: 1.0.4.42 - ScreenCapturer.com) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Sigillum Sign 4 - Usuń wszystko (Uninstall all) (HKLM\...\Sigillum Sign 4_is1) (Version: - PWPW) Sigillum Sign 4 (HKLM-x32\...\{4D4602AE-0429-4424-BDFD-8E9A4EABCB56}) (Version: 4.2.2.20 - PWPW) Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.) Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung) Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.) Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.5.10 - Splashtop Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent) WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinHTTrack Website Copier 3.47-26 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.26 - HTTrack) WinHTTrack Website Copier 3.48-21 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack) winpcap-overlook 4.02 (HKLM-x32\...\winpcap-overlook) (Version: - ) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) ZTE MF823 (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1647462393-2480976863-1240803015-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com) CustomCLSID: HKU\S-1-5-21-1647462393-2480976863-1240803015-1000_Classes\CLSID\{8235761D-4AF3-438A-B8E7-AFB83A927572}\InprocServer32 -> C:\Users\Ruka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\NetGadget64.gadget\NETGAD~1.OCX (SystemGadgets.com) ==================== Punkty Przywracania systemu ========================= 05-12-2015 19:56:40 Zaplanowany punkt kontrolny 09-12-2015 19:00:51 Windows Update 18-12-2015 21:12:10 Windows Update 21-12-2015 09:18:45 Windows Update 21-12-2015 18:20:04 Punkt przywracania stworzony przez HitmanPro ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0BEF1551-8753-4A8B-A4D4-02F1CA277C2B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-09-06] (Samsung Electronics Co., Ltd.) Task: {0C93FD7E-6BA7-4B5D-B066-902574FCBDC2} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-08-22] (Samsung Electronics Co., Ltd.) Task: {215BB392-AAB8-46E3-A414-E9ADADEC294D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO) Task: {277A0019-7AF5-47C1-937D-60A0FD87986B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-11-02] (Adobe Systems Incorporated) Task: {290315F7-216D-4705-A208-8DFC385FC917} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO) Task: {2F0E85F0-E252-434D-8528-5F1F725E5361} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-08-19] (Samsung Electronics Co., Ltd.) Task: {4B5A94CB-070D-4599-8A3A-2C293CB27C5C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.) Task: {4D52C21F-E35E-45F8-8863-B1C75990C8C5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-21] (Microsoft Corporation) Task: {584B8ED8-754F-47CA-BE78-214C48D2F4EC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-21] (Microsoft Corporation) Task: {58AEA187-00CB-497B-AA5C-F98943D6DF1A} - System32\Tasks\{27D47E0A-080E-4506-A8AB-79424E902BB6} => pcalua.exe -a "D:\Gry\Gra-Wiedzmin.ER.PL\Patch\Patch 1.4 - Edycja Rozszerzona\setup.exe" -d "D:\Gry\Gra-Wiedzmin.ER.PL\Patch\Patch 1.4 - Edycja Rozszerzona" Task: {69F419D7-F9E4-42A5-B78D-E386E7B10599} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-08-19] (SAMSUNG Electronics co., LTD.) Task: {6EFFDC03-7A95-4D14-BE58-469665B17606} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {77E8430B-8029-469E-A70F-088296362887} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO) Task: {8EB377FE-527F-478C-A508-7BA7B33A16F2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO) Task: {91BC36F6-0625-4317-B22C-96E81F5222CF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO) Task: {97AC7344-9D17-4719-91EE-23F56537D4FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {B7E697BA-F961-4C02-BEDA-590F68403521} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink) Task: {BB2605DC-C317-4BEF-8D68-291CD0CDE98B} - System32\Tasks\{8FDFA698-384C-4211-B938-7953D80E44C4} => Firefox.exe hxxp://ui.skype.com/ui/0/7.4.0.102/pl/abandoninstall?page=tsProgressBar Task: {BC516846-0B69-4362-BA33-7EB70DED58DF} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: {DBAE934A-4B83-4EAB-AD23-29AC6D829234} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2011-09-06] (Samsung Electronics Co., Ltd.) Task: {DCFCE7D9-4AC7-46F8-B9D5-1302C4142F30} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe Task: {EDD6EDAA-2EF0-4B23-BCD1-7484622D03DD} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [2011-10-12] (SAMSUNG Electronics) Task: {F126976C-FA15-44F1-ADCD-6FF7403F2456} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-09-28] (Samsung Electronics) Task: {F467B805-1001-4991-867B-24B0B2E6D37F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {FD0287A8-6047-4FD3-87B3-45A344008FFF} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Ruka\Desktop\QGIS Desktop 2.10.1.lnk -> C:\Program Files\QGIS Pisa\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISPI~1\bin\qgis.bat ==================== Załadowane moduły (filtrowane) ============== 2015-09-09 11:52 - 2015-10-17 08:00 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-01-11 09:49 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2015-05-20 15:57 - 2013-03-19 20:49 - 00417536 _____ () C:\Program Files (x86)\ZTE MF823\CheckNDISPort_df.exe 2015-05-20 15:57 - 2013-02-25 14:41 - 00446720 _____ () C:\Program Files (x86)\ZTE MF823\CancelAutoPlay_df.exe 2012-12-14 20:46 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2011-03-14 06:21 - 2011-03-14 06:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-10-13 09:01 - 2011-10-13 09:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-09-09 11:40 - 2015-09-09 11:40 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll 2015-09-09 11:34 - 2015-09-09 11:34 - 00087040 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll 2015-09-09 11:28 - 2015-09-09 11:28 