Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:15-09-2015
Uruchomiony przez Ida (2015-09-21 21:30:19)
Uruchomiony z C:\FRST
Windows 7 Professional Service Pack 1 (X64) (2014-11-07 11:08:27)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2289620988-2461808163-2922196830-500 - Administrator - Disabled)
Gość (S-1-5-21-2289620988-2461808163-2922196830-501 - Limited - Disabled)
Ida (S-1-5-21-2289620988-2461808163-2922196830-1000 - Administrator - Enabled) => C:\Users\Ida

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Accelerometer (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 1.06.08.53 - STMicroelectronics)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
COMODO Internet Security Premium (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
doPDF (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
English Explorer New (HKU\S-1-5-21-2289620988-2461808163-2922196830-1000\...\English Explorer New) (Version:  - )
ePanel Pearson 1.1.2409.1140 (HKLM\...\{22CC3FB5-8E58-41FA-B8A4-01B945A6117A}_is1) (Version: 1.1.2409.1140 - Pearson Central Europe)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
GG (HKU\S-1-5-21-2289620988-2461808163-2922196830-1000\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Deskjet 2050 J510 series — podstawowe oprogramowanie urządzenia (HKLM\...\{64484376-A316-4328-84F8-DA98F4150A41}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
ipla 2.8.4 (HKLM-x32\...\ipla) (Version: 2.8.4 - Redefine Sp z o.o.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Codec Pack 10.4.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.002.08.03.54 - Huawei Technologies Co.,Ltd)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 pl)) (Version: 38.2.0 - Mozilla)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
OpenFM (HKU\S-1-5-21-2289620988-2461808163-2922196830-1000\...\OpenFM) (Version: 2 - GG Network S.A.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Treetops 3 iTools (HKLM-x32\...\Treetops 3 iTools 1.0) (Version: 1.0 - Oxford University Press)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2289620988-2461808163-2922196830-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2289620988-2461808163-2922196830-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Ida\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Punkty Przywracania systemu =========================

UWAGA: Przywracanie systemu jest wyłączone

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0C7FF6F1-3DC9-47B2-AB56-B504664965A1} - System32\Tasks\{ADE3C98E-AFED-4CC4-8043-A1A00A7527FF} => Iexplore.exe http://ui.skype.com/ui/0/6.22.81.105/pl/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {174AF29E-9423-49D9-B043-AFA595CA0A4E} - System32\Tasks\{A480B0F0-3B1F-413D-98B6-A13A53144B2E} => pcalua.exe -a "C:\Users\Ida\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NS7A1046\JavaSetup8u25[1].exe" -d C:\Users\Ida\Desktop
Task: {1942F2D4-1911-4742-8756-2CF61766B4CA} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-06-08] (COMODO)
Task: {1DF257EB-F764-402E-A4E1-FBB287050543} - System32\Tasks\{D5AC4730-C66F-4051-B0CA-C92E2FDEE7F0} => Iexplore.exe http://ui.skype.com/ui/0/6.22.81.105/pl/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {485DB36C-325D-4529-84B6-511D64DD122D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-08] (COMODO)
Task: {51E35FB3-8759-47C1-ADD5-547102DC4362} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-08] (COMODO)
Task: {58DC6CCB-D959-4251-AAB3-EE2CC8E80EE4} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-08] (COMODO)
Task: {6B703D45-1D83-4E88-B5EA-6D6664CAAEE7} - System32\Tasks\SUPatchForW10Up => %programdata%\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe
Task: {7BD7E1AD-4D2E-4BCF-B5EB-ADB006794505} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-08] (COMODO)
Task: {9B184977-2762-4382-8A80-FE52E4F674DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AD2A3EFC-9AF6-4D72-BC4C-ADD033CB49B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B85F13A5-7492-47C7-BAF5-6502FE0BE952} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C73553DB-30D3-42E2-86DB-923B28819371} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {D4A93690-580E-4BA9-947A-59229911DF0A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DE591F4C-EE0B-47CF-8FBF-DAE9B6366B54} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe
Task: {E41BE086-8460-4A89-AF8C-44FA18311280} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F2366206-E038-4F89-ABC3-789559FB2507} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== UWAGA

