﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by rudko (2016-02-06 12:43:34)
Running from C:\Users\rudko\Downloads
Windows 8 (X64) (2015-12-11 18:07:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1257350687-3386488838-3372126341-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1257350687-3386488838-3372126341-501 - Limited - Disabled)
rudko (S-1-5-21-1257350687-3386488838-3372126341-1002 - Administrator - Enabled) => C:\Users\rudko
UpdatusUser (S-1-5-21-1257350687-3386488838-3372126341-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.50 - Conexant)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.5 - Lenovo)
Energy Management (x32 Version: 8.0.2.5 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4300 - Broadcom Corporation)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.10.2 - ELAN Microelectronic Corp.)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
Malwarebytes Anti-Malware verzia 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1257350687-3386488838-3372126341-1002\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 sk) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 sk)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA Grafický ovládač 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
WinRAR 5.30 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00CE9ECD-129E-40A5-9268-059A87F8BED1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-01-17] (Microsoft Corporation)
Task: {036BFC94-0B56-4CF7-B1B1-6D5488394F44} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {17F78BA2-081B-4EFD-895B-498FEA3C5A95} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-31] (Microsoft Corporation)
Task: {3AAF82FF-AE80-4665-B775-DB162402E459} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {4144396A-15AE-4F85-8B1C-090FFE62699E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {544BC8CE-53C8-4EE6-925B-BFE7FB120ADE} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {851B74EE-0361-4FC2-8CE5-C12B9D928869} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {886938D2-3C68-4F69-B3FE-DC6ADC5B684C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-01-19] (Microsoft Corporation)
Task: {9B91BEB9-2FAD-4BEC-869B-9DAD2F6931E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9EFBD917-A6CB-4FF3-AF8D-A1B4AD1BE4C4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {9F1578F2-3470-4928-BC4F-310518E1E9D8} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A4725A20-B3B4-4959-AFC1-875595565C72} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {CC86D078-C0D8-42C2-A547-BBFA6ABBB7AE} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {CE7A412E-F0C8-4FCF-96C4-785F5A1D158D} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {DF00303A-C229-454F-9DE1-D03376B9534A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-31] (Microsoft Corporation)
Task: {DFF0D226-3884-4342-9677-018C69738ECD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-11-16 00:51 - 2012-11-16 00:51 - 00048920 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2015-12-17 19:05 - 2016-01-17 14:46 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2013-02-13 20:48 - 2013-10-29 00:38 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-13 20:42 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\windows\explorer.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\adhapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\adhsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\apprepapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\apprepsync.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AppXDeploymentExtensions.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AppXDeploymentServer.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\aspnet_counters.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioEndpointBuilder.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AuthHost.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\AutoUpdate.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\BCP47Langs.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\bcryptprimitives.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\bisrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\biwinrt.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\catsrvut.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\cdd.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\clusapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\COLORCNV.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\comsvcs.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\cryptcatsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Defrag.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\defragsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\devenum.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\DevicePairing.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\DeviceSetupManager.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\dimsroam.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\dpapisrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\FXSAPI.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\FXSCOMEX.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\FXST30.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\FXSTIFF.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\gfxSrvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\GfxUI.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\hccutils.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\hkcmd.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\httpprxm.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\httpprxp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\IccLibDll_x64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ig4icd64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igd10umd64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igdde64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igdumd64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfx11cmrt64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxcmjit64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxcmrt64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxCoIn_v4229.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxcpl.cpl:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxdev.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\IGFXDEVLib.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxdo.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxexps.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxpers.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxpph.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrara.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrchs.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrcht.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrcsy.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrdan.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrdeu.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrell.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrenu.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxresn.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxress.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrfin.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrfra.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrheb.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrhrv.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrhun.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrita.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrjpn.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrkor.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrnld.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrnor.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrplk.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrptb.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrptg.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrrom.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrrus.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrsky.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrslv.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrsve.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrtha.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxrtrk.lrc:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxsrvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxsrvc.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxTMM.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\igfxtray.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\iglhcp64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\iglhsip64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\imagehlp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\inetcomm.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\windows\system32\inetpp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\intl.cpl:$CmdTcID
AlternateDataStreams: C:\windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\iphlpsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\KBDRUM.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\keepaliveprovider.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ksproxy.ax:$CmdTcID
AlternateDataStreams: C:\windows\system32\localspl.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\lsm.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Magnify.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\MbaeParserTask.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfasfsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfcore.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfnetcore.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfnetsrc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfsvr.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mfvdsp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\MFWMAAEC.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\mmc.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\MP3DMOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\MP43DECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\MP4SDECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\MPG4DECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mscms.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msdrm.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msmpeg2adec.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\MSMPEG2ENC.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\msmpeg2vdec.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msvcp120_clr0400.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\muifontsetup.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ncbservice.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ncryptsslp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\netplwiz.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\netprofm.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\netprofmsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\NotificationUI.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\nvdispco64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nvdispco6432762.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nvdispgenco64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nvdispgenco6432762.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\objsel.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\osk.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\psmsrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\qasf.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\qedit.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\rastls.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\RESAMPLEDMO.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\resutils.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\rpchttp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\samlib.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\samsrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\schedsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\SET4AEA.tmp:$CmdTcID
AlternateDataStreams: C:\windows\system32\SET563E.tmp:$CmdTcID