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll 2015-09-09 11:39 - 2015-09-09 11:39 - 00072192 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll 2015-09-09 11:42 - 2015-09-09 11:42 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll 2014-01-05 09:50 - 2012-12-04 10:40 - 00137216 _____ () C:\Program Files (x86)\OpenERP 7.0-20140105-002500\PostgreSQL\bin\LIBPQ.dll 2014-01-05 09:52 - 2012-08-14 14:30 - 01009664 _____ () C:\Program Files (x86)\OpenERP 7.0-20140105-002500\PostgreSQL\bin\libxml2.dll 2012-01-11 08:35 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll 2012-01-11 08:35 - 2011-02-16 17:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll 2012-01-11 08:50 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll 2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2015-12-09 18:28 - 2015-12-09 18:28 - 17647296 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\windows\IsUn0415.exe:$CmdTcID AlternateDataStreams: C:\windows\notepad.exe:$CmdTcID AlternateDataStreams: C:\windows\unins000.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\acmigration.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\adtschema.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\aeinv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\aelupsvc.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\aitstatic.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\appidcertstorecheck.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\appidpolicyconverter.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\appinfo.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\appraiser.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\audiodg.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\auditpol.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\authui.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\basesrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\bcryptprimitives.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\blackbox.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\ci.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\clfs.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\CompatTelRunner.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\conhost.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\consent.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\credssp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\cryptui.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\csrsrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\d3d10warp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\davclnt.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\devinv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\diskperf.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\dns-sd.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\dwmapi.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\EncDump.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\ExplorerFrame.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\generaltel.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\invagent.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\jnwmon.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\kerberos.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\kernel32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\logman.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\lsasrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\lsass.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\mf.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\mferror.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\mfplat.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\MRT.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\msaudite.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\windows\system32\msmmsp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\msobjs.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\msscp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\mstscax.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\nlasvc.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\nmwcdclsx64.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\notepad.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\pcadm.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\pcaevts.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\pcalua.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\pcasvc.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\pcawrk.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\perftrack.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\poqexec.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\powertracker.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\profsvc.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\ptdllrun1.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\relog.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\rstrui.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\scesrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\schannel.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\sechost.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\secur32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\setbcdlocale.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\shimeng.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\smss.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\srclient.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\srcore.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\sspicli.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\sspisrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\sysmain.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\TSWbPrxy.