Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-02-2016 Uruchomiony przez Ewa (2016-02-15 20:39:06) Uruchomiony z C:\Users\Ewa\Desktop\farbar Windows 8.1 Pro (X64) (2015-01-05 18:39:36) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1854063861-834038236-3450837710-500 - Administrator - Disabled) Ewa (S-1-5-21-1854063861-834038236-3450837710-1001 - Administrator - Enabled) => C:\Users\Ewa Gość (S-1-5-21-1854063861-834038236-3450837710-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1854063861-834038236-3450837710-1003 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5} AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1854063861-834038236-3450837710-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM-x32\...\Adobe_678cd98c8365a5647f9a2e539d120a8) (Version: 10.0 - Adobe Systems Incorporated) ASUS Xonar U3 Audio (HKLM\...\C-Media CM112 Like Sound Driver) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP) COMODO Internet Security Premium (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.) CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.) GG (HKU\S-1-5-21-1854063861-834038236-3450837710-1001\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 44.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 pl)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) Opera Stable 35.0.2066.37 (HKLM-x32\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 7.6.4.1 - Bitsum) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{67847964-08E2-4A8F-B09D-B08D5CE69250}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1854063861-834038236-3450837710-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1854063861-834038236-3450837710-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {06476EE8-1B68-4447-AA4D-F6D721FDDFF9} - System32\Tasks\{628AD8CD-9794-4136-A3EF-7C9983611D66} => pcalua.exe -a "C:\Program Files (x86)\PC Faster\5.1.0.0\Uninstall.exe" Task: {124990C3-6841-4D4D-AC7E-822DB7F7DE5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.) Task: {15F46D52-B7E6-4AD0-AC61-BAEE76C5FDCE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {2801A1AE-7B14-41A2-9138-76E6D9F6921B} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-15] (COMODO) Task: {4B070132-4F47-447B-BB1D-2AB7C882233B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {4B32FBC4-0FC1-438E-B80C-492E8A93A98C} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [2014-12-30] (Bitsum LLC) Task: {4B4D29E1-A370-46B8-92BE-F1C0279F0EAE} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-15] (COMODO) Task: {55BCD4AB-A779-4A93-A0F3-773C86B203B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation) Task: {691FA264-7A06-482A-A18C-5A3AB7F775E7} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe Task: {7E7579DB-C9CD-4AAF-B097-C059ACF75410} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {993F878B-C587-4A63-81BE-8F9D3F621759} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-10] (Piriform Ltd) Task: {99FA1022-30C1-4BBB-9715-78BC7F4E4584} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-15] (COMODO) Task: {9C44CE91-83DD-43FA-9E7A-922D1110A090} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [2014-12-30] (Bitsum LLC) Task: {A14AAF77-870D-49B9-8039-82E325C048DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated) Task: {A57D0272-582C-4AF0-944E-4A307C484E59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.) Task: {AA47D575-73F2-4237-8E26-AED3D55E371B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-15] (COMODO) Task: {BF70B1A9-F4A0-4E20-894B-96BC457F5A15} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-15] (COMODO) Task: {D6FA6BEB-C01D-489D-8151-4B0F043F6E93} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-18] (Microsoft Corporation) Task: {E590BAF4-2D03-4C22-AAFE-5536400776E1} - System32\Tasks\{1B660FD8-75CA-4387-B80E-68400371021F} => pcalua.exe -a C:\Users\Ewa\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cvs Task: {E74F852B-CB5F-4600-B645-781D46961CC5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-18] (Microsoft Corporation) Task: {EE33A9E8-63DE-4C48-94D4-B09A759F9798} - System32\Tasks\SUPERAntiSpyware Scheduled Task 8809debc-8ccc-44d4-89f6-e848a4c952ae => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2016-02-10] (SUPERAdBlocker.com) Task: {F2674ADD-7062-4273-8F66-937B6B251731} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-15] (COMODO) Task: {F55AC265-FE47-4C09-92A5-79322CE0698A} - System32\Tasks\SUPERAntiSpyware Scheduled Task 2e059c17-2b4e-4407-a537-fcd448736bcc => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2016-02-10] (SUPERAdBlocker.com) Task: {FA1FB279-36F8-47BB-A137-8414E88B6B37} - System32\Tasks\Opera scheduled Autoupdate 1444928725 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-04] (Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2e059c17-2b4e-4407-a537-fcd448736bcc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8809debc-8ccc-44d4-89f6-e848a4c952ae.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-09-21 11:43 - 2015-09-21 11:43 - 00023040 _____ () C:\Windows\System32\xrhr1aLM.DLL 2015-01-08 22:02 - 2015-01-08 22:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-08-25 17:08 - 2008-07-11 08:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe 2015-08-25 17:08 - 2008-07-11 08:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe 2015-09-16 20:34 - 2015-09-16 20:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2016-02-10 13:20 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-10 13:20 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\autoexec.bat:$CmdTcID AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\actxprxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aspnet_counters.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioEndpointBuilder.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AuthHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\authz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\BdeHdCfg.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\BdeHdCfgLib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\bdesvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\BFE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cfgbkend.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\combase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\compstui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dbgeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dbghelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dpapisrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fhcpl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fvecpl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\GdiPlus.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\GeofenceMonitorService.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\glcndFilter.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\GlobCollationHost.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\hhctrl.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\hlink.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iepeers.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\KBDAZST.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID AlternateDataStreams: C:\Windows\system32\localspl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfnetcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfnetsrc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfsvr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\microsoft-windows-system-events.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msftedit.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssph.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssphtb.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssrch.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mssvp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NcdAutoSetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ncryptsslp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\PCPKsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\PhotoMetadataHandler.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pmcsnap.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ppcsnap.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\puiobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rastapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\schtasks.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\SearchIndexer.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\SearchProtocolHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\SettingsHandlers.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SettingSync.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shacct.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SRH.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SystemEventsBrokerServer.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\SystemSettingsDatabase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\taskeng.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdc.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tquery.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\twinui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tzsync.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\UIAutomationCore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\untfs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\werdiagcontroller.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wevtsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WiFiDisplay.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Windows.Data.Pdf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Windows.Globalization.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Windows.UI.Immersive.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Windows.UI.Input.Inking.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wininit.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinSync.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinTypes.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WSShared.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUSettingsProvider.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xrhr1alm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\xrhr1ausb.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\actxprxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aspnet_counters.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\authz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cfgbkend.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\combase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dbgeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dbghelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\GdiPlus.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\GeofenceMonitorService.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\glcndFilter.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\GlobCollationHost.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\hhctrl.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\hlink.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iepeers.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KBDAZST.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfnetcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfnetsrc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfsvr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msftedit.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssph.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssrch.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mssvp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncryptsslp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PCPKsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PhotoMetadataHandler.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PrintConfig.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\puiobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rastapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rgb9rast.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\schtasks.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SearchIndexer.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SearchProtocolHost.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SettingSync.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shacct.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SRH.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\taskeng.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdc.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tquery.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\twinui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\TWUNK_32.EXE:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\UIAutomationCore.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\untfs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wincorlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\Windows.Globalization.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WinSync.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WinTypes.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WSShared.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\afd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ahcache.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\bthhfenum.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\bthpan.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\bthport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\dumpsd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\EsgScanner.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\i8042prt.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\kbdclass.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\kbdhid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mouclass.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mouhid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\sdbus.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\sermouse.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\storvsp.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tpm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tunnel.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\udfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usb8023.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbehci.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbhub.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\USBHUB3.SYS:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbohci.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbuhci.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\USBXHCI.SYS:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\wfplwfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID AlternateDataStreams: C:\Users\Ewa\Desktop\Amica AWSE, AWCE.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\10.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\28557369.pfx:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\adwcleaner.pl 5.033.exe:$CmdTcID AlternateDataStreams: C:\Users\Ewa\Downloads\adwcleaner.pl 5.033.exe:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\ai-responsive-gallery-album.