AlternateDataStreams: C:\windows\system32\setupapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\setupcln.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\SHCore.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sppc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sppobjs.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sppsvc.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\sppwinob.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\stobject.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\storagewmi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\storewuauth.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\synceng.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\UIAutomationCore.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\usercpl.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\vds.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\vdsutil.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\VIDRESZR.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\wcmcsp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wcmsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wevtsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wiaacmgr.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\win32spl.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Windows.ApplicationModel.Store.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Windows.Media.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\winlogon.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\winmde.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wlidsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMADMOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMADMOE.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMALFXGFXDSP.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wmpmde.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMSPDMOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMSPDMOE.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMVDECOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMVENCOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMVSDECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMVSENCD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\WMVXENCD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\system32\workerdd.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WpdMtp.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WpdMtpUS.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WSClient.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WSDApi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WSDMon.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WsmSvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WsmWmiPl.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WSService.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WSShared.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WSSync.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wuaext.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wusa.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\WUSettingsProvider.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\XpsGdiConverter.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\apprepapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\apprepsync.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\aspnet_counters.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\BCP47Langs.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\bcryptprimitives.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\biwinrt.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\catsrvut.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\clusapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\COLORCNV.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\comsvcs.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\devenum.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\DevicePairing.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\dimsroam.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\explorer.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ff_vfw.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FXSAPI.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FXSCOMEX.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ig4icd32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igd10umd32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igdde32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igdumd32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igfx11cmrt32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igfxcmjit32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igfxcmrt32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igfxdv32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\igfxexps32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\iglhcp32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\iglhsip32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\imagehlp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\inetcomm.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\intl.cpl:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\KBDRUM.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ksproxy.ax:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\Magnify.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfasfsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfcore.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfnetcore.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfnetsrc.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfsvr.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mfvdsp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mmc.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\MP3DMOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\MP43DECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\MP4SDECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\MPG4DECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mscms.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msdrm.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msmpeg2adec.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msvcp120_clr0400.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\muifontsetup.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ncryptsslp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\netplwiz.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\netprofm.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\npmproxy.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\objsel.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\OEMLicense.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\osk.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\qasf.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\qedit.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\rastls.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\resutils.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\rpchttp.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\samlib.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\setupapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\setupcln.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\SHCore.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\sppc.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\stobject.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\storagewmi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\synceng.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\TWUNK_32.EXE:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\UIAutomationCore.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\usercpl.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\VIDRESZR.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wiaacmgr.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\Windows.Media.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\winmde.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMADMOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMADMOE.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMVDECOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMVENCOD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMVSDECD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMVSENCD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WMVXENCD.DLL:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WSClient.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WSDApi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WsmSvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WsmWmiPl.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WSShared.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WSSync.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wusa.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\XpsGdiConverter.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\BthAvrcpTg.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\Classpnp.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\crashdmp.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\dam.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\dfsc.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\drmk.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\dxgkrnl.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\fvevol.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\igdkmd64.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\msgpiowin32.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\msiscsi.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ndis.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ntfs.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\partmgr.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\rdbss.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\spaceport.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\storport.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\tcpip.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\tpm.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\vhdmp.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\volsnap.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\WdBoot.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\WdFilter.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\winusb.sys:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\06.-KOMAJOTA---Rano-v-novinach.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\06.-KOMAJOTA---Rano-v-novinach.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\202_eric_saade-popular-lzy.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\202_eric_saade-popular-lzy.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\Adele-Sweetest-devotion.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\Adele-Sweetest-devotion.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\Alex-C.-Feat.-Yasmin-K--Amigos-Forever.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\Alex-C.-Feat.-Yasmin-K--Amigos-Forever.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\ansoticca.rar:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\ansoticca.rar:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\Black-Box---I-Dont-Know-Anybody-Else.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\Black-Box---I-Dont-Know-Anybody-Else.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\Black-Box---Ride-On-Time.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\Black-Box---Ride-On-Time.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\lucie-bílá---most-přes-minulost.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\lucie-bílá---most-přes-minulost.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Desktop\V_ra-Špinarová---Jednoho-dne-se-vrátíš.mp3:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Desktop\V_ra-Špinarová---Jednoho-dne-se-vrátíš.mp3:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\2013---Tarja---Victim-Of-Ritual-[EP].zip:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\2013---Tarja---Victim-Of-Ritual-[EP].zip:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\Adele---25-(full-album).rar:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\Adele---25-(full-album).rar:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\Adobe-photoshop-CS3.zip:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\Adobe-photoshop-CS3.zip:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\Adobe.Reader.v11.0.00.SK.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\Adobe.Reader.v11.0.00.SK.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\esetsmartinstaller_sky.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\esetsmartinstaller_sky.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4532_20140717_clsid(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4532_20140717_clsid(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4532_20140717_clsid(2).exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4532_20140717_clsid(2).exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4532_20140717_clsid.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4532_20140717_clsid.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4533_20140929_clsid_x64.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\ffdshow_rev4533_20140929_clsid_x64.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\GoogleEarthSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\GoogleEarthSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\ICE-2.0.3-for-64-bit-Windows.msi:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\ICE-2.0.3-for-64-bit-Windows.msi:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\mbam-setup-2.2.0.1024.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\mbam-setup-2.2.0.1024.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\MPC-HC.1.7.10.x64.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\MPC-HC.1.7.10.x64.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\Setup.X86.sk-SK_O365HomePremRetail_42e96a64-14c5-49ab-8fee-17c6c4679ed8_TX_DB_.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\Setup.X86.sk-SK_O365HomePremRetail_42e96a64-14c5-49ab-8fee-17c6c4679ed8_TX_DB_.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\vcredist_arm.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\vcredist_arm.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\vcredist_x64.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\vcredist_x64.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\vcredist_x86.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\vcredist_x86.exe:$CmdZnID
AlternateDataStreams: C:\Users\rudko\Downloads\wrx530sk.exe:$CmdTcID
AlternateDataStreams: C:\Users\rudko\Downloads\wrx530sk.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1257350687-3386488838-3372126341-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKU\S-1-5-21-1257350687-3386488838-3372126341-1002\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0FA8929A-D2E8-4A72-8132-86AD884A3E6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF20AC8A-BB57-4C03-AFB1-EC2FE136F4D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{413DD4B8-77D6-4D56-AA1B-C40F5A77E17F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4FDF7419-3920-4B68-BE5D-9E7DBDBC3828}] => (Allow) C:\Users\rudko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{14FD4DE3-BDCA-4D15-BAC8-76A802F42700}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3D464C4-CF71-4493-A6E0-6610D3DA0E04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51894A5D-4640-4B25-9182-C8928DAF4187}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7B44845C-2AC4-4476-A4DE-083DEDB010F4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

