Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015 Ran by Adam at 2015-06-26 20:14:55 Running from C:\Users\Adam\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Adam (S-1-5-21-2842551710-1779578012-3124842271-1000 - Administrator - Enabled) => C:\Users\Adam Administrator (S-1-5-21-2842551710-1779578012-3124842271-500 - Administrator - Disabled) Guest (S-1-5-21-2842551710-1779578012-3124842271-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.380 - AVG) AVG PC TuneUp 2014 (pl-PL) (x32 Version: 14.0.1001.380 - AVG) Hidden AVG PC TuneUp 2014 (x32 Version: 14.0.1001.380 - AVG) Hidden COMODO Internet Security Premium (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 38.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.2 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 pl)) (Version: 31.2.0 - Mozilla) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software) Radio Canyon (HKLM-x32\...\Radio Canyon) (Version: 1.35.9.29 - Radio Canyon) <==== ATTENTION! Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 11-06-2015 03:00:22 Windows Update 21-06-2015 19:11:54 Scheduled Checkpoint ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0525CBFE-0670-48F0-ADE0-94734D97F55A} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-1 => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION Task: {0E87F5FE-3447-47E9-9C07-73A12B403A57} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-03-22] (AVG) Task: {1D01A273-B209-425D-8224-875024C71F2C} - System32\Tasks\mega_shop_helper_service => C:\Program Files (x86)\Mega Shop\mega_shop_helper_service.exe [2015-05-29] () Task: {241FB934-320A-4A99-B22F-9F9629F1C697} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-16] (globalUpdate) <==== ATTENTION Task: {24669B2D-8E0C-4D06-86C2-47A8D803C76D} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-18] (COMODO) Task: {3E8443DD-DB0B-41D2-B155-68C084C42083} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-18] (COMODO) Task: {4B6064C0-2377-4828-8ED0-168FFAB01C90} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-2 => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-2.exe <==== ATTENTION Task: {53770E2F-4060-40E0-B422-D30AF1AD59B6} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-5 => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-5.exe <==== ATTENTION Task: {577A17B3-BEC3-411B-B90A-0FC8DA2705DC} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-4 => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-4.exe <==== ATTENTION Task: {5B8A71E7-4686-4739-9142-1E8097618D24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated) Task: {71546FA9-A9F5-4505-BBD9-7ECE9C0C69CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-30] (Google Inc.) Task: {79AB47EF-70DE-4DBD-83E5-4E1772487A1A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {7ABEAE47-3065-4270-8264-7E420BC24D1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-30] (Google Inc.) Task: {89A48B0C-EBAE-480E-92B7-11472FDEA4E2} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-11 => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-11.exe <==== ATTENTION Task: {8A2C9C67-8343-472B-94D9-61E2D795F95B} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-16] (globalUpdate) <==== ATTENTION Task: {97DB3345-248B-4BEF-9B57-B71986D3F541} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-27] (Microsoft Corporation) Task: {992692C0-AA80-4427-9F7A-5B245F7AAEFC} - System32\Tasks\summer_games_notification_service => C:\Program Files (x86)\summer games\summer_games_notification_service.exe <==== ATTENTION Task: {AB371284-BDA3-4581-95E1-14CB09BDCFFE} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-6 => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-6.exe <==== ATTENTION Task: {CA755DA5-9663-4F79-B7BB-130275BA85A1} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-7 => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-7.exe <==== ATTENTION Task: {CC25100C-CCA1-4750-9EDA-B6A504EECC25} - System32\Tasks\summer_games_updating_service => C:\Program Files (x86)\summer games\summer_games_updating_service.exe <==== ATTENTION Task: {D78F3B96-E706-4955-9A40-3B81BFC93AE2} - System32\Tasks\Opera scheduled Autoupdate 1413476800 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software) Task: {E0594511-3200-41A8-9CC7-B87B8139246F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-18] (COMODO) Task: {F47267E0-6028-4585-93A5-37CD01101483} - System32\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-5_user => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-5.exe <==== ATTENTION Task: {F48BDA68-D73B-4D25-A4EF-008FFEBE8A3F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-18] (COMODO) Task: {F88A1B47-4925-45BF-8FAE-5BC95C78C2DE} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-18] (COMODO) Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-1.job => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-11.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-11.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-2.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-2.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-4.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-4.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-5.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-5.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-5_user.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-5.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-6.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-6.exe <==== ATTENTION Task: C:\Windows\Tasks\938419c4-1f97-4354-b67b-15660575ebdb-7.job => C:\Program Files (x86)\Radio Canyon\938419c4-1f97-4354-b67b-15660575ebdb-7.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\mega_shop_helper_service.job => C:\Program Files (x86)\Mega Shop\mega_shop_helper_service.exe Task: C:\Windows\Tasks\summer_games_notification_service.job => C:\Program Files (x86)\summer games\summer_games_notification_service.exeč/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='summer games' /appid='73143' /srcid='2913' /bic='6cfdb1f8d65d52b4fb07dd12e4db3dbe' /verifier='6226c1b668116e9f84a7ac3d1c582728' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION Task: C:\Windows\Tasks\summer_games_updating_service.job => C:\Program Files (x86)\summer games\summer_games_updating_service.exe­ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=summer_games_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-04-09 16:13 - 2015-04-09 16:14 - 00029184 _____ () C:\Windows\System32\usp02l.dll 2015-04-09 16:15 - 2015-04-09 16:13 - 00118576 _____ () C:\Windows\SysWOW64\SecUPDUtilSvc.exe 2015-05-29 19:25 - 2015-05-29 19:25 - 00191696 _____ () C:\Program Files (x86)\Mega Shop\mega_shop_helper_service.exe 2014-03-22 22:09 - 2014-03-22 22:09 - 00675640 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2013-04-15 18:39 - 2013-04-15 18:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-06-24 18:06 - 2015-06-24 18:06 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll 2014-03-22 22:05 - 2014-03-22 22:05 - 00611128 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUKernel.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00152888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUBasic.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00819512 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\MainControls.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00066360 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUTransl.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00161080 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\PerlRegEx.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00210744 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\XMLComponents.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00449848 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\GR32_D6.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00129336 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\SchedAgent_2007.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00335672 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUCompression.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00307000 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\DEC.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00493368 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\Html.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00307000 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\ntrtl60.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00324408 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\AppInitialization.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00033080 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUBase.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00213816 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\ProgramRating.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00425784 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\VisControls.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 01145144 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxBarD12.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00044856 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxCoreD12.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00016184 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxComnD12.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00055608 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxThemeD12.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00852280 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\cxLibraryD12.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00069944 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxGDIPlusD12.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00067896 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\SysControls.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00143672 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUIcoEngineerDirTree.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00076600 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUShell.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00154424 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\cefcomponent.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00469816 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\SysInfo.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00656184 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\MSI_D6.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00106808 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUShredder.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00631096 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDiskCleanerClass.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00091960 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUApps.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00042808 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TURar.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00489272 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\Traces.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00082744 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUOperaClass.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00047928 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUApplications.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00042808 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUSafariClass.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00140088 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\CommonForms.bpl 2014-03-22 22:06 - 2014-03-22 22:06 - 00608568 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\VirtualTreesR.bpl 2014-03-22 22:05 - 2014-03-22 22:05 - 00065848 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUIECacheClass.bpl ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\TotalUninstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\usp02ci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\usp02ci.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\usp02l.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\SecUPDUtilSvc.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadbus.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadcm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadcmnt.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadmdfl.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadmdm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadwh.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ssadwhnt.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\Users\Adam\Desktop\2161.jpg:$CmdZnID AlternateDataStreams: C:\Users\Adam\Desktop\KWESTIONARIUSZ_OSOBOWY.doc:$CmdZnID AlternateDataStreams: C:\Users\Adam\Downloads\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adam\Downloads\FRST64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adam\Downloads\SamsungUniversalPrintDriver2.exe:$CmdZnID AlternateDataStreams: C:\Users\Adam\Downloads\SPTDinst-v187-x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adam\Downloads\SPTDinst-v187-x64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adam\Downloads\wiking_pl_setup_8_6_0_1x(1).zip:$CmdTcID AlternateDataStreams: C:\Users\Adam\Downloads\wiking_pl_setup_8_6_0_1x(1).zip:$CmdZnID AlternateDataStreams: C:\Users\Adam\Downloads\wiking_pl_setup_8_6_0_1x.zip:$CmdTcID AlternateDataStreams: C:\Users\Adam\Downloads\wiking_pl_setup_8_6_0_1x.zip:$CmdZnID ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2842551710-1779578012-3124842271-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 193.192.63.254 - 193.192.63.100 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C7236E88-E78D-4868-A86F-88EB263FB02C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{78FD724A-3963-4C20-8945-FBF2FF9EEB5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CEC6B8C0-2877-4AF1-88FD-3993E3F13820}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe FirewallRules: [{A06A94D8-E8A6-4760-80B5-EB44A8413BAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/25/2015 00:03:54 PM) (Source: globalUpdate Update) (EventID: 1) (User: NT AUTHORITY) Description: globalUpdate Update has encountered a fatal error. ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\globalUpdate\CrashReports\48e190a6-7f05-4831-ae58-b7a65a31a9d3.dmp Error: (05/29/2015 07:25:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0x79c Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (05/08/2015 11:11:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0x6a0 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (05/04/2015 05:21:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0x2a4 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (04/29/2015 09:55:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: GoogleUpdate.exe, wersja: 1.3.25.0, sygnatura czasowa: 0x53592941 Nazwa modułu powodującego błąd: urlmon.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x55024876 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x7738e160 Identyfikator procesu powodującego błąd: 0x158c Godzina uruchomienia aplikacji powodującej błąd: 0xGoogleUpdate.exe0 Ścieżka aplikacji powodującej błąd: GoogleUpdate.exe1 Ścieżka modułu powodującego błąd: GoogleUpdate.exe2 Identyfikator raportu: GoogleUpdate.exe3 Error: (04/26/2015 09:02:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0xbf8 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (04/13/2015 05:38:00 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Access is denied. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {0f31b34b-7687-4b01-9f81-0ac3d798e156} Error: (04/11/2015 05:03:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program OneClick.exe w wersji 14.0.1001.380 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 12f0 Godzina rozpoczęcia: 01d0743ea6372f4b Godzina zakończenia: 329 Ścieżka aplikacji: C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe Identyfikator raportu: eb950d3c-e05b-11e4-968b-20cf301c80cb Error: (04/07/2015 10:00:32 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x81000101). Error: (04/01/2015 06:44:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 36.0.4.5557, sygnatura czasowa: 0x550d0883 Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 36.0.4.5557, sygnatura czasowa: 0x550cfa82 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001e02 Identyfikator procesu powodującego błąd: 0x734 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 System errors: ============= Error: (06/25/2015 00:03:11 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053globalUpdate/comsvc{577975B8-C40E-43E6-B0DE-4C6B44088B52} Error: (06/25/2015 00:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi globalUpdate Update Service (globalUpdate) z powodu następującego błędu: %%1053 Error: (06/25/2015 00:03:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą globalUpdate Update Service (globalUpdate). Error: (06/15/2015 01:15:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa COMODO Internet Security Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/07/2015 06:39:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (05/19/2015 11:38:57 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Windows Modules Installer nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (05/19/2015 10:20:52 AM) (Source: Tcpip) (EventID: 4199) (User: ) Description: System wykrył konflikt adresów między adresem IP 192.168.1.3 a komputerem o sieciowym adresie sprzętowym 78-92-9C-2C-42-6A. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Error: (05/18/2015 02:23:05 PM) (Source: NetBT) (EventID: 4307) (User: ) Description: Zainicjowanie nie powiodło się, ponieważ transport odmówił otwarcia adresów początkowych. Error: (05/14/2015 09:23:56 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:13:29 na ‎2015-‎05-‎14 było nieoczekiwane. Error: (05/14/2015 08:58:08 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED} Microsoft Office: ========================= Error: (06/25/2015 00:03:54 PM) (Source: globalUpdate Update) (EventID: 1) (User: NT AUTHORITY) Description: globalUpdate Update has encountered a fatal error. ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\globalUpdate\CrashReports\48e190a6-7f05-4831-ae58-b7a65a31a9d3.dmp Error: (05/29/2015 07:25:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa179c01d093fd1e96f79cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllad1274b2-0627-11e5-9289-20cf301c80cb Error: (05/08/2015 11:11:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa16a001d08981705e8ca9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlld1d917fc-f5c6-11e4-b414-20cf301c80cb Error: (05/04/2015 05:21:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa12a401d0867de3af43b2C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll467b7508-f271-11e4-b4fa-20cf301c80cb Error: (04/29/2015 09:55:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: GoogleUpdate.exe1.3.25.053592941urlmon.dll_unloaded0.0.0.055024876c00000057738e160158c01d08251a1f0858cC:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exeurlmon.dll1037b376-ee45-11e4-92ac-20cf301c80cb Error: (04/26/2015 09:02:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1bf801d07eaaeff60ce9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc20efdd5-ec46-11e4-92ac-20cf301c80cb Error: (04/13/2015 05:38:00 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {0f31b34b-7687-4b01-9f81-0ac3d798e156} Error: (04/11/2015 05:03:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: OneClick.exe14.0.1001.38012f001d0743ea6372f4b329C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exeeb950d3c-e05b-11e4-968b-20cf301c80cb Error: (04/07/2015 10:00:32 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101 Error: (04/01/2015 06:44:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e0273401d06c6cd6d1ea2cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll52c8f93c-d88e-11e4-be36-20cf301c80cb ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz Percentage of memory in use: 93% Total physical RAM: 2013.09 MB Available physical RAM: 137.84 MB Total Pagefile: 4026.17 MB Available Pagefile: 1186.27 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:93.96 GB) (Free:63.16 GB) NTFS Drive d: () (Fixed) (Total:204.03 GB) (Free:183.62 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E0C5913D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=94 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended) ==================== End of log ============================