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\typeperf.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\ubpm.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\ucrtbase.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wdi.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wdigest.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\WebClnt.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\winsrv.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wksprt.exe:$CmdTcID AlternateDataStreams: C:\windows\system32\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\windows\system32\wow64.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wow64cpu.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wow64win.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\adtschema.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\apphelp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\auditpol.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\authui.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\bcryptprimitives.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\blackbox.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\credssp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\cryptui.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\d3d10warp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\davclnt.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\diskperf.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\dns-sd.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\dwmapi.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ExplorerFrame.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\instnm.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\kerberos.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\kernel32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\logman.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\mf.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\mferror.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\mfplat.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msaudite.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msobjs.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msscp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\mstscax.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ncsi.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\nlaapi.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\notepad.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ntkrnlpa.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\poqexec.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ptdllrun1.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\relog.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\scesrv.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\schannel.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\sechost.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\secur32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\setup16.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\shimeng.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\srclient.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\sspicli.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\typeperf.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ubpm.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\ucrtbase.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\user.exe:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wdi.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wdigest.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\WebClnt.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wow32.dll:$CmdTcID AlternateDataStreams: C:\windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\afd.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\appid.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\AsusTP.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\AsusVBus.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\BazisVirtualCDBus.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\cng.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\http.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\ksecdd.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\ksecpkg.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\lgandnetdiag64.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\lgandnetmodem64.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\lgandnetndis64.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\mountmgr.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\mrxdav.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\mrxsmb.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\mrxsmb10.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\mrxsmb20.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\ndis.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\nmwcdnsux64.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\PEAuth.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\tdx.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\USBAUDIO.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\VBoxDrv.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\VBoxUSBMon.sys:$CmdTcID AlternateDataStreams: C:\windows\system32\Drivers\VClone.sys:$CmdTcID AlternateDataStreams: C:\Users\Oliwka\Downloads\Wydruk.pdf:$CmdTcID AlternateDataStreams: C:\Users\Oliwka\Downloads\Wydruk.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Desktop\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Desktop\FRST64.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Desktop\Vladimir_Wolff_-_Doktryna_Wolffa.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\17-2015.