==================== Restore Points =========================

04-02-2016 17:27:29 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
04-02-2016 17:28:29 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
05-02-2016 17:48:50 Removed COMODO Firewall

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2016 09:19:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/06/2016 09:19:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/06/2016 09:16:16 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (02/06/2016 09:01:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/06/2016 09:01:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/05/2016 11:57:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/05/2016 11:57:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/05/2016 10:31:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.

Error: (02/05/2016 09:29:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/05/2016 07:23:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CxAudMsg64.exe, verzia: 1.6.0.0, časová značka: 0x4fd1c0c1
Názov chybujúceho modulu: ntdll.dll, verzia: 6.2.9200.17581, časová značka: 0x5644f0f7
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000e9d19
Identifikácia chybujúceho procesu: 0x70c
Čas spustenia chybujúcej aplikácie: 0xCxAudMsg64.exe0
Cesta chybujúcej aplikácie: CxAudMsg64.exe1
Cesta chybujúceho modulu: CxAudMsg64.exe2
Identifikácia hlásenia: CxAudMsg64.exe3
Celé meno chybujúceho balíka: CxAudMsg64.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: CxAudMsg64.exe5


System errors:
=============
Error: (02/05/2016 07:23:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (02/05/2016 06:57:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80070103: NVIDIA driver update for NVIDIA GeForce GT 635M.

Error: (02/05/2016 06:31:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80070103: NVIDIA driver update for NVIDIA GeForce GT 635M.

Error: (02/05/2016 05:14:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\rudko\AppData\Local\Temp\ehdrv.sys

Error: (02/05/2016 05:14:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe: 
%%1275

Error: (02/05/2016 05:14:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\rudko\AppData\Local\Temp\ehdrv.sys

Error: (02/05/2016 05:14:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe: 
%%1275

Error: (02/05/2016 05:14:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe: 
%%1275

Error: (02/05/2016 05:14:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\rudko\AppData\Local\Temp\ehdrv.sys

Error: (02/05/2016 04:51:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800f020b: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device.


CodeIntegrity:
===================================
  Date: 2016-02-05 17:14:32.317
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 16:43:11.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 15:53:55.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 15:06:49.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 15:01:09.477
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 14:07:21.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 13:39:46.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 13:30:18.588
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 13:09:46.324
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-05 12:29:00.172
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz
Percentage of memory in use: 68%
Total physical RAM: 3959.77 MB
Available physical RAM: 1262.93 MB
Total Virtual: 5687.77 MB
Available Virtual: 2812.02 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.84 GB) (Free:836.94 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:14.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4903B21D)

Partition: GPT.

==================== End of Addition.txt ============================