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Załadowane moduły (filtrowane) ==============

2011-03-14 17:27 - 2015-03-07 12:04 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-11-08 13:57 - 2010-12-17 14:18 - 00060928 _____ () C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
2014-11-21 21:06 - 2014-11-21 21:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00032032 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00026912 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll
2015-09-16 21:52 - 2015-09-16 21:52 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-04-15 19:39 - 2015-01-09 00:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-09-16 21:52 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-21 18:58 - 2015-09-21 18:58 - 00098816 _____ () C:\TMP\_MEI23323\win32api.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00110080 _____ () C:\TMP\_MEI23323\pywintypes27.dll
2015-09-21 18:58 - 2015-09-21 18:58 - 00364544 _____ () C:\TMP\_MEI23323\pythoncom27.dll
2015-09-21 18:58 - 2015-09-21 18:58 - 00045568 _____ () C:\TMP\_MEI23323\_socket.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 01161216 _____ () C:\TMP\_MEI23323\_ssl.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00320512 _____ () C:\TMP\_MEI23323\win32com.shell.shell.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00713216 _____ () C:\TMP\_MEI23323\_hashlib.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 01176576 _____ () C:\TMP\_MEI23323\wx._core_.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00806400 _____ () C:\TMP\_MEI23323\wx._gdi_.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00816128 _____ () C:\TMP\_MEI23323\wx._windows_.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 01067008 _____ () C:\TMP\_MEI23323\wx._controls_.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00733184 _____ () C:\TMP\_MEI23323\wx._misc_.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00682496 _____ () C:\TMP\_MEI23323\pysqlite2._sqlite.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00087552 _____ () C:\TMP\_MEI23323\_ctypes.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00119808 _____ () C:\TMP\_MEI23323\win32file.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00108544 _____ () C:\TMP\_MEI23323\win32security.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00007168 _____ () C:\TMP\_MEI23323\hashobjs_ext.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00068096 _____ () C:\TMP\_MEI23323\usb_ext.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00167936 _____ () C:\TMP\_MEI23323\win32gui.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00018432 _____ () C:\TMP\_MEI23323\win32event.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00128512 _____ () C:\TMP\_MEI23323\_elementtree.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00127488 _____ () C:\TMP\_MEI23323\pyexpat.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00013824 _____ () C:\TMP\_MEI23323\common.time34.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00036864 _____ () C:\TMP\_MEI23323\_psutil_windows.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00038912 _____ () C:\TMP\_MEI23323\win32inet.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00011264 _____ () C:\TMP\_MEI23323\win32crypt.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00077312 _____ () C:\TMP\_MEI23323\wx._html2.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00027136 _____ () C:\TMP\_MEI23323\_multiprocessing.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00020480 _____ () C:\TMP\_MEI23323\_yappi.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00035840 _____ () C:\TMP\_MEI23323\win32process.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00686080 _____ () C:\TMP\_MEI23323\unicodedata.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00123392 _____ () C:\TMP\_MEI23323\wx._wizard.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00024064 _____ () C:\TMP\_MEI23323\win32pipe.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00010240 _____ () C:\TMP\_MEI23323\select.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00025600 _____ () C:\TMP\_MEI23323\win32pdh.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00525640 _____ () C:\TMP\_MEI23323\windows._lib_cacheinvalidation.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00017408 _____ () C:\TMP\_MEI23323\win32profile.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00022528 _____ () C:\TMP\_MEI23323\win32ts.pyd
2015-09-21 18:58 - 2015-09-21 18:58 - 00078848 _____ () C:\TMP\_MEI23323\wx._animate.pyd
2014-11-08 15:35 - 2000-01-01 02:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-16 14:51 - 2015-09-12 02:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-16 14:51 - 2015-09-12 02:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\Windows\system32\BrNetSti.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Brnsplg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\BrSNMP64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\BrWi209c.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\BrWiaNCp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NSSRH64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\BrDctF2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\BrDctF2L.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\BrDctF2S.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\BroSNMP.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\brprtink.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NSSearch.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\serscan.sys:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Angielski dla dzieci. Karty obrazkowe. Ĺšwiat wokĂłĹ‚ mnie ( CD).pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Angielski dla dzieci. Karty obrazkowe. Ĺšwiat wokĂłĹ‚ mnie ( CD).