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\360TS_Setup_7.6.0.1031.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\adwcleaner_5.013.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\amateur2816.rar:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\amateur2816.rar:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\amateur_70.avi:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\amateur_70.avi:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\AVG_Protection_Free_1144.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\AviraDNSRepairEN.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\AviraDNSRepairEN.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\avira_en_av_567820bd12949__ws.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\avira_en_av_567820bd12949__ws.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\avremover_nt64_enu.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\avremover_nt64_enu.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\bitdefender_antivirus.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\bitdefender_antivirus.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\BootkitRemoval_x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\BootkitRemoval_x64.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\cce_2.5.242177.201_x32.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\ccsuitex64_pl.zip:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\ccsuitex64_pl.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\cispremium_installer.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\comodo_rescue_disk_2.0.261647.1.iso:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\config.dat:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\cryptocardsuite_kir.zip:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\cryptocardsuite_kir.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\CSU_FREE_Setup.exe.part:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\FAKTURA-P-14403653-15110595645905-00078135.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\FAKTURA-P-14403653-15110595645905-00078135.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\FAKTURA-P-14403653-15110595645905-00078135.pdf.xml.sig:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\Flight_Simulator_1.xls:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\Flight_Simulator_1.xls:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\FortiClientOnlineInstaller.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\FortiClientOnlineInstaller.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\free-pst-viewer.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\free-pst-viewer.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\FREEAV.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\FREEAV.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\FRST64.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\HistoriaPojazdu_KIA_20151120_172449.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\HitmanPro_x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\ib1vpvvr.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\j262k0xw.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\j262k0xw.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\kis16.0.0.614en_8233.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\kis16.0.0.614en_8233.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\legislator.zip:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\legislator.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\manualb1.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\manualb1.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\MAPA POLSKicdr9.cdr:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\MAPA POLSKicdr9.cdr:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\mapa.dxf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\mapa.dxf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\mbam-setup-sem-2.1.6.1022.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\Melting_Snow_Castle.xls:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\Melting_Snow_Castle.xls:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\mseinstall.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\mseinstall.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\ov9x4cyt.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\overlook-fing-2.2.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\overlook-fing-2.2.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\PandaCloudCleaner.zip:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\PandaCloudCleaner.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\PANDAIS16.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\PANDAIS16.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\PodrecznikAdministratora.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\polska.dxf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\polska.dxf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\POLSKA_woj_pow_gminy.png:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\POLSKA_woj_pow_gminy.png:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\SCR3xxx_win_driver_V4.31_V4.56.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\setup_e-pity2014.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\setup_e-pity2014.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\SigillumSign4_x64.zip:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\SigillumSign4_x64.zip:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\silvercouple (135).mp4:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\silvercouple (135).mp4:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\szafir_x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\szafir_x64.