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\Akcent_feat._Sandra_N_-_Amor_Gitana.mp3:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\bezpieczenstwo.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\BickhamScriptPro-Bold.otf:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\BickhamScriptPro-Regular.otf:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\BickhamScriptPro-Semibold.otf:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\columns.0.7.2.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\contact-form-7.4.3.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\dp.tar:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\Elementy_uzasadnienia_pozwu.pdf:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\IMG_20160209_192416a.jpg:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\IMG_20160209_192439.jpg:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\Letnia sesja_egzaminacyjna_2014-2015.xls:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\OutlookContacts.csv:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\Pioneer DEH-2800MP_DEH-2820MP Instrukcja obsługi PL.rar:$CmdTcID AlternateDataStreams: C:\Users\Ewa\Downloads\Pioneer DEH-2800MP_DEH-2820MP Instrukcja obsługi PL.rar:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\sh-remover.exe:$CmdTcID AlternateDataStreams: C:\Users\Ewa\Downloads\sh-remover.exe:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\tinymce-advanced.4.2.5.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\weddings.1.0.12.zip:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\wplaty.rtf:$CmdZnID AlternateDataStreams: C:\Users\Ewa\Downloads\[Devil-Torrent.pl] Dobry, zly i martwy - 4got10 (2015) [480p] [BRRip] [XviD-NOiSE] [AC3] [Lektor PL].torrent:$CmdZnID ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1854063861-834038236-3450837710-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1854063861-834038236-3450837710-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1854063861-834038236-3450837710-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run: => "SpywareTerminatorShield" HKLM\...\StartupApproved\Run: => "SpywareTerminatorUpdater" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-1854063861-834038236-3450837710-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [TCP Query User{43159DA9-DC26-4CF0-86AC-95BB38A1533A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{1CE222B5-09F6-475B-B634-531115663BF5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{61013EDD-6D5C-4EAA-9886-61F33F8F8567}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe FirewallRules: [{B8C4FB2C-250B-4A78-911E-FB94297F7388}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe FirewallRules: [{3B7ED316-3F23-43EF-9E4E-514872454BF7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D49A0B34-7F51-4B68-B4A4-D4050B47A23A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{184E3F75-D486-4200-88E5-AFED0C992EAB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{887617D8-EA43-4890-9383-204F35375153}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{B31D9BCB-B27E-40D9-AFD5-7D361BE82D48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{6EBEB13B-A13E-44A3-B5A7-0658DE946BE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{8A3804A7-9145-4579-96C1-D6CCD7A9B859}] => (Allow) C:\Users\Ewa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1767EDFE-6B56-470B-A132-C688CBD18D57}] => (Allow) C:\Users\Ewa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{DC5E4B9D-7F1B-484B-977D-99F2EB9AE96C}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{BAFB5BED-21D8-4567-B4E9-AE23F63F49DE}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [{B6669FB2-B96A-46CA-9561-154C8123377E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C5690C64-DD27-4328-8563-2953DF8DC37F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C39FA3FC-D1E3-4D27-8ED6-501CBA8C48C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{65C212C8-85EA-4918-87D3-3893B817B817}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5C483968-05CC-4F03-9C76-C60D02BD9538}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 10-02-2016 13:10:20 Windows Update 15-02-2016 16:33:27 Chrome Cleanup Tool ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/15/2016 08:15:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/15/2016 05:16:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/15/2016 05:16:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/15/2016 05:02:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/15/2016 05:02:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/15/2016 04:49:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/15/2016 04:45:53 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Error: (02/15/2016 04:45:51 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Error: (02/15/2016 04:45:51 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Error: (02/15/2016 04:35:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007007B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Dziennik System: ============= Error: (02/15/2016 05:15:37 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: Domyślny menedżer zasobów transakcji w woluminie D: napotkał błąd niepowtarzający operacji i nie można go uruchomić. Dane zawierają kod błędu. Error: (02/15/2016 05:05:57 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ANIOLEK) Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1854063861-834038236-3450837710-1001-0-ntuser.dat Error: (02/15/2016 05:05:47 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ANIOLEK) Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1854063861-834038236-3450837710-1001-0-ntuser.dat Error: (02/15/2016 05:02:14 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: Domyślny menedżer zasobów transakcji w woluminie D: napotkał błąd niepowtarzający operacji i nie można go uruchomić. Dane zawierają kod błędu. Error: (02/15/2016 05:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/15/2016 05:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/15/2016 05:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/15/2016 05:01:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/15/2016 05:01:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Genuine Software Integrity Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/15/2016 05:01:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa SAS Core Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2016-02-15 20:38:13.977 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 18:04:26.478 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 17:46:43.085 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 17:38:41.009 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 17:27:01.822 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 17:04:16.336 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 16:59:04.753 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 16:48:14.506 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 16:35:03.914 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 15:40:48.003 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 8079.35 MB Dostępna pamięć fizyczna: 4785.46 MB Całkowita pamięć wirtualna: 10383.35 MB Dostępna pamięć wirtualna: 5935.47 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:118.9 GB) (Free:12.41 GB) NTFS Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive g: () (Removable) (Total:7.55 GB) (Free:0.71 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 4BAF192E) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.6 GB) (Disk ID: 00094578) Partition 1: (Active) - (Size=7.6 GB) - (Type=0B) ==================== Koniec Addition.txt ============================