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\Can You Make A Happy Face_ .mp3:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Can You Make A Happy Face_ .mp3:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\ea-tests.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\english_explorer_new_teczka_wersja_pelna.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\english_explorer_new_teczka_wersja_pelna.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\lesnik.xlsx:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Mister Maker - Series 2, Episode 18.mp4:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Mister Maker - Series 2, Episode 18.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\Nagranie_1_zad_5.mp3:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Nagranie_1_zad_5.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\Nagranie_2_zad_9.mp3:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Nagranie_2_zad_9.mp3:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\paczka-08-27-1636.zip:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\paczka-08-27-1636.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\podanie pomoce.doc:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\podanie pomoce.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\Podstawy metodyki nauczania języków obcych.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\Podstawy metodyki nauczania języków obcych.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\RozkładIIIsx.csv:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\RozkładIIIsx.csv:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\tb-we4-unit-1.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\tb-we4-unit-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\tests_ea_1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\tests_ea_2.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\tests_ea_starter.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\testyarchiwalnekl23.rar:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Desktop\testyarchiwalnekl23.rar:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Desktop\we-4-cd1-mp3-.zip:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\1 E.xlsx:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\1 E.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\2015-08-08 13.16.42.jpg:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\epanel-setup-1.1.2328.1110.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Faber Adele Mazlish Elaine - Jak mĂłwiÄ‡ ĹĽeby dzieci nas sĹ‚uchaĹ‚y.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Faber Adele Mazlish Elaine - Jak mĂłwiÄ‡ ĹĽeby dzieci nas sĹ‚uchaĹ‚y.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\FRST64 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\FRST64 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Multimedialna_Teczka_Anglisty_SP.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\New_English_Adventure_1_rozklad_60h (1).rtf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\New_English_Adventure_1_rozklad_60h (1).rtf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\New_English_Adventure_1_rozklad_60h.rtf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\New_English_Adventure_1_rozklad_60h.rtf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Plan_rozwoju_zawodowego_nauczyciela_kontraktowego_ubiegajacego_sie_o_stopien_nauczyciela_mianowanego.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Program zajÄ™Ä‡ jÄ™zyka angielskiego podczas Zielonej SzkoĹ‚y w JastrzÄ™biej GĂłrze w roku szkolnym 2013.doc:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\pub4.doc:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\pub4.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Schudnij z Montignakiem 1 czÄ™Ĺ›Ä‡(1).7z:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Schudnij z Montignakiem 1 czÄ™Ĺ›Ä‡(1).7z:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\sciaga-67429.rtf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\sprawozdanie (1).doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\sprawozdanie.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Thanksgiving Crafts.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Thanksgiving Crafts.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\The Cleveland Brown Show - Nightmare on Grace Street.mp4:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\The Food 5.doc:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\The Food 5.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\The Weather (1).ppt:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\The Weather (1).ppt:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\The Weather.ppt:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\The Weather.ppt:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\TinyDM (1).exe.mhqg63j.partial:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\TinyDM.exe.tj2nnjg.partial:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\trendy 01-2014 2.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\trendy 01-2014 2.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Weather bingo.doc:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Weather Sudoku.doc:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Weather Sudoku.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ida\Downloads\Wooden Interior Doors.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ida\Downloads\Wooden Interior Doors.pdf:$CmdZnID

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== EXE - Powiązania (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2289620988-2461808163-2922196830-1000\...\ipla.tv -> hxxp://www.ipla.tv


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2289620988-2461808163-2922196830-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ida\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows - funkcja włączona.