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\The.Martian.2015.HC.HDRip.X264.AC3-EVO.mkv:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\The.Martian.2015.HC.HDRip.X264.AC3-EVO.mkv:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\torbrowser-install-5.0.3_pl.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\torbrowser-install-5.0.3_pl.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\Trend_Micro_Internet_Security_2016.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\Trend_Micro_Internet_Security_2016.exe:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\zalacznik_nr_3a_-_oszacowane_szkody_w_bu_1.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Downloads\zu_video 131. fucking_country_road.mp4:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Downloads\zu_video 131. fucking_country_road.mp4:$CmdZnID AlternateDataStreams: C:\Users\Ruka\AppData\Local\unins000.exe:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\15.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\15.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\2011-01-18_Jednolity_rzeczowy_wykaz_akt_gmina.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\Prezentacja współpraca KWB z Gminami.pptx:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\Prezentacja współpraca KWB z Gminami.pptx:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\protokol_oszacowania_szkod_w_gospodarstw.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\protokol_oszacowania_szkod_w_gospodarstw.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\regulamin_zgkim.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\regulamin_zgkim.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\sprawozdaniezwykonaniaplanuAudytuWewntrznegoGminyzbrosawicenarok2013..pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\sprawozdaniezwykonaniaplanuAudytuWewntrznegoGminyzbrosawicenarok2013..pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\SZBI_MPWiK2009.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\SZBI_MPWiK2009.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\zarzadzenie_28.2015_21.07.2015.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\zarzadzenie_28.2015_21.07.2015.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\zarzadzenie_nr_7_12.pdf:$CmdTcID AlternateDataStreams: C:\Users\Ruka\Documents\zarzadzenie_nr_7_12.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ruka\Documents\zgk_logo.gif:$CmdZnID ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ruka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{F386B915-95B2-4343-8ED4-C65DD5FAE6DA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A9D01540-FFE8-485E-ABD8-FFC4C2B757E1}] => (Allow) LPort=2869 FirewallRules: [{7A9376B7-7A3E-4E4D-AB8A-B32C90716DF3}] => (Allow) LPort=1900 FirewallRules: [{1824A67A-0D14-4688-8411-BA04EA91E892}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{C487EC3D-3FE5-4B4D-B357-FA8EF5A067D4}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{38D213A3-4501-451C-A350-95884CB8EB42}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe FirewallRules: [{3ACC1923-7D17-42D0-BEE2-68FBC058048F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE FirewallRules: [{C9DF8869-0098-460F-95F0-82BB13708869}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{C1908889-672F-4D0D-A3D6-4C29CD1306BB}C:\program files (x86)\kadu\kadu.exe] => (Allow) C:\program files (x86)\kadu\kadu.exe FirewallRules: [UDP Query User{84E1C757-3440-4B63-AA7E-F3871449E55B}C:\program files (x86)\kadu\kadu.exe] => (Allow) C:\program files (x86)\kadu\kadu.exe FirewallRules: [{74405AF3-0360-4739-AE8C-B482935DA719}] => (Allow) C:\Users\Ruka\AppData\Local\Temp\7zS2819.tmp\SymNRT.exe FirewallRules: [{4A6C3AF9-8B1C-4A6F-8076-AED2EA1F8B8D}] => (Allow) C:\Users\Ruka\AppData\Local\Temp\7zS2819.tmp\SymNRT.exe FirewallRules: [PotPlayer(PotPlayerMini64.exe)] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe FirewallRules: [{CFBA2C3A-7C4E-4E44-BC18-70B5D0CD0B56}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe FirewallRules: [{FA8657A5-D1FB-49BD-B97A-5C23F0049A24}] => (Allow) LPort=14 FirewallRules: [{2E08793B-91BF-4693-91DF-49FAA25EDAD9}] => (Allow) LPort=16 FirewallRules: [{D8403AD5-ADB4-416E-B167-56AB246EC169}] => (Allow) LPort=26 FirewallRules: [{E4B6E723-0EBC-4DD8-A7F9-856AC838BA7A}] => (Allow) LPort=30 FirewallRules: [{35874814-9483-4024-9E8C-3B48C1CC2B12}] => (Allow) LPort=32 FirewallRules: [{14831126-8331-46AE-A05F-9F452DD86268}] => (Allow) LPort=443 FirewallRules: [{A1A8FC30-6F1D-4AB4-A636-516381B591A2}] => (Allow) LPort=14 FirewallRules: [{1CCBF8D3-916A-4ECB-92F4-C4521B8677E8}] => (Allow) LPort=16 FirewallRules: [{B488FE25-2AC4-4EB8-B070-C8A6EDC979F9}] => (Allow) LPort=26 FirewallRules: [{FD345B0C-C89B-450E-BD1E-D318E33D264C}] => (Allow) LPort=30 FirewallRules: [{42443C1A-B7D5-46C6-9F5D-7270AD491D2A}] => (Allow) LPort=32 FirewallRules: [{B20B76D6-CACF-432E-A715-F5D7A2269D74}] => (Allow) LPort=443 FirewallRules: [{0C8C6541-49F1-4641-A74B-CD6CC6ABE15F}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{13FD6367-5E1A-49C3-9ACE-2BF40C58C759}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{C697B090-D26E-4042-9F7A-0203E955805F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{36D04DB2-74E2-4052-B7DC-E8A2E9CDDCD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3B3C4D87-9D94-4932-8852-C4A1CCF30055}] => (Allow) C:\Program Files\Nightly\firefox.exe FirewallRules: [{D80B791F-3C26-4E67-88DD-7F75B279EE2C}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{0CBA769E-0F74-429F-8CE4-A6A729A2563A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{907BB472-9156-44E4-9760-7EFF8AB51BBF}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{BDB214A1-AD08-43B8-B7DA-720B370D0D71}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{29353CF4-C68B-4588-8D54-CBD82995968F}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe FirewallRules: [{19D007B9-3203-460F-99F7-77A3266C266E}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe FirewallRules: [{7D03FA57-D33B-4A03-8F9D-9B0D1B87E0CB}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe FirewallRules: [{BA87AA69-B11E-4420-B01F-48F05956C1EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6FD87FCB-E52E-44B7-98F1-6E5AD39BE6B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5C7C78B4-7360-4672-9DDB-B64026F2C379}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{2C7CD1F9-2D55-405B-BDEE-8BC0FBE5F716}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{1928FC1B-309A-4896-BD0D-14E960C61064}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{D8C823AE-1AD1-4513-AFF0-7E8AAA048DC5}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{AA7E50A6-B209-4FA5-90F8-A6F5A5DE1CA4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{17B83097-77D6-4F30-8B97-DF5BAA643A15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{38F72373-5A30-4F04-8AB6-595D7645DFE3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8CC503AB-0D56-484F-94B3-7E0DA53460BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{88D2110F-35BA-4369-8D16-6DB9702B45DE}] => (Allow) C:\Users\Ruka\AppData\Roaming\Andy\Setup.exe FirewallRules: [{031E3B09-91DA-496B-BDF8-F8A4C5052727}] => (Allow) C:\Users\Ruka\AppData\Roaming\Andy\Setup.exe FirewallRules: [{50712D94-7C5A-4235-84E0-4B51FCB697F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Urządzenie Bluetooth (sieć osobista) Description: Urządzenie Bluetooth (sieć osobista) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Urządzenie Bluetooth (Protokół TDI RFCOMM) Description: Urządzenie Bluetooth (Protokół TDI RFCOMM) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RFCOMM Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/21/2015 07:37:12 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2015 07:24:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x0000035c,(null),0,REG_BINARY,000000000310EBB0.72). hr = 0x80070005, Odmowa dostępu. . Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000003a4,(null),0,REG_BINARY,000000000232E3C0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {96122a58-8df5-4982-88f1-599e299b64da} Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000cd4,(null),0,REG_BINARY,00000000085BE040.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nazwa modułu zapisującego: MSSearch Service Writer Identyfikator wystąpienia modułu zapisującego: {da61aeda-b548-48a4-bcdc-ace7e53241df} Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000304,(null),0,REG_BINARY,00000000033EEAD0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {afbab4a2-367d-4d15-a586-71dbb18f8485} Nazwa modułu zapisującego: Registry Writer Identyfikator wystąpienia modułu zapisującego: {08ffd8eb-1b1a-425b-99f0-45b6c79523e8} Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000a60,(null),0,REG_BINARY,000000000613DDA0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Nazwa modułu zapisującego: WMI Writer Identyfikator wystąpienia modułu zapisującego: {e5f65b3a-db88-4958-a92b-93c073de0a6d} Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000305F390.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {542da469-d3e1-473c-9f4f-7847f01fc64f} Nazwa modułu zapisującego: COM+ REGDB Writer Identyfikator wystąpienia modułu zapisującego: {6bf4952d-758f-43e5-84fa-3898468302bb} Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000340,(null),0,REG_BINARY,000000000318E7E0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {e78b284c-ddff-4ee2-86c5-f41974671451} Error: (12/21/2015 06:21:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000cd4,(null),0,REG_BINARY,00000000085BE040.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nazwa modułu zapisującego: MSSearch Service Writer Identyfikator wystąpienia modułu zapisującego: {da61aeda-b548-48a4-bcdc-ace7e53241df} Dziennik System: ============= Error: (12/21/2015 07:35:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi OpenERP Server 7.0 z powodu następującego błędu: %%2 Error: (12/21/2015 07:35:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (12/21/2015 07:35:43 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (12/21/2015 07:34:36 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (12/21/2015 07:23:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi OpenERP Server 7.0 z powodu następującego błędu: %%2 Error: (12/21/2015 07:23:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (12/21/2015 07:23:33 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (12/21/2015 07:21:29 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (12/21/2015 06:21:54 PM) (Source: sptd) (EventID: 4) (User: ) Description: Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error: (12/21/2015 05:17:00 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\System32\DRIVERS\PSKMAD.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. CodeIntegrity: =================================== Date: 2013-05-01 11:00:07.243 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: AMD A4-3305M APU with Radeon(tm) HD Graphics Procent pamięci w użyciu: 56% Całkowita pamięć fizyczna: 5611.75 MB Dostępna pamięć fizyczna: 2439.04 MB Całkowita pamięć wirtualna: 11221.7 MB Dostępna pamięć wirtualna: 7637.72 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:271 GB) (Free:146.8 GB) NTFS Drive d: (DANE) (Fixed) (Total:406.36 GB) (Free:215.05 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: A5ADEED1) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=271 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=406.4 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=21.2 GB) - (Type=27) ==================== Koniec Addition.txt ============================