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8D5E9DEA-AE50-4259-B745-45E1D41DE4CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E070EA84-37BE-452F-BB53-53F09CBDF636}] => (Allow) LPort=8501
FirewallRules: [{563EDBE6-E4DB-4EA7-9261-E6F10E49A947}] => (Allow) LPort=8501
FirewallRules: [{94626D2E-C432-46AE-80B0-35F22C0234D1}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{F3C8A1C1-4A75-448B-BF68-D18DB7B4BC98}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2F4516F6-2E34-4768-A4B4-BF758A2EE9A8}] => (Allow) LPort=54925

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (09/21/2015 08:48:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CTLCN BrtCTLCN: [2015/09/21 20:48:04.375]: [00003196]: brccMCtl.exe: ControlCenter3Dlg.cpp (0683)             : -------- Button ID Not Found.

Error: (09/21/2015 07:00:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2015 11:21:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2015 08:18:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2015 08:18:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: igfxHK.exe, wersja: 6.15.10.3958, sygnatura czasowa: 0x54256ccf
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000022a229e
Identyfikator procesu powodującego błąd: 0x128c
Godzina uruchomienia aplikacji powodującej błąd: 0xigfxHK.exe0
Ścieżka aplikacji powodującej błąd: igfxHK.exe1
Ścieżka modułu powodującego błąd: igfxHK.exe2
Identyfikator raportu: igfxHK.exe3

Error: (09/20/2015 09:15:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2015 08:47:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2015 11:09:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: jucheck.exe, wersja: 2.8.60.27, sygnatura czasowa: 0x55c116b1
Nazwa modułu powodującego błąd: jucheck.exe, wersja: 2.8.60.27, sygnatura czasowa: 0x55c116b1
Kod wyjątku: 0x40000015
Przesunięcie błędu: 0x00052d24
Identyfikator procesu powodującego błąd: 0x1474
Godzina uruchomienia aplikacji powodującej błąd: 0xjucheck.exe0
Ścieżka aplikacji powodującej błąd: jucheck.exe1
Ścieżka modułu powodującego błąd: jucheck.exe2
Identyfikator raportu: jucheck.exe3

Error: (09/19/2015 11:09:32 AM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=ec6e7617-f4ca-4d90-ad38-dd603b34fb77&DomainId=50964a88-ab5f-4c91-b70e-66a2eadb5423 (Caused by <class 'socket.gaierror'>: [Errno 11004] getaddrinfo failed)",),))

Error: (09/19/2015 11:09:29 AM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=ec6e7617-f4ca-4d90-ad38-dd603b34fb77&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11004] getaddrinfo failed)",),))


Dziennik System:
=============
Error: (09/21/2015 06:58:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom

Error: (09/20/2015 11:20:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom

Error: (09/20/2015 11:13:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/20/2015 08:17:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom

Error: (09/20/2015 10:14:11 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 20.

Error: (09/20/2015 09:15:23 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/20/2015 09:14:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom

Error: (09/19/2015 08:46:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom

Error: (09/19/2015 11:06:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: 
%%1053

Error: (09/19/2015 11:06:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0.


==================== Statystyki pamięci =========================== 

Procesor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Procent pamięci w użyciu: 71%
Całkowita pamięć fizyczna: 3977.63 MB
Dostępna pamięć fizyczna: 1133.07 MB
Całkowita pamięć wirtualna: 7953.44 MB
Dostępna pamięć wirtualna: 4252.43 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:382.43 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=22.4 GB) - (Type=73)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C2B19F2D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================